Jeff Squyres and I have been communicating off-list about this problem, as he thought he experienced something similar some time ago. He tested between rh7.3 and rh9 and experienced a similar problem as you. I have a 7.3 and rh9 combination that I have no problems with, but it may be updated- I haven't checked yet.
Anyway... we're guessing version incompatibility might be the issue here at this point. You might want to try blowing away the entire ssh installation (including config files) on one of the non-oscar target machines having the problem. Then install the same version of ssh on those as you have on the cluster, and configure the same, etc...
good luck-
Jeremy
At 12:16 PM 2/20/2004, Benjamin Simmons wrote:
ok: 1) yes the user can ssh throughout the cluster without a problem. 2) I blew it away and let it regenerate. Same as before.
I tried setting PasswordAuthentication no on the server as well as the non-node.
This results in the following failure:
[EMAIL PROTECTED] bdsimmns]# ssh engrcluster
Last login: Fri Feb 20 12:11:36 2004 from viper.engr.memphis.edu
su [EMAIL PROTECTED] root]# su bdsimmns
generating ssh file /home/bdsimmns/.ssh/id_dsa ...
Generating public/private dsa key pair.
Created directory '/home/bdsimmns/.ssh'.
Your identification has been saved in /home/bdsimmns/.ssh/id_dsa.
Your public key has been saved in /home/bdsimmns/.ssh/id_dsa.pub.
The key fingerprint is:
2c:3c:ea:ed:ef:02:96:6f:6c:71:d1:0f:45:04:28:c2 [EMAIL PROTECTED]
generating ssh file /home/bdsimmns/.ssh/identity ...
Generating public/private rsa1 key pair.
Your identification has been saved in /home/bdsimmns/.ssh/identity.
Your public key has been saved in /home/bdsimmns/.ssh/identity.pub.
The key fingerprint is:
71:c3:02:e3:7f:b0:3d:d6:a5:37:ea:8c:1a:34:7e:e7 [EMAIL PROTECTED]
generating ssh file /home/bdsimmns/.ssh/id_rsa ...
Generating public/private rsa key pair.
Your identification has been saved in /home/bdsimmns/.ssh/id_rsa.
Your public key has been saved in /home/bdsimmns/.ssh/id_rsa.pub.
The key fingerprint is:
15:7b:97:82:69:78:ca:68:a9:5e:14:1e:59:df:43:fa [EMAIL PROTECTED]
adding id to ssh file /home/bdsimmns/.ssh/authorized_keys2
adding id to ssh file /home/bdsimmns/.ssh/authorized_keys
adding id to ssh file /home/bdsimmns/.ssh/authorized_keys2
[EMAIL PROTECTED] bdsimmns]$ exit
exit
[EMAIL PROTECTED] root]# exit
logout
Connection to engrcluster closed.
[EMAIL PROTECTED] bdsimmns]# exit
exit
[EMAIL PROTECTED] bdsimmns]$ ssh engrcluster
The authenticity of host 'engrcluster (10.0.0.250)' can't be established.
RSA key fingerprint is ff:de:cc:a4:e5:d8:48:c1:74:6e:73:18:d3:16:e7:73.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'engrcluster,10.0.0.250' (RSA) to the list of known hosts.
Permission denied (publickey,keyboard-interactive).
[EMAIL PROTECTED] bdsimmns]$ ssh -vvv engrcluster
OpenSSH_3.5p1, SSH protocols 1.5/2.0, OpenSSL 0x0090701f
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: ssh_connect: needpriv 0
debug1: Connecting to engrcluster [10.0.0.250] port 22.
debug1: Connection established.
debug1: identity file /home/bdsimmns/.ssh/identity type 0
debug3: Not a RSA1 key file /home/bdsimmns/.ssh/id_rsa.
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug3: key_read: no key found
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug2: key_type_from_name: unknown key type '-----END'
debug3: key_read: no key found
debug1: identity file /home/bdsimmns/.ssh/id_rsa type 1
debug3: Not a RSA1 key file /home/bdsimmns/.ssh/id_dsa.
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug3: key_read: no key found
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug3: key_read: no space
debug2: key_type_from_name: unknown key type '-----END'
debug3: key_read: no key found
debug1: identity file /home/bdsimmns/.ssh/id_dsa type 2
debug1: Remote protocol version 1.99, remote software version OpenSSH_3.1p1
debug1: match: OpenSSH_3.1p1 pat OpenSSH_2.*,OpenSSH_3.0*,OpenSSH_3.1*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_3.5p1
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,[EMAIL PROTECTED]
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,[EMAIL PROTECTED]
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,[EMAIL PROTECTED],hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,[EMAIL PROTECTED],hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,[EMAIL PROTECTED],hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,[EMAIL PROTECTED],hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_init: found hmac-md5
debug1: kex: server->client aes128-cbc hmac-md5 none
debug2: mac_init: found hmac-md5
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: dh_gen_key: priv key bits set: 129/256
debug1: bits set: 1566/3191
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug3: check_host_in_hostfile: filename /home/bdsimmns/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 1
debug3: check_host_in_hostfile: filename /home/bdsimmns/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 1
debug1: Host 'engrcluster' is known and matches the RSA host key.
debug1: Found key in /home/bdsimmns/.ssh/known_hosts:1
debug1: bits set: 1611/3191
debug1: ssh_rsa_verify: signature correct
debug1: kex_derive_keys
debug1: newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: waiting for SSH2_MSG_NEWKEYS
debug1: newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: done: ssh_kex2.
debug1: send SSH2_MSG_SERVICE_REQUEST
debug1: service_accept: ssh-userauth
debug1: got SSH2_MSG_SERVICE_ACCEPT
debug1: authentications that can continue: publickey,keyboard-interactive
debug3: start over, passed a different list publickey,keyboard-interactive
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: next auth method to try is publickey
debug1: try pubkey: /home/bdsimmns/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: authentications that can continue: publickey,keyboard-interactive
debug1: try pubkey: /home/bdsimmns/.ssh/id_dsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: authentications that can continue: publickey,keyboard-interactive
debug2: we did not send a packet, disable method
debug3: authmethod_lookup keyboard-interactive
debug3: remaining preferred: password
debug3: authmethod_is_enabled keyboard-interactive
debug1: next auth method to try is keyboard-interactive
debug2: userauth_kbdint
debug2: we sent a keyboard-interactive packet, wait for reply
debug1: authentications that can continue: publickey,keyboard-interactive
debug3: userauth_kbdint: disable: no info_req_seen
debug2: we did not send a packet, disable method
debug1: no more auth methods to try
Permission denied (publickey,keyboard-interactive).
debug1: Calling cleanup 0x80674d0(0x0)
[EMAIL PROTECTED] bdsimmns]$
Jeremy Enos wrote:
Ben-
a couple other things to make sure of that may give us more info...
1) Can the user acct in question traverse all around the original OSCAR cluster nodes w/o any problem?
2) No matter the answer to 1, you might want to try blowing away that user's .ssh/ folder, logging into the oscar head node again as that user and letting the keys get auto-generated again. (just to make sure their straight)
------------------------------------------------------- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps & Web services for Linux with a free DVD software kit from IBM. Click Now! http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click _______________________________________________ Oscar-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/oscar-users
------------------------------------------------------- SF.Net is sponsored by: Speed Start Your Linux Apps Now. Build and deploy apps & Web services for Linux with a free DVD software kit from IBM. Click Now! http://ads.osdn.com/?ad_id=1356&alloc_id=3438&op=click _______________________________________________ Oscar-users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/oscar-users
