-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi,

I've gone through and compared your ssh debug info with mine.

It looks like your '/etc/ssh/ssh_config' is different than
mine. I added the following to the end of the file when I built
vcl:

> IdentityFile /opt/vcl/etc/vcl/vcl.key
> StrictHostKeyChecking no


I think this reflects the problem. You get:
> debug1: SSH2_MSG_SERVICE_ACCEPT received
> debug2: key: /root/.ssh/identity ((nil))
> debug2: key: /root/.ssh/id_rsa ((nil))
> debug2: key: /root/.ssh/id_dsa ((nil))
> debug1: Authentications that can continue: publickey,keyboard-interactive

I get
> debug1: SSH2_MSG_SERVICE_ACCEPT received
> debug2: key: /opt/vcl/etc/vcl/vcl.key (0x2ad12fbccc30)
> debug1: Authentications that can continue: publickey,keyboard-interactive


Also, where you get
> Warning: Permanently added '144.38.205.252' (RSA) to the list of known

I get
> debug1: Host 'vclvm010511' is known and matches the RSA host key.
> debug1: Found key in /root/.ssh/known_hosts:856


Here's where it really diverges. You have
> debug1: Next authentication method: publickey
> debug1: Trying private key: /root/.ssh/identity
> debug3: no such identity: /root/.ssh/identity
> debug1: Trying private key: /root/.ssh/id_rsa
> debug3: no such identity: /root/.ssh/id_rsa
> debug1: Trying private key: /root/.ssh/id_dsa
> debug3: no such identity: /root/.ssh/id_dsa
> debug2: we did not send a packet, disable method
> debug3: authmethod_lookup keyboard-interactive
> debug3: remaining preferred: password
> debug3: authmethod_is_enabled keyboard-interactive
> debug1: Next authentication method: keyboard-interactive
> debug2: userauth_kbdint
> debug2: we sent a keyboard-interactive packet, wait for reply
> debug1: Authentications that can continue: publickey,keyboard-interactive
> debug3: userauth_kbdint: disable: no info_req_seen
> debug2: we did not send a packet, disable method
> debug1: No more authentication methods to try.

I have
> debug1: Next authentication method: publickey
> debug1: Offering public key: /opt/vcl/etc/vcl/vcl.key
> debug3: send_pubkey_test
> debug2: we sent a publickey packet, wait for reply
> debug1: Server accepts key: pkalg ssh-rsa blen 149



