[SOLVED ]Re: Issues with SSH pubkey authentication at remote server

Hi, to...@tuxteam.de: > On Wed, Sep 28, 2016 at 08:36:00AM +, Stephan Beck wrote: >> Hi Lars, > >> Lars Noodén: >>> On 09/27/2016 06:07 PM, Stephan Beck wrote: Lars Noodén: > On 09/27/2016 02:02 PM, Stephan Beck wrote: > Can you tell more about how your login session is started?

Re: Issues with SSH pubkey authentication at remote server

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wed, Sep 28, 2016 at 08:36:00AM +, Stephan Beck wrote: > Hi Lars, > > Lars Noodén: > > On 09/27/2016 06:07 PM, Stephan Beck wrote: > >> Lars Noodén: > >>> On 09/27/2016 02:02 PM, Stephan Beck wrote: > >>> Can you tell more about how your login

Re: Issues with SSH pubkey authentication at remote server

Hi Lars, Lars Noodén: > On 09/27/2016 06:07 PM, Stephan Beck wrote: >> Lars Noodén: >>> On 09/27/2016 02:02 PM, Stephan Beck wrote: >>> Can you tell more about how your login session is started? >> >> I connect to the "local ssh account" by ssh from my other user account. > [...] > You need a

Re: Issues with SSH pubkey authentication at remote server

On 09/27/2016 06:07 PM, Stephan Beck wrote: > Lars Noodén: >> On 09/27/2016 02:02 PM, Stephan Beck wrote: >> Can you tell more about how your login session is started? > > I connect to the "local ssh account" by ssh from my other user account. Ok. Now I see the arrangement. You are missing a

Re: Issues with SSH pubkey authentication at remote server

Hi Lars, Lars Noodén: > On 09/27/2016 02:02 PM, Stephan Beck wrote: >> Hi Lars, >> >> Lars Noodén: >>> On 09/26/2016 05:46 PM, Stephan Beck wrote: [sorry for trimming] >> I've tried again and detected the following: >> No agent is started when I login to the "local ssh user account". > > It is

Re: Issues with SSH pubkey authentication at remote server

On 09/27/2016 02:02 PM, Stephan Beck wrote: > Hi Lars, > > Lars Noodén: >> On 09/26/2016 05:46 PM, Stephan Beck wrote: >>> ... it might >>> not be necessary to fire it up with eval $(ssh-agent). >>> Thanks for the command, makes it more easy. >> >> No problem. If you want to see which keys are

Re: Issues with SSH pubkey authentication at remote server

Hi Lars, Lars Noodén: > On 09/26/2016 05:46 PM, Stephan Beck wrote: >> ... it might >> not be necessary to fire it up with eval $(ssh-agent). >> Thanks for the command, makes it more easy. > > No problem. If you want to see which keys are available to ssh, you can > use ssh-add for that: > >

OpenSSH security update? was Re: Issues with SSH pubkey authentication at remote server

Hi, [UPDATE] Stephan Beck: > Hi Mark, > > Mark Fletcher: >> On Mon, Sep 26, 2016 at 02:52:00PM +, Stephan Beck wrote: >>> Hi Lisi, >> >>> If you look at the second line of the terminal output I reproduced, you >>> find that the openssl component in use within the package openssh Debian >>>

Re: Issues with SSH pubkey authentication at remote server

Hi Dan, Dan Purgert: > Stephan Beck wrote: >> Dan Purgert: >>> Mark Fletcher wrote: If I'm reading the above right, it looks like the server is offering an rsa key to authenticate itself, but won't accept rsa to authenticate the client. Which is a bit cheeky. >>> You may need

Re: Issues with SSH pubkey authentication at remote server

Hi Mark, Mark Fletcher: > On Mon, Sep 26, 2016 at 02:52:00PM +, Stephan Beck wrote: >> Hi Lisi, > >> If you look at the second line of the terminal output I reproduced, you >> find that the openssl component in use within the package openssh Debian >> Jessie is one step behind. "Standalone"

Re: Issues with SSH pubkey authentication at remote server

On Mon, Sep 26, 2016 at 02:52:00PM +, Stephan Beck wrote: > Hi Lisi, > If you look at the second line of the terminal output I reproduced, you > find that the openssl component in use within the package openssh Debian > Jessie is one step behind. "Standalone" OpenSSL package is now at >

