|

SSH (Secure Shell)

Bad passphrase with public key authentication

View: New views

3 Messages — Rating Filter: Alert me

	Bad passphrase with public key authentication by Niels Stevens :: Rate this Message: Reply (Restricted by the Administrator) \| View Threaded \| Show Only this Message Hey everybody, I'm having the strangest error using ssh. I'm setting up my server to use public key authentication. I'm using my macbook as a client and my ubuntu server for the ssh server. When at first I didn't succeed to make a connection I tried to connect from my server to my macbook. Just to make sure I wasn't making any stupid mistakes. Now when I tried to connect to my server from my macbook I just won't accept the password for my key. I tried generating and using different keys. I used one without password, one with a simple password 'test'. And still every time again the ssh server is complaining : "bad passphrase given, try again..." . I'm 100% sure it isn't my macbook because I use a ssh key pair to logon my remote subversion server also using a password for the keys. The server is running : OpenSSH_5.3p1 Debian-3ubuntu4, OpenSSL 0.9.8k My macbook is running : OpenSSH_5.2p1, OpenSSL 0.9.8l 5 Nov 2009 Could any body help me I'm really desperate at this moment. This is the sshd_config file from my server : ### Networking options ### #standard port Port 22 # Restrict to listen only ipv4 inet = IPv4, inet6 = IPv6 any = both #AddressFamily inet # Listen only to this interface ListenAddress 192.168.1.50 # Only use protocol 2 Protocol 2 # Disable XForwarding X11Forwarding no # Disable TCPKeepAlive and use ClientAliveInterval instead to prevent TCP Spoofing attacks TCPKeepAlive no ClientAliveInterval 600 ClientAliveCountMax 3 ### Networking options ### ### Key Configurations ### # HostKeys for protocol version 2 HostKey /etc/ssh/ssh_host_rsa_key HostKey /etc/ssh/ssh_host_dsa_key #Privilege Separation is turned on for security UsePrivilegeSeparation yes # Use public key authentication PubkeyAuthentication yes AuthorizedKeysFile %h/.ssh/authorized_keys2 # Disable black listed key usage (update your keys!) PermitBlacklistedKeys no #### Key Configuration #### #### Authentication #### # Whitelist allowed users # AllowUsers user1 user2 # Two minutes to enter your key passphrase LoginGraceTime 120 # No root login PermitRootLogin yes # Force permissions checks on keyfiles and directories StrictModes yes # Don't read the user's ~/.rhosts and ~/.shosts files IgnoreRhosts yes # similar for protocol version 2 HostbasedAuthentication no # Don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication IgnoreUserKnownHosts yes # To enable empty passwords, change to yes (NOT RECOMMENDED) PermitEmptyPasswords no # Disable challenge and response auth. Unessisary when using keys ChallengeResponseAuthentication yes # Disable the use of passwords completly, only use public/private keys PasswordAuthentication yes # Using keys, no need for PAM. Also allows SSHD to be run as a non-root user UsePAM no # Don't use login(1) UseLogin no #### Authentication #### #### Misc #### # Logging SyslogFacility AUTH LogLevel DEBUG3 # Print the last time the user logged in PrintLastLog yes PrintMotd yes MaxAuthTries 4 MaxStartups 10:30:60 # Display login banner Banner /etc/issue.net # Allow client to pass locale