[Bug 3615] Host Based Authentication is failing

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Thu Sep 21 13:32:27 AEST 2023


https://bugzilla.mindrot.org/show_bug.cgi?id=3615

--- Comment #5 from Darren Tucker <dtucker at dtucker.net> ---
Comment on attachment 3731
  --> https://bugzilla.mindrot.org/attachment.cgi?id=3731
Requested debug/config information

[...]
>debug1: check_key_in_hostfiles: key for host basement-gentoo.krautclan.com not found
>debug1: temporarily_use_uid: 1000/1000 (e=0/0)
>debug1: load_hostkeys: fopen /home/rwk/.ssh/known_hosts2: No such file or directory
>debug1: restore_uid: 0/0
>debug1: check_key_in_hostfiles: key for host basement-gentoo.krautclan.com not found
>debug3: mm_answer_keyallowed: hostbased authentication test: RSA key is not allowed
>Failed hostbased for rwk from 192.168.1.17 port 47186 ssh2: RSA SHA256:SaZOSakVXi3jdv18gjAEF67qvHHkNmroGZQHpYanN/o, client user "rwk", client host "basement-gentoo.krautclan.com"

This looks like your problem: the server does not have the host key for
the client in any of its known_hosts files under the name
"basement-gentoo.krautclan.com".  If you want to use this for more than
one user you probably want to put it in the system-wide ssh_known_hosts
file.

[...]
>debug1: Authentications that can continue: publickey,password,hostbased
>debug3: start over, passed a different list publickey,password,hostbased
>debug3: preferred hostbased,publickey,keyboard-interactive,password

While you're testing you might want to add -o
PreferredAuthentications=hostbased to your ssh command line.  That will
stop it trying to use the other auth methods and make it easier to read
the debug output.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.


More information about the openssh-bugs mailing list