-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Habilitou a opção "PermitEmptyPasswords" no sshd_config?
Em 27/4/2010 15:22, Leonardo Carneiro - Veltrac escreveu: > Já fiz troca de chaves um bilhão de vezes, mas por algum motivo, > essa vez estou tendo problemas. Estou enviando a chave de um > servidor Debian Lenny para um host Ubuntu Karmic Koala para que o > Debian possa logar no Ubuntu sem senha. Segue o procedimento: > > kody:~# ssh-keygen -b 4096 -t rsa > kody:~# ssh-copy-id -i ~/.ssh/id_rsa.pub usua...@maquina_ubuntu > > Entro com a senha da máquina ubuntu, e teoricamente era pra estar > tudo certo. Porém, ao tentar logar na máquina ubuntu, o ssh continua > pedindo a senha (mesmo tendo deixado a senha em branco no comando > ssh-keygen). Segue o debug do ssh > > > kody:~# ssh -vvv usua...@ubuntu_ip > OpenSSH_5.1p1 Debian-5, OpenSSL 0.9.8g 19 Oct 2007 > debug1: Reading configuration data /etc/ssh/ssh_config > debug1: Applying options for * debug2: > ssh_connect: needpriv 0 debug1: Connecting to > 192.168.1.107 [192.168.1.107] port 22. > debug1: Connection established. debug1: > permanently_set_uid: 0/0 debug1: identity > file /root/.ssh/identity type -1 debug3: Not a RSA1 key > file /root/.ssh/id_rsa. debug2: key_type_from_name: > unknown key type '-----BEGIN' debug3: key_read: missing > keytype debug3: key_read: missing > whitespace debug3: key_read: missing > whitespace debug3: key_read: missing > whitespace debug3: key_read: missing > whitespace debug3: key_read: missing > whitespace debug3: key_read: missing > whitespace debug3: key_read: missing > whitespace debug3: key_read: missing > whitespace debug3: key_read: missing > whitespace debug3: key_read: missing > whitespace debug3: key_read: missing > whitespace debug3: key_read: missing > whitespace debug3: key_read: missing > whitespace debug3: key_read: missing > whitespace debug3: key_read: missing > whitespace debug3: key_read: missing > whitespace debug3: key_read: missing > whitespace debug3: key_read: missing > whitespace debug3: key_read: missing > whitespace debug3: key_read: missing > whitespace debug3: key_read: missing > whitespace debug3: key_read: missing > whitespace debug3: key_read: missing > whitespace debug3: key_read: missing > whitespace debug3: key_read: missing > whitespace debug3: key_read: missing > whitespace debug3: key_read: missing > whitespace debug3: key_read: missing > whitespace debug3: key_read: missing > whitespace debug3: key_read: missing > whitespace debug3: key_read: missing > whitespace debug3: key_read: missing > whitespace debug3: key_read: missing > whitespace debug3: key_read: missing > whitespace debug3: key_read: missing > whitespace debug3: key_read: missing > whitespace debug3: key_read: missing > whitespace debug3: key_read: missing > whitespace debug3: key_read: missing > whitespace debug3: key_read: missing > whitespace debug3: key_read: missing > whitespace debug3: key_read: missing > whitespace debug3: key_read: missing > whitespace debug3: key_read: missing > whitespace debug3: key_read: missing > whitespace debug3: key_read: missing > whitespace debug3: key_read: missing > whitespace debug3: key_read: missing > whitespace debug3: key_read: missing > whitespace debug2: key_type_from_name: unknown > key type '-----END' debug3: key_read: missing > keytype debug1: identity file > /root/.ssh/id_rsa type 1 debug1: Checking blacklist file > /usr/share/ssh/blacklist.RSA-4096 > debug1: Checking blacklist file /etc/ssh/blacklist.RSA-4096 > debug3: Not a RSA1 key file /root/.ssh/id_dsa. > debug2: key_type_from_name: unknown key type '-----BEGIN' > debug3: key_read: missing keytype > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug3: key_read: missing whitespace > debug2: key_type_from_name: unknown key type '-----END' > debug3: key_read: missing keytype > debug1: identity file /root/.ssh/id_dsa type -1 > debug1: Remote protocol version 2.0, remote software version > OpenSSH_5.1p1 Debian-6ubuntu2 > debug1: match: OpenSSH_5.1p1 Debian-6ubuntu2 pat > OpenSSH* debug1: Enabling > compatibility mode for protocol > 2.0 debug1: Local version string > SSH-2.0-OpenSSH_5.1p1 Debian-5 debug2: > fd 3 setting > O_NONBLOCK > debug1: SSH2_MSG_KEXINIT > sent > debug1: SSH2_MSG_KEXINIT > received > debug2: kex_parse_kexinit: > diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 > > debug2: kex_parse_kexinit: > ssh-rsa,ssh-dss > > > debug2: kex_parse_kexinit: > aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,[email