This mail is an automated notification from the task tracker
of the project: Administration.
/**************************************************************************/
[task #151] Latest Modifications:
Changes by:
Mathieu Roy <[EMAIL PROTECTED]>
'Date:
mer 03.03.2004 à 19:51 (Europe/Paris)
What | Removed | Added
---------------------------------------------------------------------------
Resolution | None | Cancelled
Assigned to | None | yeupou
Status | Open | Closed
------------------ Additional Follow-up Comments ----------------------------
Sure, only the donwload area is accessible with sftp, it is on purpose.
Apart from that, it does not work for me, I set the configuration as you
proposed, including checking the box "Use the sub-system SSH2-SFTP". I have no
time to find out while it does not work, but in the current state of thing we
cannot add it to the documentation, since it is unclear whether it is supposed
to work easily for anybody.
Thanks for the information anyway.
/**************************************************************************/
[task #151] Full Item Snapshot:
URL: <http://gna.org/task/?func=detailitem&item_id=151>
Project: Administration
Submitted by: Xavier Dubus
On: mer 11.02.2004 à 12:14
Should Start On: mer 11.02.2004 à 00:00
Should be Finished on: mer 11.02.2004 à 00:00
Category: Docs
Priority: 3 - Low
Resolution: Cancelled
Assigned to: yeupou
Percent Complete: 0%
Status: Closed
Effort: 0.00
Summary: Reassigned item: advertising possibility to use gftp to upload files
Original Submission: Hi,
I registered my public ssh key with keygen. And i try to connect to
download.gna.org with gftp under Linux because it support SSH2. So i put
download.gna.org for the adress on port 22 and my login and password.... This
is the message that i received:
There is an error during the initialization of SSH connexion to the distant
server. The error message of the distant server is:
Permission denied (publickey,keyboard-interactive).
Well maybe my ssh is not good.
Thank you
Commentaires :
------------------
-------------------------------------------------------
Date: mer 03.03.2004 à 19:51 By: yeupou
Sure, only the donwload area is accessible with sftp, it is on purpose.
Apart from that, it does not work for me, I set the configuration as you
proposed, including checking the box "Use the sub-system SSH2-SFTP". I have no
time to find out while it does not work, but in the current state of thing we
cannot add it to the documentation, since it is unclear whether it is supposed
to work easily for anybody.
Thanks for the information anyway.
-------------------------------------------------------
Date: mer 11.02.2004 à 14:49 By: Nainwalker
If your want to use gftp:
host: download.gna.org
port: 22
login: <username>
password: <password of your account>
Choose SSH2 for protocol
passpharase: <passphrase of your ssh key>
Don't forget in options/SSH to check the box of "Use the sub-system SSH2-SFTP"
-------------------------------------------------------
Date: mer 11.02.2004 à 14:46 By: Nainwalker
So after multiple test, gftp can be used just to upload files of the project.
For any website content or cvs, it won't work.
-------------------------------------------------------
Date: mer 11.02.2004 à 12:14 By: yeupou
Hello,
We could advertise it indeed.
I reassign this item as task.
-------------------------------------------------------
Date: mer 11.02.2004 à 12:14 By: yeupou
This item has been reassigned from the project Administration support tracker
to your tracker.
The original report is still available at support #144
Following are the information included in the original report:
[field #0] <font class="preinput"><font class="help" title="Unique item
identifier">Item ID: </font></font> 144<br>[field #1] <font
class="preinput"><font class="help" title="Unique project identifier">Group ID:
</font></font> 101<br>[field #2] <font class="preinput"><font class="help"
title="Current Status">Status: </font></font> Closed<br>[field #3] <font
class="preinput"><font class="help" title="Impact of the item on the system
(Critical, Major,...)">Severity: </font></font> C - Average<br>[field #4] <font
class="preinput"><font class="help" title="Generally high level modules or
functionalities of the software (e.g. User interface, Configuration Manager,
etc)">Category: </font></font> Download Areas<br>[field #5] <font
class="preinput"><font class="help" title="User who originally submitted the
item">Submitted by: </font></font> Nainwalker<br>[field #6] <font
class="preinput"><font class="help" title="Who is in charge of handling the
item">Assigned to: </font></font> yeupou<br>[field #7] <font
class="preinput"><font class="help" title="Date and time of the initial
submission">Submitted on: </font></font> jeu 05.02.2004 à 01:10<br>[field #8]
<font class="preinput"><font class="help" title="One line description of the
item">Summary: </font></font> advertising possibility to use gftp to upload
files<br>[field #9] <font class="preinput"><font class="help" title="Full
description of the item">Original Submission: </font></font> Hi,
<br />
I registered my public ssh key with keygen. And i try to connect to
download.gna.org with gftp under Linux because it support SSH2. So i put
download.gna.org for the adress on port 22 and my login and password.... This
is the message that i received:
<br />
There is an error during the initialization of SSH connexion to the distant
server. The error message of the distant server is:
<br />
Permission denied (publickey,keyboard-interactive).