environment variables AcceptEnv LANG LC_* Subsystem sftp /usr/lib/openssh/sftp-server #### Misc #### This is the output I got when running in debug : debug1: Reading configuration data /etc/ssh_config debug1: Applying options for * debug1: /etc/ssh_config line 6: Deprecated option "RhostsAuthentication" debug1: /etc/ssh_config line 10: Deprecated option "FallBackToRsh" debug1: /etc/ssh_config line 11: Deprecated option "UseRsh" debug2: ssh_connect: needpriv 0 debug1: Connecting to niels.is-a-player.com [94.226.16.213] port 3002. debug1: Connection established. debug3: Not a RSA1 key file server_rsa_macbook.pub. debug1: identity file server_rsa_macbook.pub type 1 debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3p1 Debian-3ubuntu4 debug1: match: OpenSSH_5.3p1 Debian-3ubuntu4 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_5.2 debug2: fd 3 setting O_NONBLOCK debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: ssh-rsa,ssh-dss debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@... debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@... debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@...,hmac-ripemd160,hmac-ripemd160@...,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@...,hmac-ripemd160,hmac-ripemd160@...,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: none,zlib@...,zlib debug2: kex_parse_kexinit: none,zlib@...,zlib debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: ssh-rsa,ssh-dss debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@... debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@... debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@...,hmac-ripemd160,hmac-ripemd160@...,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@...,hmac-ripemd160,hmac-ripemd160@...,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: none,zlib@... debug2: kex_parse_kexinit: none,zlib@... debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: mac_setup: found hmac-md5 debug1: kex: server->client aes128-ctr hmac-md5 none debug2: mac_setup: found hmac-md5 debug1: kex: client->server aes128-ctr hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug2: dh_gen_key: priv key bits set: 116/256 debug2: bits set: 511/1024 debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug3: put_host_port: [94.226.16.213]:3002 debug3: put_host_port: [niels.is-a-player.com]:3002 debug3: check_host_in_hostfile: filename /Users/niels/.ssh/known_hosts debug3: check_host_in_hostfile: match line 7 debug3: check_host_in_hostfile: filename /Users/niels/.ssh/known_hosts debug3: check_host_in_hostfile: match line 7 debug1: Host '[niels.is-a-player.com]:3002' is known and matches the RSA host key. debug1: Found key in /Users/niels/.ssh/known_hosts:7 debug2: bits set: 528/1024 debug1: ssh_rsa_verify: signature correct debug2: kex_derive_keys debug2: set_newkeys: mode 1 debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug2: set_newkeys: mode 0 debug1: SSH2_MSG_NEWKEYS received debug1: SSH2_MSG_SERVICE_REQUEST sent debug2: service_accept: ssh-userauth debug1: SSH2_MSG_SERVICE_ACCEPT received debug2: key: /Users/niels/.ssh/id_rsa (0x100126e70) debug2: key: server_rsa_macbook.pub (0x100125b50) debug3: input_userauth_banner Ubuntu 10.04.1 LTS debug1: Authentications that can continue: publickey,password,keyboard-interactive debug3: start over, passed