This mail is an automated notification from the task tracker
of the project: Administration.
/**************************************************************************/
[task #151] Latest Modifications:
Changes by:
Mathieu Roy <[EMAIL PROTECTED]>
'Date:
mer 11.02.2004 à 12:15 (Europe/Paris)
What | Removed | Added
---------------------------------------------------------------------------
Should Start On | | mer 11.02.2004 à 00:00
Should be Finished on | | mer 11.02.2004 à 00:00
Category | None | Docs
Priority | 7 - High | 3 - Low
/**************************************************************************/
[task #151] Full Item Snapshot:
URL: <http://gna.org/task/?func=detailitem&item_id=151>
Project: Administration
Submitted by: Xavier Dubus
On: mer 11.02.2004 à 12:14
Should Start On: mer 11.02.2004 à 00:00
Should be Finished on: mer 11.02.2004 à 00:00
Category: Docs
Priority: 3 - Low
Resolution: None
Assigned to: None
Percent Complete: 0%
Status: Open
Effort: 0.00
Summary: Reassigned item: advertising possibility to use gftp to upload files
Original Submission: Hi,
I registered my public ssh key with keygen. And i try to connect to
download.gna.org with gftp under Linux because it support SSH2. So i put
download.gna.org for the adress on port 22 and my login and password.... This
is the message that i received:
There is an error during the initialization of SSH connexion to the distant
server. The error message of the distant server is:
Permission denied (publickey,keyboard-interactive).
Well maybe my ssh is not good.
Thank you
Commentaires :
------------------
-------------------------------------------------------
Date: mer 11.02.2004 à 12:14 By: yeupou
Hello,
We could advertise it indeed.
I reassign this item as task.
-------------------------------------------------------
Date: mer 11.02.2004 à 12:14 By: yeupou
This item has been reassigned from the project Administration support tracker
to your tracker.
The original report is still available at support #144
Following are the information included in the original report:
[field #0] <font class="preinput"><font class="help" title="Unique item
identifier">Item ID: </font></font> 144<br>[field #1] <font
class="preinput"><font class="help" title="Unique project identifier">Group ID:
</font></font> 101<br>[field #2] <font class="preinput"><font class="help"
title="Current Status">Status: </font></font> Closed<br>[field #3] <font
class="preinput"><font class="help" title="Impact of the item on the system
(Critical, Major,...)">Severity: </font></font> C - Average<br>[field #4] <font
class="preinput"><font class="help" title="Generally high level modules or
functionalities of the software (e.g. User interface, Configuration Manager,
etc)">Category: </font></font> Download Areas<br>[field #5] <font
class="preinput"><font class="help" title="User who originally submitted the
item">Submitted by: </font></font> Nainwalker<br>[field #6] <font
class="preinput"><font class="help" title="Who is in charge of handling the
item">Assigned to: </font></font> yeupou<br>[field #7] <font
class="preinput"><font class="help" title="Date and time of the initial
submission">Submitted on: </font></font> jeu 05.02.2004 à 01:10<br>[field #8]
<font class="preinput"><font class="help" title="One line description of the
item">Summary: </font></font> advertising possibility to use gftp to upload
files<br>[field #9] <font class="preinput"><font class="help" title="Full
description of the item">Original Submission: </font></font> Hi,
<br />
I registered my public ssh key with keygen. And i try to connect to
download.gna.org with gftp under Linux because it support SSH2. So i put
download.gna.org for the adress on port 22 and my login and password.... This
is the message that i received:
<br />
There is an error during the initialization of SSH connexion to the distant
server. The error message of the distant server is:
<br />
Permission denied (publickey,keyboard-interactive).
<br />
<br />
Well maybe my ssh is not good.