Hope this helps,

__Jim




On 3/8/2011 12:22 PM, Tyler Hardesty wrote:
> This is what I get when I do ssh -vvv.... it says connection established
> towards the beginning but I can't make heads or tails of the rest of
> it... P.S. I started over with cygwin on the vm (deleted and
> reinstalled) but still get the same warning message that vm2 isn't
> responding to ssh when I do a vcld -setup.
> 
> output:
> [root@vcl ~]# ssh -vvv 144.38.205.252
> OpenSSH_4.3p2, OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008
> debug1: Reading configuration data /root/.ssh/config
> debug1: Reading configuration data /etc/ssh/ssh_config
> debug1: Applying options for *
> debug2: ssh_connect: needpriv 0
> debug1: Connecting to 144.38.205.252 [144.38.205.252] port 22.
> debug1: Connection established.
> debug1: permanently_set_uid: 0/0
> debug1: identity file /root/.ssh/identity type -1
> debug1: identity file /root/.ssh/id_rsa type -1
> debug1: identity file /root/.ssh/id_dsa type -1
> debug1: loaded 3 keys
> debug1: Remote protocol version 2.0, remote software version OpenSSH_5.1
> debug1: match: OpenSSH_5.1 pat OpenSSH*
> debug1: Enabling compatibility mode for protocol 2.0
> debug1: Local version string SSH-2.0-OpenSSH_4.3
> debug2: fd 3 setting O_NONBLOCK
> debug1: SSH2_MSG_KEXINIT sent
> debug1: SSH2_MSG_KEXINIT received
> debug2: kex_parse_kexinit:
> diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
> debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
> debug2: kex_parse_kexinit:
> aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-...@lysator.liu.se
> <mailto:rijndael-...@lysator.liu.se>,aes128-ctr,aes192-ctr,aes256-ctr
> debug2: kex_parse_kexinit:
> aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-...@lysator.liu.se
> <mailto:rijndael-...@lysator.liu.se>,aes128-ctr,aes192-ctr,aes256-ctr
> debug2: kex_parse_kexinit:
> hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd...@openssh.com
> <mailto:hmac-ripemd...@openssh.com>,hmac-sha1-96,hmac-md5-96
> debug2: kex_parse_kexinit:
> hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd...@openssh.com
> <mailto:hmac-ripemd...@openssh.com>,hmac-sha1-96,hmac-md5-96
> debug2: kex_parse_kexinit: none,z...@openssh.com
> <mailto:z...@openssh.com>,zlib
> debug2: kex_parse_kexinit: none,z...@openssh.com
> <mailto:z...@openssh.com>,zlib
> debug2: kex_parse_kexinit:
> debug2: kex_parse_kexinit:
> debug2: kex_parse_kexinit: first_kex_follows 0
> debug2: kex_parse_kexinit: reserved 0
> debug2: kex_parse_kexinit:
> diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
> debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
> debug2: kex_parse_kexinit:
> aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-...@lysator.liu.se
> <mailto:rijndael-...@lysator.liu.se>,aes128-ctr,aes192-ctr,aes256-ctr
> debug2: kex_parse_kexinit:
> aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-...@lysator.liu.se
> <mailto:rijndael-...@lysator.liu.se>,aes128-ctr,aes192-ctr,aes256-ctr
> debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac...@openssh.com
> <mailto:umac...@openssh.com>,hmac-ripemd160,hmac-ripemd...@openssh.com
> <mailto:hmac-ripemd...@openssh.com>,hmac-sha1-96,hmac-md5-96
> debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac...@openssh.com
> <mailto:umac...@openssh.com>,hmac-ripemd160,hmac-ripemd...@openssh.com
> <mailto:hmac-ripemd...@openssh.com>,hmac-sha1-96,hmac-md5-96
> debug2: kex_parse_kexinit: none
> debug2: kex_parse_kexinit: none
> debug2: kex_parse_kexinit:
> debug2: kex_parse_kexinit:
> debug2: kex_parse_kexinit: first_kex_follows 0
> debug2: kex_parse_kexinit: reserved 0
> debug2: mac_init: found hmac-md5
> debug1: kex: server->client aes128-cbc hmac-md5 none
> debug2: mac_init: found hmac-md5
> debug1: kex: client->server aes128-cbc hmac-md5 none
> debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
> debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
> debug2: dh_gen_key: priv key bits set: 124/256
> debug2: bits set: 497/1024
> debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
> debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
> debug3: check_host_in_hostfile: filename /dev/null
> debug3: check_host_in_hostfile: filename /etc/ssh/ssh_known_hosts
> Warning: Permanently added '144.38.205.252' (RSA) to the list of known
> hosts.
> debug2: bits set: 502/1024
> debug1: ssh_rsa_verify: signature correct
> debug2: kex_derive_keys
> debug2: set_newkeys: mode 1
> debug1: SSH2_MSG_NEWKEYS sent
> debug1: expecting SSH2_MSG_NEWKEYS
> debug2: set_newkeys: mode 0
> debug1: SSH2_MSG_NEWKEYS received
> debug1: SSH2_MSG_SERVICE_REQUEST sent
> debug2: service_accept: ssh-userauth
> debug1: SSH2_MSG_SERVICE_ACCEPT received
> debug2: key: /root/.ssh/identity ((nil))
> debug2: key: /root/.ssh/id_rsa ((nil))
> debug2: key: /root/.ssh/id_dsa ((nil))
> debug1: Authentications that can continue: publickey,keyboard-interactive
> debug3: start over, passed a different list publickey,keyboard-interactive
> debug3: preferred gssapi-with-mic,publickey,keyboard-interactive,password
> debug3: authmethod_lookup publickey
> debug3: remaining preferred: keyboard-interactive,password
> debug3: authmethod_is_enabled publickey
> debug1: Next authentication method: publickey
> debug1: Trying private key: /root/.ssh/identity
> debug3: no such identity: /root/.ssh/identity
> debug1: Trying private key: /root/.ssh/id_rsa
> debug3: no such identity: /root/.ssh/id_rsa
> debug1: Trying private key: /root/.ssh/id_dsa
> debug3: no such identity: /root/.ssh/id_dsa
> debug2: we did not send a packet, disable method
> debug3: authmethod_lookup keyboard-interactive
> debug3: remaining preferred: password
> debug3: authmethod_is_enabled keyboard-interactive
> debug1: Next authentication method: keyboard-interactive
> debug2: userauth_kbdint
> debug2: we sent a keyboard-interactive packet, wait for reply
> debug1: Authentications that can continue: publickey,keyboard-interactive
> debug3: userauth_kbdint: disable: no info_req_seen
> debug2: we did not send a packet, disable method
> debug1: No more authentication methods to try.
> Permission denied (publickey,keyboard-interactive).
> 
> 
> On Mon, Mar 7, 2011 at 5:55 PM, James O'Dell <jod...@fullerton.edu
> <mailto:jod...@fullerton.edu>> wrote:
> 
> It really looks like your keys are incorrect.
> 
> try "ssh -vvv XXX.XXX.XXX.XXX", ssh will output debugging messages,
> and you should be able to see why you're getting permission denied
> 
> __Jim
> 
> On 3/7/2011 4:48 PM, Tyler Hardesty wrote:
>> Sorry, additional info---
>> when I do:
>> [root@vcl ~]# ssh -o CheckHostIP=no -o StrictHostKeyChecking=no -o
>> BatchMode=no -i /etc/vcl/vcl.key xxx.xx.xxx.xxx
> 
>> It ssh's into the machine just fine.
> 
>> On Mon, Mar 7, 2011 at 5:41 PM, Tyler Hardesty
> <tharde...@gmail.com <mailto:tharde...@gmail.com>
>> <mailto:tharde...@gmail.com <mailto:tharde...@gmail.com>>> wrote:
> 
>>     I've been trying to search through the mail archive but haven't
>>     found a solution to my problem... sorry if this was already
> covered
>>     and I just didn't find it...
>>     I'm trying to capture an image of a win xp vm and I get this error
>>     in the log file:
>>     |16224|3:3|image| ---- WARNING ----
>>     |16224|3:3|image| 2011-03-07
>>     17:18:36|16224|3:3|image|VMware.pm:capture(462)|unable to capture
>>     image, VM vm2 is not responding to SSH
>>     |16224|3:3|image| ( 0) VMware.pm, capture (line: 462)
>>     |16224|3:3|image| (-1) image.pm <http://image.pm>
> <http://image.pm>, process (line: 165)
>>     |16224|3:3|image| (-2) vcld, make_new_child (line: 568)
>>     |16224|3:3|image| (-3) vcld, main (line: 346)
>>     |16224|3:3|image| ---- WARNING ----
>>     |16224|3:3|image| 2011-03-07
> 
