"AllowGroups wheel users" Did u try adding the user created by you in wheel group?
(ie) /etc/group file On 5/28/06, Eni <[EMAIL PROTECTED]> wrote: > Hi, > > thanks for answering me :) > > My /etc/ssh/sshd_config looks currently like this: > --- > Port 5583 > Protocol 2 > AllowUsers admin user > AddressFamily inet > PasswordAuthentication no > ChallengeResponseAuthentication no > Subsystem sftp /usr/lib/misc/sftp-server > AllowGroups wheel users > LoginGraceTime 20 > PermitEmptyPasswords no > PermitRootLogin no > X11Forwarding no > PrintLastLog yes > HostbasedAuthentication no > -- > > After your email I've set "PubkeyAuthentication yes" to, but it don't > change the problem or the error messages :( > > uhm, that sshd_config is a backup from my old server-system and there > ssh had work very well. > > Greets, > Eni > > Dony Pierre wrote: > > Can you verify if you have set PubkeyAuthentication yes in your > > /etc/ssh/sshd-config on your ssh server. > > > > Regards. > > Pierre. > > > > > > -----Original Message----- > > From: Eni [mailto:[EMAIL PROTECTED] > > Sent: samedi 27 mai 2006 0:49 > > To: [email protected] > > Subject: permission denied (publickey) > > > > Hi, > > > > please, excuse my terrible english, but can anyone help? > > I re-installed my server with Gentoo Linux and after that i get this: > > > > --- > > $ ssh [EMAIL PROTECTED] > > permission denied (publickey). > > --- > > > > /var/log/auth.log says: > > --- > > sshd[8159]: User 'username' from 'domain' not allowed because not listed in > > AllowUsers > > --- > > > > But the user is listed in /etc/ssh/sshd_config at "AllowUsers" for sure! > > > > > > ---debug--- > > > > $ ssh -vv -2 -l [EMAIL PROTECTED] -p 5583 > > OpenSSH_4.3p2, OpenSSL 0.9.7i 14 Oct 2005 > > debug1: Reading configuration data /etc/ssh/ssh_config > > debug2: ssh_connect: needpriv 0 > > debug1: Connecting to 'IP' ['IP'] port 5583. > > debug1: Connection established. > > debug1: identity file /home/'localuser'/.ssh/id_rsa type -1 > > debug1: identity file /home/'localuser'/.ssh/id_dsa type -1 > > debug1: Remote protocol version 2.0, remote software version OpenSSH_4.3 > > debug1: match: OpenSSH_4.3 pat OpenSSH* > > debug1: Enabling compatibility mode for protocol 2.0 > > debug1: Local version string SSH-2.0-OpenSSH_4.3 > > debug2: fd 3 setting O_NONBLOCK > > debug1: SSH2_MSG_KEXINIT sent > > debug1: SSH2_MSG_KEXINIT received > > debug2: kex_parse_kexinit: > > diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 > > debug2: kex_parse_kexinit: ssh-rsa,ssh-dss > > debug2: kex_parse_kexinit: > > aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,[EMAIL > > PROTECTED],aes128-ctr,aes192-ctr,aes256-ctr > > debug2: kex_parse_kexinit: > > aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,[EMAIL > > PROTECTED],aes128-ctr,aes192-ctr,aes256-ctr > > debug2: kex_parse_kexinit: > > hmac-md5,hmac-sha1,hmac-ripemd160,[EMAIL PROTECTED],hmac-sha1-96,hmac-md5-96 > > debug2: kex_parse_kexinit: > > hmac-md5,hmac-sha1,hmac-ripemd160,[EMAIL PROTECTED],hmac-sha1-96,hmac-md5-96 > > debug2: kex_parse_kexinit: none,[EMAIL PROTECTED],zlib > > debug2: kex_parse_kexinit: none,[EMAIL PROTECTED],zlib > > debug2: kex_parse_kexinit: > > debug2: kex_parse_kexinit: > > debug2: kex_parse_kexinit: first_kex_follows 0 > > debug2: kex_parse_kexinit: reserved 0 > > debug2: kex_parse_kexinit: > > diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 > > debug2: kex_parse_kexinit: ssh-rsa,ssh-dss > > debug2: kex_parse_kexinit: > > aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,[EMAIL > > PROTECTED],aes128-ctr,aes192-ctr,aes256-ctr > > debug2: kex_parse_kexinit: > > aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,[EMAIL > > PROTECTED],aes128-ctr,aes192-ctr,aes256-ctr > > debug2: kex_parse_kexinit: > > hmac-md5,hmac-sha1,hmac-ripemd160,[EMAIL PROTECTED],hmac-sha1-96,hmac-md5-96 > > debug2: kex_parse_kexinit: > > hmac-md5,hmac-sha1,hmac-ripemd160,[EMAIL PROTECTED],hmac-sha1-96,hmac-md5-96 > > debug2: kex_parse_kexinit: none,[EMAIL PROTECTED] > > debug2: kex_parse_kexinit: none,[EMAIL PROTECTED] > > debug2: kex_parse_kexinit: > > debug2: kex_parse_kexinit: > > debug2: kex_parse_kexinit: first_kex_follows 0 > > debug2: kex_parse_kexinit: reserved 0 > > debug2: mac_init: found hmac-md5 > > debug1: kex: server->client aes128-cbc hmac-md5 none > > debug2: mac_init: found hmac-md5 > > debug1: kex: client->server aes128-cbc hmac-md5 none > > debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent > > debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP > > debug2: dh_gen_key: priv key bits set: 144/256 > > debug2: bits set: 482/1024 > > debug1: SSH2_MSG_KEX_DH_GEX_INIT sent > > debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY > > debug1: Host 'IP' is known and matches the RSA host key. > > debug1: Found key in /home/localuser/.ssh/known_hosts:3 > > debug2: bits set: 502/1024 > > debug1: ssh_rsa_verify: signature correct > > debug2: kex_derive_keys > > debug2: set_newkeys: mode 1 > > debug1: SSH2_MSG_NEWKEYS sent > > debug1: expecting SSH2_MSG_NEWKEYS > > debug2: set_newkeys: mode 0 > > debug1: SSH2_MSG_NEWKEYS received > > debug1: SSH2_MSG_SERVICE_REQUEST sent > > debug2: service_accept: ssh-userauth > > debug1: SSH2_MSG_SERVICE_ACCEPT received > > debug2: key: /home/localuser/.ssh/id_rsa ((nil)) > > debug2: key: /home/localuser/.ssh/id_dsa ((nil)) > > debug1: Authentications that can continue: publickey > > debug1: Next authentication method: publickey > > debug1: Trying private key: /home/localuser/.ssh/id_rsa > > debug1: Trying private key: /home/localuser/.ssh/id_dsa > > debug2: we did not send a packet, disable method > > debug1: No more authentication methods to try. > > Permission denied (publickey). > > > > ---debug end--- > > > > I generated the Keys with: > > --- > > "ssh-keygen -b 2048 -t rsa -f ${HOME}/.ssh/user_server" > > --- > > > > Then copied it to the remote server to > > /home/user/.ssh/authorized_keys > > and set chmod 600 to authorized_keys. > > > > I can't find the problem, please help. > > > > Thanks in advance, > > Eni (Denise Paschen) > > > > -- > > <<< Gentoo Linux | Fluxbox >>> > > _ _ > > ( )_( ) Sorry, I'm Late. > > (° °) But I Got Lost On The Road Of Life. > > >°< http://www.gothic-family.net/eni > > > > > > > > ----------------------------------------- > > Visit our website! http://www.nbb.be > > > > "DISCLAIMER: The content of this e-mail message should not be > > construed as binding on the part of the National Bank of Belgium > > (NBB) unless otherwise and previously stated. The opinions > > expressed in this message are solely those of the author and do not > > necessarily reflect NBB viewpoints, particularly when the content > > of this message, or part thereof, is private by nature or does not > > fall within the professional scope of its author." > > > > > > > -- > <<< Gentoo Linux | Fluxbox >>> > _ _ > ( )_( ) Sorry, I'm Late. > (° °) But I Got Lost On The Road Of Life. > >°< http://www.gothic-family.net/eni > > >
