On Thursday 31 May 2007 07:42, Mick wrote: > On Wednesday 30 May 2007 21:42, Mauro Faccenda wrote: > > On Wednesday 30 May 2007 16:57, Mick wrote: > > > I find it confusing. First of all I do not have a id_rsa. > > > > it tries the default keys (id_rsa or id_dsa), if exists. > > id_rsa does not exist in my local /home/michael/.ssh/ only id_dsa is there > and the public key that I have saved in /home/mic/.ssh/authorized_keys on > the server is my corresponding id_dsa.pub. > > > if you don't want > > it to try it, you can use the -i parameter to ssh pointing to your > > private key (ssh -i ~/.ssh/id_dsa <user>@<server>), > > Trying with the -i option also fails: > ====================================== > $ ssh -v -p 22 -i /home/michael/.ssh/id_dsa mick@<blah-blah> > [snip] > debug1: Found key in /home/michael/.ssh/known_hosts:18 > debug1: ssh_rsa_verify: signature correct > debug1: Enabling compression at level 6. > debug1: SSH2_MSG_NEWKEYS sent > debug1: expecting SSH2_MSG_NEWKEYS > debug1: SSH2_MSG_NEWKEYS received > debug1: SSH2_MSG_SERVICE_REQUEST sent > debug1: SSH2_MSG_SERVICE_ACCEPT received > debug1: Authentications that can continue: > publickey,gssapi-with-mic,password debug1: Next authentication method: > publickey > debug1: Offering public key: /home/michael/.ssh/id_dsa > debug1: Authentications that can continue: > publickey,gssapi-with-mic,password debug1: Next authentication method: > password > ======================================
that's strange. which version of openssh do you use in the server and the client? mine: client: OpenSSH_4.5p1 server: OpenSSH_4.4p1 here mine output doing ssh to a server with only key authentication enabled: i don't have the id_dsa.pub in my local machine too. ======================================= debug1: Found key in /home/faccenda/.ssh/known_hosts:8 debug1: ssh_rsa_verify: signature correct debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: SSH2_MSG_SERVICE_REQUEST sent debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey debug1: Next authentication method: publickey debug1: Trying private key: id_dsa debug1: PEM_read_PrivateKey failed debug1: read PEM private key done: type <unknown> Enter passphrase for key 'id_dsa': ======================================= the failed part was because my key is password protected, so it asks me. > That's right, so why does it: > ====================================== > debug1: Trying private key: /home/michael/.ssh/id_rsa <--this doesn't exist > debug1: Offering public key: /home/michael/.ssh/id_dsa <--this is my > private key > ====================================== i didn't noticed this line... really strange. how your id_dsa was created? is it corrupted or does it has a public key on it instead? you should try creating your key pair again with: $ ssh-keygen -t dsa i would like to see the content of this file (or, at least the "headers"), but its a PRIVATE key. ;) the "headers" of mine: -----BEGIN DSA PRIVATE KEY----- Proc-Type: 4,ENCRYPTED DEK-Info: DES-EDE3-CBC,933FEB2C1C691496 > > > PS. Not sure if this is relevant but although my user name on the > > > server is mick, for reasons better known to him the sysadmin has > > > created my home directory as /home/mic - could it be that sshd is > > > looking for /home/mick? > > > > that messages isn't from the server, is from client running locally. but > > it doesnt matter for what you want. > > It matters if the server is trying to find id_dsa.pub in a non-existing > directory. but as i said, that message isn't from the server. being a redhat, i suppose that it uses redhat with more less the default configuration, that tries to read your public key on your user home in the server (~/.ssh/authorized_users or ~/.ssh/authorized_users2). and openssh knows where to look at. even when the home of the user isn't the default which is your case, right? hope it helps, .m -- [EMAIL PROTECTED] mailing list