Ken Moffat wrote:
> On Tue, Apr 02, 2013 at 09:43:15PM -0500, Bruce Dubbs wrote:
>> Ken Moffat wrote:
>>> ~/,ssh/ contains id_dsa{,.pub} which seems to be working.
>>
>> I think that depends on the config files. What do you have on the server
>> for /etc/ssh/sshd_config (6.2p1). I have:
>>
>> PermitRootLogin no
>> AuthorizedKeysFile .ssh/authorized_keys
>> X11Forwarding yes
>> Subsystem sftp /usr/lib/openssh/sftp-server
>>
>> for ~/.ssh/config (6.0p1):
>>
>> Host *
>> ServerAliveInterval 45
>> ServerAliveCountMax 10
>> Protocol 2
>> ForwardX11 yes
>> ForwardX11Trusted yes
>>
>> -----
>>
>> Try ssh -v ken@milliways
> Thanks, Bruce. On the server [ 6.0p1 ] I have
> AuthorizedKeysFile .ssh/authorized_keys
This means nothing on the server. Is it in /etc/ssh/sshd_cpnfig?
> Subsystem sftp /usr/sbin/sftp-server
> PermitRootLogin no
>
> On the desktop I don't have any config in ~/.ssh/
That's optional. In many cases I needed to log on as a different user
and sometimes had issues with networrk timeouts (ServerAlive*). I like
to disable sshv1 also since it's not secure.
> ssh -v gives me a lot of information, finishing with
> debug1: Next authentication method: publickey
> debug1: Trying private key: /home/ken/.ssh/id_rsa
See
http://security.stackexchange.com/questions/5096/rsa-vs-dsa-for-ssh-authentication-keys
Be sure to read the responses.
I use dsa because of the the (now obsolete) patent issues and I don't
need to change for my purposes.
> no such identity: /home/ken/.ssh/id_rsa: No such file or directory
> debug1: Offering DSA public key: /home/ken/.ssh/id_dsa
It looks like that's not being accepted. Do you have id_dsa.pub in the
remote ~/.ssh/authorized_keys?
> Should I have a config in ~/.ssh ?
Maybe. It depends on what is needed.
> I've been upgrading for years
> now (I was going to say "since time immemorial" but in the UK, at
> least according to wikipedia, that means "Time whereof the Memory of
> Man runneth not to the contrary." (paraphrased as 20 years) - I had
> a feeling it meant since some time in the 1400s or 1500s - whatever,
> I've only been using linux since the end of 1999, and I've only been
> _here_ for a bit less than that - and this is the first time that I
> think I've seen those id_rsa and id_ecdsa messages.
ecdsa (elliptic curve dsa) is new. I don't know why you get the extra
messages. When I look at the latest source
$ grep -r "no such identity" *
sshconnect2.c: debug3("no such identity: %s", filename);
is the only place I can find that message.
-- Bruce
--
http://linuxfromscratch.org/mailman/listinfo/blfs-support
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page