a different list publickey,password,keyboard-interactive debug3: preferred publickey,keyboard-interactive,password debug3: authmethod_lookup publickey debug3: remaining preferred: keyboard-interactive,password debug3: authmethod_is_enabled publickey debug1: Next authentication method: publickey debug1: Offering public key: /Users/niels/.ssh/id_rsa debug3: send_pubkey_test debug2: we sent a publickey packet, wait for reply debug1: Authentications that can continue: publickey,password,keyboard-interactive debug1: Offering public key: server_rsa_macbook.pub debug3: send_pubkey_test debug2: we sent a publickey packet, wait for reply debug1: Server accepts key: pkalg ssh-rsa blen 277 debug2: input_userauth_pk_ok: fp c2:40:6c:ec:df:23:0c:72:8b:e4:15:2e:d7:91:0c:c2 debug3: sign_and_send_pubkey debug1: PEM_read_PrivateKey failed debug1: read PEM private key done: type <unknown> debug3: Not a RSA1 key file server_rsa_macbook.pub. debug1: PEM_read_PrivateKey failed debug1: read PEM private key done: type <unknown> debug1: PEM_read_PrivateKey failed debug1: read PEM private key done: type <unknown> debug2: bad passphrase given, try again... debug3: Not a RSA1 key file server_rsa_macbook.pub. debug1: PEM_read_PrivateKey failed debug1: read PEM private key done: type <unknown> debug1: PEM_read_PrivateKey failed debug1: read PEM private key done: type <unknown> debug2: bad passphrase given, try again... debug3: Not a RSA1 key file server_rsa_macbook.pub. debug1: PEM_read_PrivateKey failed debug1: read PEM private key done: type <unknown> debug1: PEM_read_PrivateKey failed debug1: read PEM private key done: type <unknown> debug2: bad passphrase given, try again... debug2: we did not send a packet, disable method debug3: authmethod_lookup keyboard-interactive debug3: remaining preferred: password debug3: authmethod_is_enabled keyboard-interactive debug1: Next authentication method: keyboard-interactive debug2: userauth_kbdint debug2: we sent a keyboard-interactive packet, wait for reply debug1: Authentications that can continue: publickey,password,keyboard-interactive debug3: userauth_kbdint: disable: no info_req_seen debug2: we did not send a packet, disable method debug3: authmethod_lookup password debug3: remaining preferred: debug3: authmethod_is_enabled password debug1: Next authentication method: password The auth.log file has this output : Dec 29 18:59:09 ubuntu server sshd[20120]: debug3: fd 4 is not O_NONBLOCK Dec 29 18:59:09 ubuntu server sshd[20120]: debug1: Forked child 4632. Dec 29 18:59:09 ubuntu server sshd[20120]: debug3: send_rexec_state: entering fd = 7 config len 816 Dec 29 18:59:09 ubuntu server sshd[20120]: debug3: ssh_msg_send: type 0 Dec 29 18:59:09 ubuntu server sshd[20120]: debug3: send_rexec_state: done Dec 29 18:59:09 ubuntu server sshd[4632]: debug1: rexec start in 4 out 4 newsock 4 pipe 6 sock 7 Dec 29 18:59:09 ubuntu server sshd[4632]: debug1: inetd sockets after dupping: 3, 3 Dec 29 18:59:09 ubuntu server sshd[4632]: Connection from 192.168.1.105 port 63810 Dec 29 18:59:09 ubuntu server sshd[4632]: debug1: Client protocol version 2.0; client software version OpenSSH_5.2 Dec 29 18:59:09 ubuntu server sshd[4632]: debug1: match: OpenSSH_5.2 pat OpenSSH* Dec 29 18:59:09 ubuntu server sshd[4632]: debug1: Enabling compatibility mode for protocol 2.0 Dec 29 