> 17:18:36|16224|3:3|image|image.pm:process(169)|vmwarewinxp-windowsxp7-v0
>>     image failed to be captured by provisioning module
>>     |16224|3:3|image| ( 0) image.pm <http://image.pm>
> <http://image.pm>, process (line: 169)
>>     |16224|3:3|image| (-1) vcld, make_new_child (line: 568)
>>     |16224|3:3|image| (-2) vcld, main (line: 346)
>>     2011-03-07
> 
> 17:18:36|16224|3:3|image|DataStructure.pm:get_computer_private_ip_address(1582)|attempting
>>     to retrieve private IP address for computer: vm2
>>     2011-03-07
> 
> 17:18:36|16224|3:3|image|DataStructure.pm:get_computer_private_ip_address(1586)|retrieved
>>     contents of /etc/hosts on this management node, contains 7 lines
>>     2011-03-07
> 
> 17:18:36|16224|3:3|image|DataStructure.pm:get_computer_private_ip_address(1639)|returning
>>     IP address from /etc/hosts file: 192.168.1.1
>>     2011-03-07
>>     17:18:36|16224|3:3|image|utils.pm:is_inblockrequest(6147)|zero
> rows
>>     were returned from database select
>>     2011-03-07
> 
> 17:18:36|16224|3:3|image|DataStructure.pm:get_image_affiliation_name(2029)|image
>>     owner id: 1
>>     2011-03-07
>>     17:18:36|16224|3:3|image|utils.pm:getnewdbh(2709)|database
> requested
>>     (information_schema) does not match handle stored in $ENV{dbh}
>>     (vcl:127.0.0.1)
>>     2011-03-07
>>     17:18:36|16224|3:3|image|utils.pm:getnewdbh(2760)|database handle
>>     stored in $ENV{dbh}
>>     2011-03-07
> 
> 17:18:36|16224|3:3|image|DataStructure.pm:retrieve_user_data(1353)|attempting
>>     to retrieve and store data for user: user.id <http://user.id>
> <http://user.id> = '1'
>>     2011-03-07
>>     17:18:36|16224|3:3|image|utils.pm:getnewdbh(2709)|database
> requested
>>     (vcl) does not match handle stored in $ENV{dbh}
>>     (information_schema:127.0.0.1)
>>     2011-03-07
>>     17:18:36|16224|3:3|image|utils.pm:getnewdbh(2760)|database handle
>>     stored in $ENV{dbh}
>>     2011-03-07
> 
> 17:18:36|16224|3:3|image|DataStructure.pm:retrieve_user_data(1416)|data
>>     has been retrieved for user: admin (id: 1)
>>     2011-03-07 17:18:36|16224|3:3|image|utils.pm:mail(1268)|SUCCESS --
>>     Sending mail To: tharde...@tylerhardesty.info
> <mailto:tharde...@tylerhardesty.info>
>>     <mailto:tharde...@tylerhardesty.info
> <mailto:tharde...@tylerhardesty.info>>, PROBLEM --
> 3:3|image|image.pm <http://image.pm>
>>     <http://image.pm>|vm2>localvmhost|vmwarewinxp-windowsxp7-v0|admin
>>     |16224|3:3|image| ---- CRITICAL ----
>>     |16224|3:3|image| 2011-03-07
> 
> 17:18:36|16224|3:3|image|image.pm:reservation_failed(393)|vmwarewinxp-windowsxp7-v0
>>     image creation failed
>>     |16224|3:3|image| ( 0) image.pm <http://image.pm>
> <http://image.pm>,
>>     reservation_failed (line: 393)
>>     |16224|3:3|image| (-1) image.pm <http://image.pm>
> <http://image.pm>, process (line: 170)
>>     |16224|3:3|image| (-2) vcld, make_new_child (line: 568)
>>     |16224|3:3|image| (-3) vcld, main (line: 346)
> 
>>     I've run the cygwin on the win xp vm and it was successfull...
>>     copying and pasting that command it shows at the end of the setup
>>     allowed me to ssh into it without having to put in a passwd or
>>     whatever so then I tried to ssh to it from my management node
> and I get:
>>     [thardesty@vcl ~]$ ssh xxx.xx.xxx.xxx
>>     Warning: Permanently added 'xxx.xx.xxx.xxx' (RSA) to the list of
>>     known hosts.
>>     Permission denied (publickey,keyboard-interactive).
> 
>>     I can't seem to find what I am doing wrong so any help would
> be great!!
> 
>>     -Tyler Hardesty
> 
> 
> 
> 

- -- 
Jim O'Dell
Network Analyst
California State University Fullerton
Email: jod...@fullerton.edu
Phone: (657) 278-2256
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk12mPMACgkQREVHAOnXPYRVpACgjkSEs7ANyrVvDcdlyA5kfnxJ
VpgAoNXXcNHzg0Bhdn6hzK5fyL0Qpv59
=PVpv
-----END PGP SIGNATURE-----

Reply via email to