<br />
Thank you<br>[field #10] <font class="preinput"><font class="help" title="Date
and time when the item status was changed to Closed ">Closed on:
</font></font> mer 11.02.2004 à 12:14<br>[field #11] <font
class="preinput"><font class="help" title="Characterizes the nature of the item
(e.g. Crash Error, Documentation Typo, Installation Problem, etc">Item Group:
</font></font> None<br>[field #12] <font class="preinput"><font class="help"
title="Current resolution of the item">Resolution: </font></font>
Fixed<br>[field #13] <font class="preinput"><font class="help" title="Version
of the System Component impacted by the item">Component Version: </font></font>
None<br>[field #14] <font class="preinput"><font class="help" title="Name and
version of the platform impacted by the item">Platform Version: </font></font>
None<br>[field #15] <font class="preinput"><font class="help" title="How easy
it is to reproduce the item">Reproducibility: </font></font> None<br>[field
#16] <font class="preinput"><font class="help" title="Estimated size of the
code to be developed or reworked to handle the item">Size (loc): </font></font>
None<br>[field #17] <font class="preinput"><font class="help" title="Release in
which the item was actually implemented">Fixed Release: </font></font>
None<br>[field #18] <font class="preinput"><font class="help" title="Release in
which it is planned to have the item implemented">Planned Release:
</font></font> None<br>[field #19] <font class="preinput"><font class="help"
title="Number of hours of work needed to handle the item">Effort:
</font></font> 0.00<br>[field #23] <font class="preinput"><font class="help"
title="How quickly the item should be implemented (Immediate, Normal, Low,
Later,...)">Priority: </font></font> 7 - High<br>[field #26] <font
class="preinput"><font class="help" title="">Percent Complete: </font></font>
0%<br>[field #28] <font class="preinput"><font class="help" title="Release
(global version number) impacted by the item">Release: </font></font>
None<br>[field #53] <font class="preinput"><font class="help"
title="Customizable Select Box (pull down menu with predefined values)">Custom
Select Box #1: </font></font> None<br>[field #54] <font class="preinput"><font
class="help" title="Customizable Select Box (pull down menu with predefined
values)">Custom Select Box #2: </font></font> None<br>[field #55] <font
class="preinput"><font class="help" title="Customizable Select Box (pull down
menu with predefined values)">Custom Select Box #3: </font></font>
None<br>[field #56] <font class="preinput"><font class="help"
title="Customizable Select Box (pull down menu with predefined values)">Custom
Select Box #4: </font></font> None<br>[field #57] <font class="preinput"><font
class="help" title="Customizable Select Box (pull down menu with predefined
values)">Custom Select Box #5: </font></font> None<br>[field #58] <font
class="preinput"><font class="help" title="Customizable Select Box (pull down
menu with predefined values)">Custom Select Box #6: </font></font>
None<br>[field #59] <font class="preinput"><font class="help"
title="Customizable Select Box (pull down menu with predefined values)">Custom
Select Box #7: </font></font> None<br>[field #60] <font class="preinput"><font
class="help" title="Customizable Select Box (pull down menu with predefined
values)">Custom Select Box #8: </font></font> None<br>[field #61] <font
class="preinput"><font class="help" title="Customizable Select Box (pull down
menu with predefined values)">Custom Select Box #9: </font></font>
None<br>[field #62] <font class="preinput"><font class="help"
title="Customizable Select Box (pull down menu with predefined values)">Custom
Select Box #10: </font></font> None<br>
-------------------------------------------------------
Date: mer 11.02.2004 à 00:19 By: Nainwalker
Okay,
I tried with Gftp and it's working very well.
Thank you very much for your help.
Maybe it will be a good thing to give the information for Linux users that they
have the possibility to use Gftp (graphical program) to upload on the server?
-------------------------------------------------------
Date: lun 09.02.2004 à 16:36 By: Nainwalker
Thanks, its almost working, this is the sequence after the passphrase:
debug1: read PEM private key done: type RSA
debug1: Authentication succeeded (publickey).
debug1: channel 0: new [client-session]
debug1: Entering interactive session.
debug1: channel 0: request pty-req
debug1: channel 0: request shell
debug1: channel 0: open confirm rwindow 0 rmax 32768
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
Welcome on this download area server!
This server is running Debian GNU/Linux.