18:59:09 ubuntu server sshd[4632]: debug1: Local version string SSH-2.0-OpenSSH_5.3p1 Debian-3ubuntu4 Dec 29 18:59:09 ubuntu server sshd[4632]: debug2: fd 3 setting O_NONBLOCK Dec 29 18:59:09 ubuntu server sshd[4632]: debug2: Network child is on pid 4633 debug2: channel 0: window 995147 sent adjust 53429 Dec 29 18:59:09 ubuntu server sshd[4632]: debug3: preauth child monitor started Dec 29 18:59:09 ubuntu server sshd[4632]: debug3: mm_request_receive entering Dec 29 18:59:09 ubuntu server sshd[4632]: debug3: monitor_read: checking request 0 Dec 29 18:59:09 ubuntu server sshd[4632]: debug3: mm_answer_moduli: got parameters: 1024 1024 8192 Dec 29 18:59:09 ubuntu server sshd[4632]: debug3: mm_request_send entering: type 1 Dec 29 18:59:09 ubuntu server sshd[4632]: debug2: monitor_read: 0 used once, disabling now Dec 29 18:59:09 ubuntu server sshd[4632]: debug3: mm_request_receive entering Dec 29 18:59:09 ubuntu server sshd[4632]: debug3: monitor_read: checking request 5 Dec 29 18:59:09 ubuntu server sshd[4632]: debug3: mm_answer_sign Dec 29 18:59:09 ubuntu server sshd[4632]: debug3: mm_answer_sign: signature 0x7feb26424e30(271) Dec 29 18:59:09 ubuntu server sshd[4632]: debug3: mm_request_send entering: type 6 Dec 29 18:59:09 ubuntu server sshd[4632]: debug2: monitor_read: 5 used once, disabling now Dec 29 18:59:09 ubuntu server sshd[4632]: debug3: mm_request_receive entering Dec 29 18:59:09 ubuntu server sshd[4632]: debug3: monitor_read: checking request 7 Dec 29 18:59:09 ubuntu server sshd[4632]: debug3: mm_answer_pwnamallow Dec 29 18:59:09 ubuntu server sshd[4632]: debug3: Trying to reverse map address 192.168.1.105. Dec 29 18:59:09 ubuntu server sshd[4632]: debug2: parse_server_config: config reprocess config len 816 Dec 29 18:59:09 ubuntu server sshd[4632]: debug3: auth_shadow_acctexpired: today 14972 sp_expire -1 days left -14973 Dec 29 18:59:09 ubuntu server sshd[4632]: debug3: account expiration disabled Dec 29 18:59:09 ubuntu server sshd[4632]: debug3: mm_answer_pwnamallow: sending MONITOR_ANS_PWNAM: 1 Dec 29 18:59:09 ubuntu server sshd[4632]: debug3: mm_request_send entering: type 8 Dec 29 18:59:09 ubuntu server sshd[4632]: debug2: monitor_read: 7 used once, disabling now Dec 29 18:59:09 ubuntu server sshd[4632]: debug3: mm_request_receive entering Dec 29 18:59:09 ubuntu server sshd[4632]: debug3: monitor_read: checking request 3 Dec 29 18:59:09 ubuntu server sshd[4632]: debug3: mm_answer_authserv: service=ssh-connection, style=, role= Dec 29 18:59:09 ubuntu server sshd[4632]: debug2: monitor_read: 3 used once, disabling now Dec 29 18:59:09 ubuntu server sshd[4632]: debug3: mm_request_receive entering Dec 29 18:59:09 ubuntu server sshd[4632]: debug3: monitor_read: checking request 9 Dec 29 18:59:09 ubuntu server sshd[4632]: debug3: mm_request_send entering: type 10 Dec 29 18:59:09 ubuntu server sshd[4632]: debug2: monitor_read: 9 used once, disabling now Dec 29 18:59:09 ubuntu server sshd[4632]: debug3: mm_request_receive entering Dec 29 18:59:09 ubuntu server sshd[4632]: debug3: monitor_read: checking request 11 Dec 29 18:59:09 ubuntu server sshd[4632]: debug3: mm_answer_authpassword: sending result 0 Dec 29 18:59:09 ubuntu server sshd[4632]: debug3: mm_request_send entering: type 12 Dec 29 18:59:09 ubuntu server sshd[4632]: Failed none for niels from 192.168.1.105 