Re: Issues with SSH pubkey authentication at remote server

Hi Lars, Lars Noodén: [...] > ssh-add -L > > It has to be run in the same shell as you would then run ssh. > > That will list the public key matching the private key which has > actually been loaded into the available agent. But that availability > might be the issue here, as with the

Re: Issues with SSH pubkey authentication at remote server

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Stephan Beck wrote: > Dan Purgert: >> Mark Fletcher wrote: >>> If I'm reading the above right, it looks like the server is offering an >>> rsa key to authenticate itself, but won't accept rsa to authenticate the >>> client. Which is a bit cheeky. >>

Re: Issues with SSH pubkey authentication at remote server

On 09/26/2016 05:46 PM, Stephan Beck wrote: > ... it might > not be necessary to fire it up with eval $(ssh-agent). > Thanks for the command, makes it more easy. No problem. If you want to see which keys are available to ssh, you can use ssh-add for that: ssh-add -L It has to be run in

Re: Issues with SSH pubkey authentication at remote server

Hi Mark, Mark Fletcher: > On Mon, 26 Sep 2016 at 19:22, Stephan Beck wrote: > >> If I'm reading the above right, it looks like the server is offering an > rsa key to authenticate itself, but won't accept rsa to authenticate the > client. Which is a bit cheeky. > >

Re: Issues with SSH pubkey authentication at remote server

Hi Lisi, Lisi Reisz: > On Monday 26 September 2016 12:48:00 Stephan Beck wrote: >> Well, I better rephrase because that was a bit misleading! >> >> I pray for the OpenSSH package being patched >> soon in Jessie with respect to its OpenSSL component! > > Could you explain why "openssl

Re: Issues with SSH pubkey authentication at remote server

Hi Lars, Lars Noodén: > On 09/26/2016 01:18 PM, Stephan Beck wrote: >> ... >> Before establishing connection for the first time I did >> >> eval $(ssh-agent) >> PID >> ssh-add ~/.ssh/id_rsa >> >> But it seems that the ssh-agent does not really authenticates to the >> remote server and as a

Re: Issues with SSH pubkey authentication at remote server

Hi, Dan Purgert: > Mark Fletcher wrote: >> If I'm reading the above right, it looks like the server is offering an >> rsa key to authenticate itself, but won't accept rsa to authenticate the >> client. Which is a bit cheeky. > >> You may need a key created with a stronger method, such as ecdsa

Re: Issues with SSH pubkey authentication at remote server

On Monday 26 September 2016 12:48:00 Stephan Beck wrote: > Well, I better rephrase because that was a bit misleading! > > I pray for the OpenSSH package being patched > soon in Jessie with respect to its OpenSSL component! Could you explain why "openssl regression update" is not at least

Re: Issues with SSH pubkey authentication at remote server

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Mark Fletcher wrote: > If I'm reading the above right, it looks like the server is offering an > rsa key to authenticate itself, but won't accept rsa to authenticate the > client. Which is a bit cheeky. > > You may need a key created with a stronger

Re: Issues with SSH pubkey authentication at remote server

On 09/26/2016 01:18 PM, Stephan Beck wrote: > ... > Before establishing connection for the first time I did > > eval $(ssh-agent) > PID > ssh-add ~/.ssh/id_rsa > > But it seems that the ssh-agent does not really authenticates to the > remote server and as a fallback password auth is

Re: Issues with SSH pubkey authentication at remote server

Well, I better rephrase because that was a bit misleading! I pray for the OpenSSH package being patched soon in Jessie with respect to its OpenSSL component! Lisi Reisz: > On Monday 26 September 2016 11:18:00 Stephan Beck wrote: > [snip] >> NOTE: I pray for the OpenSSL version OpenSSH ships

Re: Issues with SSH pubkey authentication at remote server

On Monday 26 September 2016 11:18:00 Stephan Beck wrote: [snip] > NOTE: I pray for the OpenSSL version OpenSSH ships with being patched > soon in Jessie! Is this what you are meaning? https://lists.debian.org/msgid-search/e1bnwuv-000727...@master.debian.org Lisi

Re: Issues with SSH pubkey authentication at remote server

On Mon, 26 Sep 2016 at 19:22, Stephan Beck wrote: > Hi, > > I have successfully uploaded my SSH public key to the authorized_keys > file in ~/.ssh on the remote server using ssh-copy-id. I connected using > password authentication to check whether it really is the