Re: gets "failed password" when scripts are ssh'ing into server, but when I manually ssh in it works fine???

[Venky Shankar]

script please.

Greg Hauptmann wrote:
> Hi guys,
>
> I'm stuck on this.   I can ssh my target prod server (call it server
> A), and from there ssh into my repo server (say server B) fine.   When
> I run some scripts that are accessing server B from server A via ssh
> however they get a a "failed password".  Any ideas?  What is the
> difference from server B's perspective how the ssh connection is being
> established?  Here's a tail of the secure.log from Server B for both
> cases.
>
> ---------- server B log when "manually ssh'ing in " -------------------
> Feb  6 15:23:18 Macintosh-2 com.apple.SecurityServer[21]: checkpw()
> succeeded, creating credential for user greg
> Feb  6 15:23:18 Macintosh-2 com.apple.SecurityServer[21]: checkpw()
> succeeded, creating shared credential for user greg
> Feb  6 15:23:18 Macintosh-2 com.apple.SecurityServer[21]: Succeeded
> authorizing right system.login.tty by client /usr/sbin/sshd for
> authorization created by /usr/sbin/sshd.
> Feb  6 15:23:18 Macintosh-2 sshd[2372]: Accepted
> keyboard-interactive/pam for greg from 10.1.1.1 port 49636 ssh2
>
> --------- server B log when scripts are trying to access ------------
> Feb  6 15:23:53 Macintosh-2 sshd[2414]: error: PAM: Authentication
> failure for greg from home.gregsdomainname.org
> Feb  6 15:23:53: --- last message repeated 2 times ---
> Feb  6 15:23:53 Macintosh-2 sshd[2414]: Failed password for greg from
> 10.1.1.1 port 50366 ssh2
>
> Not sure if it's significant, however I acutally trigger the scripts
> running on Server A from Server B itself.  Hence end-to-end it is:
>
>   Server A (run capistrano init) ==ssh==> Sever B (run scripts)
> ====ssh===>Server A
>
> Server B ssh config  (/etc/ssh_config)
> =========================
> Macintosh-2:etc greg$ cat /etc/ssh_config
> # Host *
> #   ForwardAgent no
> #   ForwardX11 no
> #   RhostsRSAAuthentication no
> #   RSAAuthentication yes
> PasswordAuthentication yes
> #   HostbasedAuthentication no
> #   GSSAPIAuthentication yes
> #   GSSAPIDelegateCredentials no
> #   GSSAPIKeyExchange yes
> #   GSSAPITrustDNS no
> #   BatchMode no
> #   CheckHostIP yes
> #   AddressFamily any
> #   ConnectTimeout 0
> #   StrictHostKeyChecking ask
> #   IdentityFile ~/.ssh/identity
> #   IdentityFile ~/.ssh/id_rsa
> #   IdentityFile ~/.ssh/id_dsa
> #   Port 22
> #   Protocol 2,1
> #   Cipher 3des
> #   Ciphers 
> aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc
> #   EscapeChar ~
> #   Tunnel no
> #   TunnelDevice any:any
> #   PermitLocalCommand no
>
>
>
>
> Thanks
>
>