port 63810 ssh2 Dec 29 18:59:09 ubuntu server sshd[4632]: debug3: mm_request_receive entering Dec 29 18:59:09 ubuntu server sshd[4632]: debug3: monitor_read: checking request 21 Dec 29 18:59:09 ubuntu server sshd[4632]: debug3: mm_answer_keyallowed entering Dec 29 18:59:09 ubuntu server sshd[4632]: debug3: mm_answer_keyallowed: key_from_blob: 0x7feb26423ae0 Dec 29 18:59:09 ubuntu server sshd[4632]: debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048 Dec 29 18:59:09 ubuntu server sshd[4632]: debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048 Dec 29 18:59:09 ubuntu server sshd[4632]: debug1: temporarily_use_uid: 1000/1000 (e=0/0) Dec 29 18:59:09 ubuntu server sshd[4632]: debug1: trying public key file /home/niels/.ssh/authorized_keys2 Dec 29 18:59:09 ubuntu server sshd[4632]: debug1: fd 4 clearing O_NONBLOCK Dec 29 18:59:09 ubuntu server sshd[4632]: debug3: secure_filename: checking '/home/niels/.ssh' Dec 29 18:59:09 ubuntu server sshd[4632]: debug3: secure_filename: checking '/home/niels' Dec 29 18:59:09 ubuntu server sshd[4632]: debug3: secure_filename: terminating check at '/home/niels' Dec 29 18:59:09 ubuntu server sshd[4632]: debug1: restore_uid: 0/0 Dec 29 18:59:09 ubuntu server sshd[4632]: debug2: key not found Dec 29 18:59:09 ubuntu server sshd[4632]: debug1: temporarily_use_uid: 1000/1000 (e=0/0) Dec 29 18:59:09 ubuntu server sshd[4632]: debug1: trying public key file /home/niels/.ssh/authorized_keys2 Dec 29 18:59:09 ubuntu server sshd[4632]: debug1: fd 4 clearing O_NONBLOCK Dec 29 18:59:09 ubuntu server sshd[4632]: debug3: secure_filename: checking '/home/niels/.ssh' Dec 29 18:59:09 ubuntu server sshd[4632]: debug3: secure_filename: checking '/home/niels' Dec 29 18:59:09 ubuntu server sshd[4632]: debug3: secure_filename: terminating check at '/home/niels' Dec 29 18:59:09 ubuntu server sshd[4632]: debug1: restore_uid: 0/0 Dec 29 18:59:09 ubuntu server sshd[4632]: debug2: key not found Dec 29 18:59:09 ubuntu server sshd[4632]: Failed publickey for niels from 192.168.1.105 port 63810 ssh2 Dec 29 18:59:09 ubuntu server sshd[4632]: debug3: mm_answer_keyallowed: key 0x7feb26423ae0 is not allowed Dec 29 18:59:09 ubuntu server sshd[4632]: debug3: mm_request_send entering: type 22 Dec 29 18:59:09 ubuntu server sshd[4632]: debug3: mm_request_receive entering Dec 29 18:59:09 ubuntu server sshd[4632]: debug3: monitor_read: checking request 11 Dec 29 18:59:09 ubuntu server sshd[4632]: debug3: mm_answer_authpassword: sending result 0 Dec 29 18:59:09 ubuntu server sshd[4632]: debug3: mm_request_send entering: type 12 Dec 29 18:59:09 ubuntu server sshd[4632]: Failed password for niels from 192.168.1.105 port 63810 ssh2 Dec 29 18:59:09 ubuntu server sshd[4632]: debug3: mm_request_receive entering Dec 29 18:59:09 ubuntu server sshd[4632]: debug3: monitor_read: checking request 11 Dec 29 18:59:09 ubuntu server sshd[4632]: debug3: mm_answer_authpassword: sending result 0 Dec 29 18:59:09 ubuntu server sshd[4632]: debug3: mm_request_send entering: type 12 Dec 29 18:59:09 ubuntu server sshd[4632]: Failed password for niels from 192.168.1.105 port 63810 ssh2 Dec 29 18:59:09 ubuntu server sshd[4632]: debug3: mm_request_receive entering Dec 29 18:59:09 ubuntu server sshd[4632]: debug1: do_cleanup Dec 29 18:59:12 ubuntu server sshd[20120]: debug3: fd 4 is not O_NONBLOCK Dec 