<br />
<br />
Well maybe my ssh is not good.
<br />
Thank you<br>[field #10] <font class="preinput"><font class="help" title="Date
and time when the item status was changed to Closed ">Closed on:
</font></font> mer 11.02.2004 à 12:14<br>[field #11] <font
class="preinput"><font class="help" title="Characterizes the nature of the item
(e.g. Crash Error, Documentation Typo, Installation Problem, etc">Item Group:
</font></font> None<br>[field #12] <font class="preinput"><font class="help"
title="Current resolution of the item">Resolution: </font></font>
Fixed<br>[field #13] <font class="preinput"><font class="help" title="Version
of the System Component impacted by the item">Component Version: </font></font>
None<br>[field #14] <font class="preinput"><font class="help" title="Name and
version of the platform impacted by the item">Platform Version: </font></font>
None<br>[field #15] <font class="preinput"><font class="help" title="How easy
it is to reproduce the item">Reproducibility: </font></font> None<br>[field
#16] <font class="preinput"><font class="help" title="Estimated size of the
code to be developed or reworked to handle the item">Size (loc): </font></font>
None<br>[field #17] <font class="preinput"><font class="help" title="Release in
which the item was actually implemented">Fixed Release: </font></font>
None<br>[field #18] <font class="preinput"><font class="help" title="Release in
which it is planned to have the item implemented">Planned Release:
</font></font> None<br>[field #19] <font class="preinput"><font class="help"
title="Number of hours of work needed to handle the item">Effort:
</font></font> 0.00<br>[field #23] <font class="preinput"><font class="help"
title="How quickly the item should be implemented (Immediate, Normal, Low,
Later,...)">Priority: </font></font> 7 - High<br>[field #26] <font
class="preinput"><font class="help" title="">Percent Complete: </font></font>
0%<br>[field #28] <font class="preinput"><font class="help" title="Release
(global version number) impacted by the item">Release: </font></font>
None<br>[field #53] <font class="preinput"><font class="help"
title="Customizable Select Box (pull down menu with predefined values)">Custom
Select Box #1: </font></font> None<br>[field #54] <font class="preinput"><font
class="help" title="Customizable Select Box (pull down menu with predefined
values)">Custom Select Box #2: </font></font> None<br>[field #55] <font
class="preinput"><font class="help" title="Customizable Select Box (pull down
menu with predefined values)">Custom Select Box #3: </font></font>
None<br>[field #56] <font class="preinput"><font class="help"
title="Customizable Select Box (pull down menu with predefined values)">Custom
Select Box #4: </font></font> None<br>[field #57] <font class="preinput"><font
class="help" title="Customizable Select Box (pull down menu with predefined
values)">Custom Select Box #5: </font></font> None<br>[field #58] <font
class="preinput"><font class="help" title="Customizable Select Box (pull down
menu with predefined values)">Custom Select Box #6: </font></font>
None<br>[field #59] <font class="preinput"><font class="help"
title="Customizable Select Box (pull down menu with predefined values)">Custom
Select Box #7: </font></font> None<br>[field #60] <font class="preinput"><font
class="help" title="Customizable Select Box (pull down menu with predefined
values)">Custom Select Box #8: </font></font> None<br>[field #61] <font
class="preinput"><font class="help" title="Customizable Select Box (pull down
menu with predefined values)">Custom Select Box #9: </font></font>
None<br>[field #62] <font class="preinput"><font class="help"
title="Customizable Select Box (pull down menu with predefined values)">Custom
Select Box #10: </font></font> None<br>
-------------------------------------------------------
Date: mer 11.02.2004 à 00:19 By: Nainwalker
Okay,
I tried with Gftp and it's working very well.
