There is no 2.9.2.
2.9 and below has authorized_keys for RSAv1 and authorized_keys2 for RSAv2 and DSAv2 keys. 2.9.9 supports above, but the perfer method is putting RSAv1, RSAv2, and DSAv2 keys in authorized_keys. - Ben On Sat, 29 Sep 2001, Gonyou, Austin wrote: > What is the OpenSSH sub-version? 2.9.xp2? if it's 2.9.2p2, that should work, > but in the releases for 2.9.9, it states that everything now goes into > authorized_keys, and authorized_keys2 is "read-only". > > -- > Austin Gonyou > Systems Architect, CCNA > Coremetrics, Inc. > Phone: 512-796-9023 > email: [EMAIL PROTECTED] > > > -----Original Message----- > > From: Raj [mailto:[EMAIL PROTECTED]] > > Sent: Thursday, September 27, 2001 3:15 PM > > To: [EMAIL PROTECTED] > > Subject: Re: Can't get public keys to work > > > > > > Try renaming authorized_keys to authorized_keys2 (since > > you're using dsa - > > which is protocol 2). That should work. > > Also, I'm not sure if you're doing this ( I don't see it in > > your explanation, > > but I could have missed it): You need to copy authorized_keys (or > > authorized_keys2) from your local machine over to your remote > > machine and put > > it in the .ssh directory there. > > Cheers! > > > > > > George C Mccone wrote: > > > > > I have been trying to setup public keys for the past week > > with no success. > > > > > > Downloaded OpenSSH_2.9p2 and compiled on SPARC running solaris-2.6 > > > > > > All config files left as default for both client and server. > > > > > > My home account lives on a RAID that is mounted by all > > boxes in our lab. > > > I am trying to setup keys that will allow me to SSH,SCP, or > > SFTP to the > > > other boxes without using a password and have a connection > > that is more > > > secure than rlogin. > > > > > > The following is a terminal dump as I created the keys, > > installed them > > > (into the authorized_keys file) and then tried to ssh into a box. > > > I was not expecting the ssh connection to ask for a > > passphrase (since I > > > left the passphrase NULL when creating the keys) or a password. > > > > > > Script started on Thu Sep 27 18:39:53 200 > > > /home/gmccone/.ssh > > > eisws02% ssh-keygen -t dsa > > > Generating public/private dsa key pair. > > > Enter file in which to save the key (/home/gmccone/.ssh/id_dsa): > > > Enter passphrase (empty for no passphrase): > > > Enter same passphrase again: > > > Your identification has been saved in /home/gmccone/.ssh/id_dsa. > > > Your public key has been saved in /home/gmccone/.ssh/id_dsa.pub. > > > The key fingerprint is: > > > 5a:3b:a3:f2:fd:af:d2:f9:9b:4d:4f:f1:77:4d:f8:13 gmccone@eisws02 > > > eisws02% cat id_dsa.pub >> authorized_keys > > > eisws02% ls -l ~gmccone/.ssh > > > total 10 > > > -rw-r--r-- 1 gmccone mmsops1 605 Sep 27 18:41 > > authorized_keys > > > -rw------- 1 gmccone mmsops1 668 Sep 27 18:40 id_dsa > > > -rw-r--r-- 1 gmccone mmsops1 605 Sep 27 18:40 id_dsa.pub > > > -rw-r--r-- 1 gmccone mmsops1 232 Sep 27 18:28 known_hosts2 > > > -rw------- 1 gmccone mmsops1 1024 Sep 27 18:40 prng_seed > > > eisws02% chmod 700 authorized_keys > > > eisws02% ssh -v -2 eisws01 > > > OpenSSH_2.9p2, SSH protocols 1.5/2.0, OpenSSL 0x0090602f > > > debug1: Reading configuration data /usr/local/etc/ssh_config > > > debug1: Seeded RNG with 28 bytes from programs > > > debug1: Seeded RNG with 3 bytes from system calls > > > debug1: Rhosts Authentication disabled, originating port will not be > > > trusted. > > > debug1: restore_uid > > > debug1: ssh_connect: getuid 1008 geteuid 0 anon 1 > > > debug1: Connecting to eisws01 [198.118.214.91] port 22. > > > debug1: temporarily_use_uid: 1008/6005 (e=0) > > > debug1: restore_uid > > > debug1: temporarily_use_uid: 1008/6005 (e=0) > > > debug1: restore_uid > > > debug1: Connection established. > > > debug1: read PEM private key done: type DSA > > > debug1: read PEM private key done: type RSA > > > debug1: identity file /home/gmccone/.ssh/id_rsa type -1 > > > debug1: identity file /home/gmccone/.ssh/id_dsa type 2 > > > debug1: Remote protocol version 1.99, remote software > > version OpenSSH_2.9p2 > > > debug1: match: OpenSSH_2.9p2 pat ^OpenSSH > > > Enabling compatibility mode for protocol 2.0 > > > debug1: Local version string SSH-2.0-OpenSSH_2.9p2 > > > debug1: SSH2_MSG_KEXINIT sent > > > debug1: SSH2_MSG_KEXINIT received > > > debug1: kex: server->client aes128-cbc hmac-md5 none > > > debug1: kex: client->server aes128-cbc hmac-md5 none > > > debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent > > > debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP > > > debug1: dh_gen_key: priv key bits set: 142/256 > > > debug1: bits set: 1018/2049 > > > debug1: SSH2_MSG_KEX_DH_GEX_INIT sent > > > debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY > > > debug1: Host 'eisws01' is known and matches the RSA host key. > > > debug1: Found key in /home/gmccone/.ssh/known_hosts2:1 > > > debug1: bits set: 999/2049 > > > debug1: ssh_rsa_verify: signature correct > > > debug1: kex_derive_keys > > > debug1: newkeys: mode 1 > > > debug1: SSH2_MSG_NEWKEYS sent > > > debug1: waiting for SSH2_MSG_NEWKEYS > > > debug1: newkeys: mode 0 > > > debug1: SSH2_MSG_NEWKEYS received > > > debug1: done: ssh_kex2. > > > debug1: send SSH2_MSG_SERVICE_REQUEST > > > debug1: service_accept: ssh-userauth > > > debug1: got SSH2_MSG_SERVICE_ACCEPT > > > debug1: authentications that can continue: > > > publickey,password,keyboard-interactive > > > debug1: next auth method to try is publickey > > > debug1: try privkey: /home/gmccone/.ssh/id_rsa > > > debug1: try pubkey: /home/gmccone/.ssh/id_dsa > > > debug1: authentications that can continue: > > > publickey,password,keyboard-interactive > > > debug1: next auth method to try is password > > > gmccone@eisws01's password: > > > > > > > > --------------------------------------------------------------------- > > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