29 18:59:12 ubuntu server sshd[20120]: debug1: Forked child 4634. Dec 29 18:59:12 ubuntu server sshd[20120]: debug3: send_rexec_state: entering fd = 7 config len 816 Dec 29 18:59:12 ubuntu server sshd[20120]: debug3: ssh_msg_send: type 0 Dec 29 18:59:12 ubuntu server sshd[20120]: debug3: send_rexec_state: done Dec 29 18:59:12 ubuntu server sshd[4634]: debug1: rexec start in 4 out 4 newsock 4 pipe 6 sock 7 Dec 29 18:59:12 ubuntu server sshd[4634]: debug1: inetd sockets after dupping: 3, 3 Dec 29 18:59:12 ubuntu server sshd[4634]: Connection from 94.226.16.213 port 63812 Dec 29 18:59:12 ubuntu server sshd[4634]: debug1: Client protocol version 2.0; client software version OpenSSH_5.2 Dec 29 18:59:12 ubuntu server sshd[4634]: debug1: match: OpenSSH_5.2 pat OpenSSH* Dec 29 18:59:12 ubuntu server sshd[4634]: debug1: Enabling compatibility mode for protocol 2.0 Dec 29 18:59:12 ubuntu server sshd[4634]: debug1: Local version string SSH-2.0-OpenSSH_5.3p1 Debian-3ubuntu4 Dec 29 18:59:12 ubuntu server sshd[4634]: debug2: fd 3 setting O_NONBLOCK Dec 29 18:59:12 ubuntu server sshd[4634]: debug2: Network child is on pid 4635 Dec 29 18:59:12 ubuntu server sshd[4634]: debug3: preauth child monitor started Dec 29 18:59:12 ubuntu server sshd[4634]: debug3: mm_request_receive entering Dec 29 18:59:12 ubuntu server sshd[4634]: debug3: monitor_read: checking request 0 Dec 29 18:59:12 ubuntu server sshd[4634]: debug3: mm_answer_moduli: got parameters: 1024 1024 8192 Dec 29 18:59:12 ubuntu server sshd[4634]: debug3: mm_request_send entering: type 1 Dec 29 18:59:12 ubuntu server sshd[4634]: debug2: monitor_read: 0 used once, disabling now Dec 29 18:59:12 ubuntu server sshd[4634]: debug3: mm_request_receive entering Dec 29 18:59:12 ubuntu server sshd[4634]: debug3: monitor_read: checking request 5 Dec 29 18:59:12 ubuntu server sshd[4634]: debug3: mm_answer_sign Dec 29 18:59:12 ubuntu server sshd[4634]: debug3: mm_answer_sign: signature 0x7f670f384e30(271) Dec 29 18:59:12 ubuntu server sshd[4634]: debug3: mm_request_send entering: type 6 Dec 29 18:59:12 ubuntu server sshd[4634]: debug2: monitor_read: 5 used once, disabling now Dec 29 18:59:12 ubuntu server sshd[4634]: debug3: mm_request_receive entering Dec 29 18:59:12 ubuntu server sshd[4634]: debug3: monitor_read: checking request 7 Dec 29 18:59:12 ubuntu server sshd[4634]: debug3: mm_answer_pwnamallow Dec 29 18:59:12 ubuntu server sshd[4634]: debug3: Trying to reverse map address 94.226.16.213. Dec 29 18:59:12 ubuntu server sshd[4634]: debug2: parse_server_config: config reprocess config len 816 Dec 29 18:59:12 ubuntu server sshd[4634]: debug3: auth_shadow_acctexpired: today 14972 sp_expire -1 days left -14973 Dec 29 18:59:12 ubuntu server sshd[4634]: debug3: account expiration disabled Dec 29 18:59:12 ubuntu server sshd[4634]: debug3: mm_answer_pwnamallow: sending MONITOR_ANS_PWNAM: 1 Dec 29 18:59:12 ubuntu server sshd[4634]: debug3: mm_request_send entering: type 8 Dec 29 18:59:12 ubuntu server sshd[4634]: debug2: monitor_read: 7 used once, disabling now Dec 29 18:59:12 ubuntu server sshd[4634]: debug3: mm_request_receive entering Dec 29 18:59:12 ubuntu server sshd[4634]: debug3: monitor_read: checking request 3 Dec 29 18:59:12 ubuntu server sshd[4634]: debug3: mm_answer_authserv: service=ssh-connection, style=, role= Dec 29 18:59:12 ubuntu