Thank you very much for your help.
Maybe it will be a good thing to give the information for Linux users that they
have the possibility to use Gftp (graphical program) to upload on the server?
-------------------------------------------------------
Date: lun 09.02.2004 à 16:36 By: Nainwalker
Thanks, its almost working, this is the sequence after the passphrase:
debug1: read PEM private key done: type RSA
debug1: Authentication succeeded (publickey).
debug1: channel 0: new [client-session]
debug1: Entering interactive session.
debug1: channel 0: request pty-req
debug1: channel 0: request shell
debug1: channel 0: open confirm rwindow 0 rmax 32768
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
Welcome on this download area server!
This server is running Debian GNU/Linux.
Last login: Mon Feb 9 15:47:03 2004 from
stclement-2-82-67-91-99.fbx.proxad.net
Error:
You are not allowed to run the command you asked.
Only scp and rsync commands are accepted.
Please double-check the command line you typed.
Use our support tracker at
http://gna.org/support/?group=admin
if you cannot find a way to use this server as it is
described.
debug1: channel 0: rcvd eof
debug1: channel 0: output open -> drain
debug1: channel 0: obuf empty
debug1: channel 0: close_write
debug1: channel 0: output drain -> closed
debug1: channel 0: rcvd close
debug1: channel 0: close_read
debug1: channel 0: input open -> closed
debug1: channel 0: almost dead
debug1: channel 0: gc: notify user
debug1: channel 0: gc: user detached
debug1: channel 0: send close
debug1: channel 0: is dead
debug1: channel 0: garbage collecting
debug1: channel_free: channel 0: client-session, nchannels 1
Connection to download.gna.org closed.
debug1: Transferred: stdin 0, stdout 0, stderr 40 bytes in 0.2 seconds
debug1: Bytes per second: stdin 0.0, stdout 0.0, stderr 265.1
debug1: Exit status 1
Maybe i need to configure the permission of ssh for my session on my computer
-------------------------------------------------------
Date: lun 09.02.2004 à 09:33 By: Nainwalker
the full sequence typed:
ssh -v [EMAIL PROTECTED]
OpenSSH_3.6.1p2 Debian 1:3.6.1p2-11, SSH protocolls 1.5/2.0, OpenSSL 0x0090703f
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Rhosts Authentification disabled, originating port will nobe trusted.
debug1: Connecting to download.gna.org [213.228.62.12] port 22.
debug1: Connection established.
debug1: identity file /home/dux/.ssh/identity type -1
debug1: identity file /home/dux/.ssh/id_rsa type 1
debug1: identity file /home/dux/.ssh/is_dsa type 2
debug1: Remote protocol version 2.0, remote software version OpenSSH_3.4p1
Debian 1:3.4p1-1.woody.3 par OpenSSH*
debug1: match: OpenSSH_3.4p1 Debian 1:3.4p1-1.woody.3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version strinfg SSH-2.0-OpenSSH_3.6.1p2 Debian 1:3.6.1p2-11
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'download.gna.org' is known and matches the RSA host key.
debug1: Found key in /home/dux/.ssh/known_hosts:4
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Trying private key: /home/dux/.ssh/identity
debug1: Offering public key: /home/dux/.ssh/id_rsa
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: Offering public key: /home/dux/.ssh/id_dsa
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: Next authentication method: keyboard-interactive
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: No more authentication methods to try.
Permission denied (publickey,keyboard-interactive).
debug1: Calling cleanup 0x80623b0(0x0)"
Then the ssh_config file:
# $OpenBSD: ssh_config,v 1.16 2002/07/03 14:21:05 markus Exp $
# This is the ssh client system-wide configuration file. See
# ssh_config(5) for more information. This file provides defaults for
# users, and the values can be changed in per-user configuration files
# or on the command line.
# Configuration data is parsed as follows:
# 1. command line options
# 2. user-specific file
# 3. system-wide file
# Any configuration value is only changed the first time it is set.
# Thus, host-specific definitions should be at the beginning of the
# configuration file, and defaults at the end.
# Site-wide defaults for various options
# Host *
# ForwardAgent no
# ForwardX11 no
# RhostsAuthentication no
# RhostsRSAAuthentication no
# RSAAuthentication yes
# PasswordAuthentication yes
# HostbasedAuthentication no
# BatchMode no
# CheckHostIP yes
# StrictHostKeyChecking ask
# IdentityFile ~/.ssh/identity
# IdentityFile ~/.ssh/id_rsa
# IdentityFile ~/.ssh/id_dsa
# Port 22
# Protocol 2,1
# Cipher 3des
# Ciphers
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc
# EscapeChar ~
And the sshd_config:
# Package generated configuration file
# See the sshd(8) manpage for details
# What ports, IPs and protocols we listen for
Port 22
# Use these options to restrict which interfaces/protocols sshd will bind to
#ListenAddress ::
#ListenAddress 0.0.0.0
Protocol 2
# HostKeys for protocol version 2
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_dsa_key
#Privilege Separation is turned on for security
UsePrivilegeSeparation yes
# ...but breaks Pam auth via kbdint, so we have to turn it off
# Use PAM authentication via keyboard-interactive so PAM modules can
# properly interface with the user (off due to PrivSep)
PAMAuthenticationViaKbdInt no
# Lifetime and size of ephemeral version 1 server key
KeyRegenerationInterval 3600
ServerKeyBits 768
# Logging
SyslogFacility AUTH
LogLevel INFO
# Authentication:
LoginGraceTime 600
PermitRootLogin yes
StrictModes yes
RSAAuthentication yes
PubkeyAuthentication yes
#AuthorizedKeysFile %h/.ssh/authorized_keys
# rhosts authentication should not be used
RhostsAuthentication no
# Don't read the user's ~/.rhosts and ~/.shosts files
IgnoreRhosts yes
# For this to work you will also need host keys in /etc/ssh_known_hosts
RhostsRSAAuthentication no
# similar for protocol version 2
HostbasedAuthentication no
# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
#IgnoreUserKnownHosts yes
# To enable empty passwords, change to yes (NOT RECOMMENDED)
PermitEmptyPasswords no
# Change to no to disable s/key passwords
#ChallengeResponseAuthentication yes
# To disable tunneled clear text passwords, change to no here!
PasswordAuthentication yes
# To change Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#AFSTokenPassing no
#KerberosTicketCleanup no
# Kerberos TGT Passing does only work with the AFS kaserver
#KerberosTgtPassing yes
X11Forwarding no
X11DisplayOffset 10
PrintMotd no
PrintLastLog yes
KeepAlive yes
#UseLogin no
#MaxStartups 10:30:60
#Banner /etc/issue.net
#ReverseMappingCheck yes
Subsystem sftp /usr/lib/sftp-server
I hope its gonna be fine.
Thanks
-------------------------------------------------------
Date: sam 07.02.2004 à 13:10 By: yeupou
(sourceforge accept password connection, so it does not tells you if your ssh
key really works)
-------------------------------------------------------
Date: sam 07.02.2004 à 13:10 By: yeupou
Your key is a RSA2, which is ok normally.
Please, copy and paste the output of
ssh -v [EMAIL PROTECTED]
(copy the full sequence, including the command line you typed)
Copy and paste also the content of ~/.ssh/config if existing.
I made a test with a key similar to your, on your account, and it worked.
-------------------------------------------------------
Date: ven 06.02.2004 à 15:50 By: Nainwalker
I tried with sourceforge and its working....
I tried with ssh in console and its the same problem, permission denied
(publickey,keyboard-interactive).
So i don't know maybe i have to configure my ssh its a version 1.5/2.0...?
Thanks for your help
-------------------------------------------------------
Date: ven 06.02.2004 à 13:48 By: yeupou
The key now looks valid, would you like to send the output of
ssh -v [EMAIL PROTECTED]
In your original report, you said, "So i put download.gna.org for the adress on
port 22 and my login and _password_" : you meant ssh passphrase, didn't you?
Are you sure that gftp support passphrase authentication method?
-------------------------------------------------------
Date: ven 06.02.2004 à 09:54 By: Nainwalker
Its the same problem, i change my key also to a rsa key, but nothing!
-------------------------------------------------------
Date: jeu 05.02.2004 à 11:47 By: yeupou
Hello,
Your ssh key is truncated, you need to re-register your ssh key.
Do that, wait for the cronjob to update the system, retry and tell us.
For detailed info, follow this link:
<http://gna.org/task/?func=detailitem&item_id=151>
_______________________________________________
Message sent via/by Gna!
http://gna.org/