Last login: Mon Feb 9 15:47:03 2004 from
stclement-2-82-67-91-99.fbx.proxad.net
Error:
You are not allowed to run the command you asked.
Only scp and rsync commands are accepted.
Please double-check the command line you typed.
Use our support tracker at
http://gna.org/support/?group=admin
if you cannot find a way to use this server as it is
described.
debug1: channel 0: rcvd eof
debug1: channel 0: output open -> drain
debug1: channel 0: obuf empty
debug1: channel 0: close_write
debug1: channel 0: output drain -> closed
debug1: channel 0: rcvd close
debug1: channel 0: close_read
debug1: channel 0: input open -> closed
debug1: channel 0: almost dead
debug1: channel 0: gc: notify user
debug1: channel 0: gc: user detached
debug1: channel 0: send close
debug1: channel 0: is dead
debug1: channel 0: garbage collecting
debug1: channel_free: channel 0: client-session, nchannels 1
Connection to download.gna.org closed.
debug1: Transferred: stdin 0, stdout 0, stderr 40 bytes in 0.2 seconds
debug1: Bytes per second: stdin 0.0, stdout 0.0, stderr 265.1
debug1: Exit status 1
Maybe i need to configure the permission of ssh for my session on my computer
-------------------------------------------------------
Date: lun 09.02.2004 à 09:33 By: Nainwalker
the full sequence typed:
ssh -v [EMAIL PROTECTED]
OpenSSH_3.6.1p2 Debian 1:3.6.1p2-11, SSH protocolls 1.5/2.0, OpenSSL 0x0090703f
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Rhosts Authentification disabled, originating port will nobe trusted.
debug1: Connecting to download.gna.org [213.228.62.12] port 22.
debug1: Connection established.
debug1: identity file /home/dux/.ssh/identity type -1
debug1: identity file /home/dux/.ssh/id_rsa type 1
debug1: identity file /home/dux/.ssh/is_dsa type 2
debug1: Remote protocol version 2.0, remote software version OpenSSH_3.4p1
Debian 1:3.4p1-1.woody.3 par OpenSSH*
debug1: match: OpenSSH_3.4p1 Debian 1:3.4p1-1.woody.3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version strinfg SSH-2.0-OpenSSH_3.6.1p2 Debian 1:3.6.1p2-11
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'download.gna.org' is known and matches the RSA host key.
debug1: Found key in /home/dux/.ssh/known_hosts:4
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Trying private key: /home/dux/.ssh/identity
debug1: Offering public key: /home/dux/.ssh/id_rsa
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: Offering public key: /home/dux/.ssh/id_dsa
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: Next authentication method: keyboard-interactive
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: No more authentication methods to try.
Permission denied (publickey,keyboard-interactive).
debug1: Calling cleanup 0x80623b0(0x0)"
Then the ssh_config file:
# $OpenBSD: ssh_config,v 1.16 2002/07/03 14:21:05 markus Exp $
# This is the ssh client system-wide configuration file. See
# ssh_config(5) for more information. This file provides defaults for
# users, and the values can be changed in per-user configuration files
# or on the command line.
# Configuration data is parsed as follows:
# 1. command line options
# 2. user-specific file
# 3. system-wide file
# Any configuration value is only changed the first time it is set.
# Thus, host-specific definitions should be at the beginning of the
# configuration file, and defaults at the end.
# Site-wide defaults for various options
# Host *
# ForwardAgent no
# ForwardX11 no
# RhostsAuthentication no
# RhostsRSAAuthentication no
# RSAAuthentication yes
# PasswordAuthentication yes
# HostbasedAuthentication no
# BatchMode no
# CheckHostIP yes
# StrictHostKeyChecking ask
# IdentityFile ~/.ssh/identity
# IdentityFile ~/.ssh/id_rsa
# IdentityFile ~/.ssh/id_dsa
# Port 22
# Protocol 2,1
# Cipher 3des
# Ciphers
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc
# EscapeChar ~
And the sshd_config:
# Package generated configuration file
# See the sshd(8) manpage for details
# What ports, IPs and protocols we listen for
Port 22
# Use these options to restrict which interfaces/protocols sshd will bind to
#ListenAddress ::
#ListenAddress 0.0.0.0
Protocol 2
# HostKeys for protocol version 2
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_dsa_key
#Privilege Separation is turned on for security
UsePrivilegeSeparation yes
# ...but breaks Pam auth via kbdint, so we have to turn it off
# Use PAM authentication via keyboard-interactive so PAM modules can
# properly interface with the user (off due to PrivSep)
PAMAuthenticationViaKbdInt no
# Lifetime and size of ephemeral version 1 server key
KeyRegenerationInterval 3600
ServerKeyBits 768
# Logging
SyslogFacility AUTH
LogLevel INFO
# Authentication:
LoginGraceTime 600
PermitRootLogin yes
StrictModes yes
RSAAuthentication yes
PubkeyAuthentication yes
#AuthorizedKeysFile %h/.ssh/authorized_keys
# rhosts authentication should not be used
RhostsAuthentication no
# Don't read the user's ~/.rhosts and ~/.shosts files
IgnoreRhosts yes
# For this to work you will also need host keys in /etc/ssh_known_hosts
RhostsRSAAuthentication no
# similar for protocol version 2
HostbasedAuthentication no
# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
#IgnoreUserKnownHosts yes
# To enable empty passwords, change to yes (NOT RECOMMENDED)
PermitEmptyPasswords no
# Change to no to disable s/key passwords
#ChallengeResponseAuthentication yes
# To disable tunneled clear text passwords, change to no here!
PasswordAuthentication yes
# To change Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#AFSTokenPassing no
#KerberosTicketCleanup no
# Kerberos TGT Passing does only work with the AFS kaserver
#KerberosTgtPassing yes
X11Forwarding no
X11DisplayOffset 10
PrintMotd no
PrintLastLog yes
KeepAlive yes
#UseLogin no
#MaxStartups 10:30:60
#Banner /etc/issue.net
#ReverseMappingCheck yes
Subsystem sftp /usr/lib/sftp-server
I hope its gonna be fine.
Thanks
-------------------------------------------------------
Date: sam 07.02.2004 à 13:10 By: yeupou
(sourceforge accept password connection, so it does not tells you if your ssh
key really works)
-------------------------------------------------------
Date: sam 07.02.2004 à 13:10 By: yeupou
Your key is a RSA2, which is ok normally.
Please, copy and paste the output of
ssh -v [EMAIL PROTECTED]
(copy the full sequence, including the command line you typed)
Copy and paste also the content of ~/.ssh/config if existing.
I made a test with a key similar to your, on your account, and it worked.
-------------------------------------------------------
Date: ven 06.02.2004 à 15:50 By: Nainwalker
I tried with sourceforge and its working....
I tried with ssh in console and its the same problem, permission denied
(publickey,keyboard-interactive).
So i don't know maybe i have to configure my ssh its a version 1.5/2.0...?
Thanks for your help
-------------------------------------------------------
Date: ven 06.02.2004 à 13:48 By: yeupou
The key now looks valid, would you like to send the output of
ssh -v [EMAIL PROTECTED]
In your original report, you said, "So i put download.gna.org for the adress on
port 22 and my login and _password_" : you meant ssh passphrase, didn't you?
Are you sure that gftp support passphrase authentication method?
-------------------------------------------------------
Date: ven 06.02.2004 à 09:54 By: Nainwalker
Its the same problem, i change my key also to a rsa key, but nothing!
-------------------------------------------------------
Date: jeu 05.02.2004 à 11:47 By: yeupou
Hello,
Your ssh key is truncated, you need to re-register your ssh key.
Do that, wait for the cronjob to update the system, retry and tell us.
For detailed info, follow this link:
<http://gna.org/task/?func=detailitem&item_id=151>
_______________________________________________
Message sent via/by Gna!
http://gna.org/