server sshd[4634]: debug2: monitor_read: 3 used once, disabling now Dec 29 18:59:12 ubuntu server sshd[4634]: debug3: mm_request_receive entering Dec 29 18:59:12 ubuntu server sshd[4634]: debug3: monitor_read: checking request 9 Dec 29 18:59:12 ubuntu server sshd[4634]: debug3: mm_request_send entering: type 10 Dec 29 18:59:12 ubuntu server sshd[4634]: debug2: monitor_read: 9 used once, disabling now Dec 29 18:59:12 ubuntu server sshd[4634]: debug3: mm_request_receive entering Dec 29 18:59:12 ubuntu server sshd[4634]: debug3: monitor_read: checking request 11 Dec 29 18:59:12 ubuntu server sshd[4634]: debug3: mm_answer_authpassword: sending result 0 Dec 29 18:59:12 ubuntu server sshd[4634]: debug3: mm_request_send entering: type 12 Dec 29 18:59:12 ubuntu server sshd[4634]: Failed none for niels from 94.226.16.213 port 63812 ssh2 Dec 29 18:59:12 ubuntu server sshd[4634]: debug3: mm_request_receive entering Dec 29 18:59:12 ubuntu server sshd[4634]: debug3: monitor_read: checking request 21 Dec 29 18:59:12 ubuntu server sshd[4634]: debug3: mm_answer_keyallowed entering Dec 29 18:59:12 ubuntu server sshd[4634]: debug3: mm_answer_keyallowed: key_from_blob: 0x7f670f383ab0 Dec 29 18:59:12 ubuntu server sshd[4634]: debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048 Dec 29 18:59:12 ubuntu server sshd[4634]: debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048 Dec 29 18:59:12 ubuntu server sshd[4634]: debug1: temporarily_use_uid: 1000/1000 (e=0/0) Dec 29 18:59:12 ubuntu server sshd[4634]: debug1: trying public key file /home/niels/.ssh/authorized_keys2 Dec 29 18:59:12 ubuntu server sshd[4634]: debug1: fd 4 clearing O_NONBLOCK Dec 29 18:59:12 ubuntu server sshd[4634]: debug3: secure_filename: checking '/home/niels/.ssh' Dec 29 18:59:12 ubuntu server sshd[4634]: debug3: secure_filename: checking '/home/niels' Dec 29 18:59:12 ubuntu server sshd[4634]: debug3: secure_filename: terminating check at '/home/niels' Dec 29 18:59:12 ubuntu server sshd[4634]: debug1: restore_uid: 0/0 Dec 29 18:59:12 ubuntu server sshd[4634]: debug2: key not found Dec 29 18:59:12 ubuntu server sshd[4634]: debug1: temporarily_use_uid: 1000/1000 (e=0/0) Dec 29 18:59:12 ubuntu server sshd[4634]: debug1: trying public key file /home/niels/.ssh/authorized_keys2 Dec 29 18:59:12 ubuntu server sshd[4634]: debug1: fd 4 clearing O_NONBLOCK Dec 29 18:59:12 ubuntu server sshd[4634]: debug3: secure_filename: checking '/home/niels/.ssh' Dec 29 18:59:12 ubuntu server sshd[4634]: debug3: secure_filename: checking '/home/niels' Dec 29 18:59:12 ubuntu server sshd[4634]: debug3: secure_filename: terminating check at '/home/niels' Dec 29 18:59:12 ubuntu server sshd[4634]: debug1: restore_uid: 0/0 Dec 29 18:59:12 ubuntu server sshd[4634]: debug2: key not found Dec 29 18:59:12 ubuntu server sshd[4634]: Failed publickey for niels from 94.226.16.213 port 63812 ssh2 Dec 29 18:59:12 ubuntu server sshd[4634]: debug3: mm_answer_keyallowed: key 0x7f670f383ab0 is not allowed Dec 29 18:59:12 ubuntu server sshd[4634]: debug3: mm_request_send entering: type 22 Dec 29 18:59:12 ubuntu server sshd[4634]: debug3: mm_request_receive entering Dec 29 18:59:12 ubuntu server sshd[4634]: debug3: monitor_read: checking request 21 Dec 29 18:59:12 ubuntu server sshd[4634]: debug3: mm_answer_keyallowed entering Dec 29 18:59:12 ubuntu server