On Sun, Feb 26, 2012 at 6:27 PM, Michael Yang <[email protected]> wrote: >> Yes, I believe so. I verified this by adding/removing my public key to my >> EC2 server's ~/.ssh/authorized_keys and then logging into it via SSH. Then
ok - unfortunately someone's been attacking pyjs.org so i couldn't easily see the IP address ... right, you're logging in from ec2, right? and you've attempted more than 5 times so you've now been banned (i had to install denyhosts to get rid of the attacker). then you logged in, it appears, from a *second* host (verizon.net) and did it _again_! don't do that again! :) if it doesn't work the first time, and nothing's changed, it ain't gonna work the 2nd, 3rd, 4th, 5th or 6th time, is it? the only thing that will achieve is to make you look like an attacker, setting off the intrusion detection. anyway. i've double-checked that the key's added to /var/lib/gitolite/.ssh/authorized_keys - it's definitely there. so you're doing something wrong. did you notice one other difference? debug1: Offering public key: /Users/msyang/.ssh/id_rsa debug1: Server accepts key: pkalg ssh-rsa blen 277 it's a different user: debug1: Offering RSA public key: /home/ubuntu/.ssh/id_rsa that may sound obvious, but it's often the obvious that's overlooked. you _are_ logging in from an account which actually offers the key that you sent me, right? now, i note that you logged in from two different hosts. that means that you should have *two* sets of ssh public-key private-key pairs. those keys should be DIFFERENT. you should NOT have copied the one (identical) key-pair to another machine, ESPECIALLY over the internet and DEFINITELY not to some random host run by an untrustable "cuhluouuuuud" service ESPECIALLY one that's hosted in a country that has such a poor human rights record (viz: the united states). l.
