We are trying to get the publickey authentication to work between an AIX (4.3.3) host and OpenBSD (2.9) host. We can successfully connect using password authentication so the network connections seems to be ok. I think I have the correct files set up in the $HOME/.ssh directory on the AIX host and the OpenBSD host.
AIX host: -rw-r--r-- 1 xyzxyz system 1081 Oct 25 12:37 config -rw------- 1 xyzxyz system 736 Oct 19 13:40 id_dsa -rw-r--r-- 1 xyzxyz system 625 Oct 19 13:40 id_dsa.pub -rw------- 1 xyzxyz system 951 Oct 19 13:40 id_rsa -rw-r--r-- 1 xyzxyz system 245 Oct 19 13:40 id_rsa.pub -rw------- 1 xyzxyz system 550 Oct 19 13:39 identity -rw-r--r-- 1 xyzxyz system 354 Oct 19 13:39 identity.pub -rw-r--r-- 1 xyzxyz system 627 Oct 19 09:21 known_hosts -rw-r--r-- 1 xyzxyz system 1351 Oct 19 13:41 ssh_keygen_output OpenBSD host: -rw-r----- 1 xyzxyz xyzxyz 870 Oct 25 09:12 authorized_keys -rw-r----- 1 xyzxyz xyzxyz 870 Oct 25 10:56 authorized_keys2 -rw-r----- 1 xyzxyz xyzxyz 625 Oct 19 15:02 id_dsa.pub -rw-r----- 1 xyzxyz xyzxyz 245 Oct 19 15:02 id_rsa.pub Non-comment lines from AIX 'config' file: IdentityFile ~/.ssh/id_dsa IdentityFile ~/.ssh/id_rsa When I run 'ssh -vvv user@host', I get the output below. I have done a search on the 'No RSA1 key' and found a suggestion to copy the public key files from the AIX host to the BSD host and run ssh-keygen specifying the public key file as input to create authorized_keys2. When I do that, I get 'uudecode failed'. I have run out of stuff to try. Anybody got any ideas? TIA OpenSSH_2.9.9p2, SSH protocols 1.5/2.0, OpenSSL 0x0090602f debug1: Reading configuration data /opt/gnu/etc/ssh_config debug1: Reading configuration data /home/xyzxyz/.ssh/config debug1: Seeding random number generator debug1: Rhosts Authentication disabled, originating port will not be trusted. debug1: restore_uid debug1: ssh_connect: getuid 7 geteuid 0 anon 1 debug1: Connecting to mhmrssh.mhmr.state.tx.us [163.126.64.7] port 22. debug1: temporarily_use_uid: 7/0 (e=0) debug1: restore_uid debug1: temporarily_use_uid: 7/0 (e=0) debug1: restore_uid debug1: Connection established. debug1: read PEM private key done: type DSA debug1: read PEM private key done: type RSA debug3: No RSA1 key file /home/xyzxyz/.ssh/id_dsa. debug2: key_type_from_name: unknown key type '-----BEGIN' debug3: key_read: no key found debug2: key_type_from_name: unknown key type 'Proc-Type:' debug3: key_read: no key found debug2: key_type_from_name: unknown key type 'DEK-Info:' debug3: key_read: no key found debug3: key_read: no space debug3: key_read: no space debug3: key_read: no space debug3: key_read: no space debug3: key_read: no space debug3: key_read: no space debug3: key_read: no space debug3: key_read: no space debug3: key_read: no space debug3: key_read: no space debug2: key_type_from_name: unknown key type '-----END' debug3: key_read: no key found debug1: identity file /home/xyzxyz/.ssh/id_dsa type 2 debug3: No RSA1 key file /home/xyzxyz/.ssh/id_rsa. debug2: key_type_from_name: unknown key type '-----BEGIN' debug3: key_read: no key found debug2: key_type_from_name: unknown key type 'Proc-Type:' debug3: key_read: no key found debug2: key_type_from_name: unknown key type 'DEK-Info:' debug3: key_read: no key found debug3: key_read: no space debug3: key_read: no space debug3: key_read: no space debug3: key_read: no space debug3: key_read: no space debug3: key_read: no space debug3: key_read: no space debug3: key_read: no space debug3: key_read: no space debug3: key_read: no space debug3: key_read: no space debug3: key_read: no space debug3: key_read: no space debug2: key_type_from_name: unknown key type '-----END' debug3: key_read: no key found debug1: identity file /home/xyzxyz/.ssh/id_rsa type 1 debug1: Remote protocol version 2.0, remote software version 3.0.1 SSH Secure Shell (non-commercial) debug1: match: 3.0.1 SSH Secure Shell (non-commercial) pat ^3\.0\. Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_2.9.9p2 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: ssh-rsa,ssh-dss debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,r ijndael128-cbc,rijndael192-cbc,rijndael 256-cbc,[EMAIL PROTECTED] debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,r ijndael128-cbc,rijndael192-cbc,rijndael 256-cbc,[EMAIL PROTECTED] debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,[EMAIL PROTECTED],hmac-sha1-96,hm ac-md5-96 debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,[EMAIL PROTECTED],hmac-sha1-96,hm ac-md5-96 debug2: kex_parse_kexinit: none debug2: kex_parse_kexinit: none debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: kex_parse_kexinit: diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: ssh-dss debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,twofish128-cbc,twofish-cbc,arcfour,cast128- cbc,aes192-cbc,aes256-cbc,twofish192-cb c,twofish256-cbc debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,twofish128-cbc,twofish-cbc,arcfour,cast128- cbc,aes192-cbc,aes256-cbc,twofish192-cb c,twofish256-cbc debug2: kex_parse_kexinit: hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96,none debug2: kex_parse_kexinit: hmac-sha1,hmac-sha1-96,hmac-md5,hmac-md5-96,none debug2: kex_parse_kexinit: none,zlib debug2: kex_parse_kexinit: none,zlib debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: mac_init: found hmac-md5 debug1: kex: server->client aes128-cbc hmac-md5 none debug2: mac_init: found hmac-md5 debug1: kex: client->server aes128-cbc hmac-md5 none debug1: dh_gen_key: priv key bits set: 129/256 debug1: bits set: 512/1024 debug1: sending SSH2_MSG_KEXDH_INIT debug1: expecting SSH2_MSG_KEXDH_REPLY debug3: check_host_in_hostfile: filename /home/xyzxyz/.ssh/known_hosts debug3: check_host_in_hostfile: match line 1 debug3: check_host_in_hostfile: filename /home/xyzxyz/.ssh/known_hosts debug3: check_host_in_hostfile: match line 1 debug1: Host 'mhmrssh.mhmr.state.tx.us' is known and matches the DSA host key. debug1: Found key in /home/xyzxyz/.ssh/known_hosts:1 debug1: bits set: 521/1024 debug1: ssh_dss_verify: signature correct debug1: kex_derive_keys debug1: newkeys: mode 1 debug1: SSH2_MSG_NEWKEYS sent debug1: waiting for SSH2_MSG_NEWKEYS debug1: newkeys: mode 0 debug1: SSH2_MSG_NEWKEYS received debug1: done: ssh_kex2. debug1: send SSH2_MSG_SERVICE_REQUEST debug1: service_accept: ssh-userauth debug1: got SSH2_MSG_SERVICE_ACCEPT debug1: authentications that can continue: publickey,password debug3: start over, passed a different list publickey,password debug3: preferred publickey,keyboard-interactive,password debug3: authmethod_lookup publickey debug3: remaining preferred: keyboard-interactive,password debug3: authmethod_is_enabled publickey debug1: next auth method to try is publickey debug1: try pubkey: /home/xyzxyz/.ssh/id_dsa debug3: send_pubkey_test debug2: we sent a publickey packet, wait for reply debug1: authentications that can continue: publickey,password debug1: try pubkey: /home/xyzxyz/.ssh/id_rsa debug3: send_pubkey_test debug2: we sent a publickey packet, wait for reply debug1: authentications that can continue: publickey,password debug2: we did not send a packet, disable method debug3: authmethod_lookup password debug3: remaining preferred: ,password debug3: authmethod_is_enabled password debug1: next auth method to try is password debug2: packet_inject_ignore: current 66 debug2: packet_inject_ignore: block 16 have 5 nb 4 mini 1 need 3 debug2: we sent a password packet, wait for reply debug1: ssh-userauth2 successful: method password ==================================================== Kent Wick, TxMHMR, Unix/Network Systems Programmer Email: [EMAIL PROTECTED] Phone: (512) 206-5931 Fax: (512) 206-4838 Snail mail: PO Box 12668, Austin, Tx 78711-2668 --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