sshd[4634]: debug3: mm_answer_keyallowed: key_from_blob: 0x7f670f383a70 Dec 29 18:59:12 ubuntu server sshd[4634]: debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048 Dec 29 18:59:12 ubuntu server sshd[4634]: debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048 Dec 29 18:59:12 ubuntu server sshd[4634]: debug1: temporarily_use_uid: 1000/1000 (e=0/0) Dec 29 18:59:12 ubuntu server sshd[4634]: debug1: trying public key file /home/niels/.ssh/authorized_keys2 Dec 29 18:59:12 ubuntu server sshd[4634]: debug1: fd 4 clearing O_NONBLOCK Dec 29 18:59:12 ubuntu server sshd[4634]: debug3: secure_filename: checking '/home/niels/.ssh' Dec 29 18:59:12 ubuntu server sshd[4634]: debug3: secure_filename: checking '/home/niels' Dec 29 18:59:12 ubuntu server sshd[4634]: debug3: secure_filename: terminating check at '/home/niels' Dec 29 18:59:12 ubuntu server sshd[4634]: debug1: matching key found: file /home/niels/.ssh/authorized_keys2, line 3 Dec 29 18:59:12 ubuntu server sshd[4634]: Found matching RSA key: c2:40:6c:ec:df:23:0c:72:8b:e4:15:2e:d7:91:0c:c2 Dec 29 18:59:12 ubuntu server sshd[4634]: debug1: restore_uid: 0/0 Dec 29 18:59:12 ubuntu server sshd[4634]: debug3: mm_answer_keyallowed: key 0x7f670f383a70 is allowed Dec 29 18:59:12 ubuntu server sshd[4634]: debug3: mm_request_send entering: type 22 Dec 29 18:59:12 ubuntu server sshd[4634]: debug3: mm_request_receive entering Thanks a lot in advance. Kind regards, Niels Stevens
	Re: Bad passphrase with public key authentication by Greg Wooledge :: Rate this Message: Reply (Restricted by the Administrator) \| View Threaded \| Show Only this Message On Wed, Dec 29, 2010 at 07:02:48PM +0100, Niels Stevens wrote: > I tried generating and using different keys. > > And still every time again the ssh server is complaining : "bad passphrase given, try again..." . First of all, it's the client that says that, not the server. The server never sees the passphrase you use for your private key. (It never sees the actual private key, either.) This problem is most likely caused by an ssh-agent caching the original key's passphrase and attempting to use that on the new key. Either disable the agent, or restart it (which probably means restarting your login session).
	Re: Bad passphrase with public key authentication by Niels Stevens :: Rate this Message: Reply (Restricted by the Administrator) \| View Threaded \| Show Only this Message Thanks a lot, a stupid reboot from my mac and everything was working just fine ! Strange though, I booted up a vm of backtrack and tried connecting from their and it had the same problem. Kind regards, Niels Stevens Op 29-dec-2010, om 22:04 heeft Greg Wooledge het volgende geschreven: > On Wed, Dec 29, 2010 at 07:02:48PM +0100, Niels Stevens wrote: >> I tried generating and using different keys. >> >> And still every time again the ssh server is complaining : "bad passphrase given, try again..." . > > First of all, it's the client that says that, not the server. The server > never sees the passphrase you use for your private key. (It never sees > the actual private key, either.) > > This problem is most likely caused by an ssh-agent caching the original > key's passphrase and attempting to use that on the new key. Either > disable the agent, or restart it (which probably means restarting your > login session).