protected],aes128-ctr,aes192-ctr,aes256-ctr > > debug2: kex_parse_kexinit: > aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,[email protected],aes128-ctr,aes192-ctr,aes256-ctr > > debug2: kex_parse_kexinit: > hmac-md5,hmac-sha1,[email protected],hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96 > > > debug2: kex_parse_kexinit: > hmac-md5,hmac-sha1,[email protected],hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96 > > > debug2: kex_parse_kexinit: > none,[email protected],zlib > > > debug2: kex_parse_kexinit: > none,[email protected],zlib > > > debug2: > kex_parse_kexinit: > > > > debug2: > kex_parse_kexinit: > > > > debug2: kex_parse_kexinit: first_kex_follows > 0 > > > debug2: kex_parse_kexinit: reserved > 0 > > > debug2: kex_parse_kexinit: > diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 > > > debug2: kex_parse_kexinit: > ssh-rsa,ssh-dss > > > debug2: kex_parse_kexinit: > aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,[email protected],aes128-ctr,aes192-ctr,aes256-ctr > > debug2: kex_parse_kexinit: > aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,[email protected],aes128-ctr,aes192-ctr,aes256-ctr > > debug2: kex_parse_kexinit: > hmac-md5,hmac-sha1,[email protected],hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96 > > > debug2: kex_parse_kexinit: > hmac-md5,hmac-sha1,[email protected],hmac-ripemd160,[email protected],hmac-sha1-96,hmac-md5-96 > > > debug2: kex_parse_kexinit: > none,[email protected] > > > debug2: kex_parse_kexinit: > none,[email protected] > > > debug2: > kex_parse_kexinit: > > > > debug2: > kex_parse_kexinit: > > > > debug2: kex_parse_kexinit: first_kex_follows > 0 > > > debug2: kex_parse_kexinit: reserved > 0 > > > debug2: mac_setup: found > hmac-md5 > > > > debug1: kex: server->client aes128-cbc hmac-md5 > none > > > debug2: mac_setup: found > hmac-md5 > > > > debug1: kex: client->server aes128-cbc hmac-md5 > none > > > debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) > sent > > > debug1: expecting > SSH2_MSG_KEX_DH_GEX_GROUP > > > > debug2: dh_gen_key: priv key bits set: > 130/256 > > > debug2: bits set: > 492/1024 > > > > debug1: SSH2_MSG_KEX_DH_GEX_INIT > sent > > > debug1: expecting > SSH2_MSG_KEX_DH_GEX_REPLY > > > > debug3: check_host_in_hostfile: filename > /root/.ssh/known_hosts > > > debug3: check_host_in_hostfile: match line > 6 > > > debug1: Host '192.168.1.107' is known and matches the RSA host > key. > > > debug1: Found key in > /root/.ssh/known_hosts:6 > > > > debug2: bits set: > 494/1024 > > > > debug1: ssh_rsa_verify: signature > correct > > > debug2: > kex_derive_keys > > > > debug2: set_newkeys: mode > 1 > > > debug1: SSH2_MSG_NEWKEYS > sent > > > > debug1: expecting > SSH2_MSG_NEWKEYS > > > > debug2: set_newkeys: mode > 0 > > > debug1: SSH2_MSG_NEWKEYS > received > > > > debug1: SSH2_MSG_SERVICE_REQUEST > sent > > > debug2: service_accept: > ssh-userauth > > > > debug1: SSH2_MSG_SERVICE_ACCEPT > received > > > debug2: key: /root/.ssh/identity > ((nil)) > > > debug2: key: /root/.ssh/id_rsa > (0xb7fc7968) > > > debug2: key: /root/.ssh/id_dsa > ((nil)) > > > debug1: Authentications that can continue: > publickey,password > > > debug3: start over, passed a different list > publickey,password > > > debug3: preferred > gssapi-keyex,gssapi-with-mic,gssapi,publickey,keyboard-interactive,password > > debug3: authmethod_lookup publickey > debug3: remaining preferred: keyboard-interactive,password > debug3: authmethod_is_enabled publickey > debug1: Next authentication method: publickey > debug1: Trying private key: /root/.ssh/identity > debug3: no such identity: /root/.ssh/identity > debug1: Offering public key: /root/.ssh/id_rsa > debug3: send_pubkey_test > debug2: we sent a publickey packet, wait for reply > debug1: Authentications that can continue: publickey,password > debug1: Trying private key: /root/.ssh/id_dsa > debug1: read PEM private key done: type DSA > debug3: sign_and_send_pubkey > debug2: we sent a publickey packet, wait for reply > debug1: Authentications that can continue: publickey,password > debug2: we did not send a packet, disable method > debug3: authmethod_lookup password > debug3: remaining preferred: ,password > debug3: authmethod_is_enabled password > debug1: Next authentication method: password > usua...@ubuntu_ip's password: > > Agradeço desde já. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkvXLJoACgkQ7OAY7mv8BhmTqwCgkGdjLwfunTuBIPUsFQf1eTAj gMsAn3lbu3pxXxTfQRF/1fwKZEyX8uix =BtW4 -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
