Problem in RSA Key authentication

kannappan kannappan at tesbv.com
Mon Jun 9 23:57:16 EST 2008 

Hello Damien,

I am using OpenSSH-5.0 on my ARM board.  I want to perform RSA
authentication, but server is not accepting the key generated by the
client. I have copied the authorized_keys in the "$HOME/.ssh/" folder
and provided permission (755) to that folder.  Please help me how to
solve this problem.

Following is the log from the client

OpenSSH_4.3p2, OpenSSL 0.9.8b 04 May 2006
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to 10.20.0.183 [10.20.0.183] port 22.
debug1: Connection established.
debug1: identity file /home/jac/.ssh/identity type -1
debug1: identity file /home/jac/.ssh/id_rsa type 1
debug1: identity file /home/jac/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.0
debug1: match: OpenSSH_5.0 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.3
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host '10.20.0.183' is known and matches the RSA host key.
debug1: Found key in /home/jac/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue:
publickey,password,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Trying private key: /home/jac/.ssh/identity
debug1: Offering public key: /home/jac/.ssh/id_rsa
debug1: Authentications that can continue:
publickey,password,keyboard-interactive
debug1: Trying private key: /home/jac/.ssh/id_dsa
debug1: Next authentication method: keyboard-interactive
debug1: Authentications that can continue:
publickey,password,keyboard-interactive
debug1: Next authentication method: password
root at 10.20.0.183's password:

~Kans.

-----Original Message-----
From: openssh-unix-dev-bounces+kannappan=tesbv.com at mindrot.org
[mailto:openssh-unix-dev-bounces+kannappan=tesbv.com at mindrot.org] On
Behalf Of openssh-unix-dev-request at mindrot.org
Sent: Saturday, May 10, 2008 2:16 AM
To: openssh-unix-dev at mindrot.org
Subject: openssh-unix-dev Digest, Vol 61, Issue 4

Send openssh-unix-dev mailing list submissions to
	openssh-unix-dev at mindrot.org

To subscribe or unsubscribe via the World Wide Web, visit
	https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
or, via email, send a message with subject or body 'help' to
	openssh-unix-dev-request at mindrot.org

You can reach the person managing the list at
	openssh-unix-dev-owner at mindrot.org

When replying, please edit your Subject line so it is more specific
than "Re: Contents of openssh-unix-dev digest..."


Today's Topics:

   1. ssh works, but sftp doesn't (kannappan)
   2. Re: ssh works, but sftp doesn't (Damien Miller)
   3. RE: ssh works, but sftp doesn't (kannappan)
   4. RE: ssh works, but sftp doesn't (Damien Miller)
   5. RE: ssh works, but sftp doesn't (kannappan)
   6. RE: ssh works, but sftp doesn't (Damien Miller)
   7. Re: Request for generic engine support (Daniel Kahn Gillmor)


----------------------------------------------------------------------

Message: 1
Date: Fri, 9 May 2008 14:52:47 +0530
From: "kannappan" <kannappan at tesbv.com>
Subject: ssh works, but sftp doesn't
To: <openssh-unix-dev at mindrot.org>
Message-ID: <005b01c8b1b6$42138980$8200140a at Kanslaptop>
Content-Type: text/plain; charset="us-ascii"

Hello All,

I have built the OpenSSH provided with the "buildroot" package for ARM
board. OpenSSH version is openssh-4.7p1. 

After starting the SSHD, I am able to ssh to my ARM board, from my PC,
but SFTP fails.

Attached is the log I got from the daemon.  Any help is appreciated.

Thanks,
Kans.
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: sshlog.txt
Url:
http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20080509
/6a63ae2a/attachment-0001.txt 

------------------------------

Message: 2
Date: Fri, 9 May 2008 19:55:20 +1000 (EST)
From: Damien Miller <djm at mindrot.org>
Subject: Re: ssh works, but sftp doesn't
To: kannappan <kannappan at tesbv.com>
Cc: openssh-unix-dev at mindrot.org
Message-ID: <alpine.BSO.1.00.0805091953370.26137 at fuyu.mindrot.org>
Content-Type: TEXT/PLAIN; charset=US-ASCII

On Fri, 9 May 2008, kannappan wrote:

> Hello All,
> 
> I have built the OpenSSH provided with the "buildroot" package for ARM
> board. OpenSSH version is openssh-4.7p1. 
> 
> After starting the SSHD, I am able to ssh to my ARM board, from my PC,
> but SFTP fails.
> 
> Attached is the log I got from the daemon.  Any help is appreciated.

For some reason your sftp-server is exiting immediately. Check that
/usr/sbin/sftp-server exists, is executable and doesn't crash
when executed.

For a better test of sftp-server, you can run it directly from
sftp: "sftp -P /usr/sbin/sftp-server blah"

-d


------------------------------

Message: 3
Date: Fri, 9 May 2008 17:51:18 +0530
From: "kannappan" <kannappan at tesbv.com>
Subject: RE: ssh works, but sftp doesn't
To: <openssh-unix-dev at mindrot.org>,	"'Damien Miller'"
	<djm at mindrot.org>
Message-ID: <006501c8b1cf$321dcea0$8200140a at Kanslaptop>
Content-Type: text/plain;	charset="us-ascii"

Hi Damien,

It seems that sftp-server is working.

I have performed the following:

[root at 10 opt]# sftp -P /usr/sbin/sftp-server 10.20.0.183
Attaching to /usr/sbin/sftp-server...
sftp> ls

Please suggest me some other options.

Thanks,

Kans.

-----Original Message-----
From: Damien Miller [mailto:djm at mindrot.org] 
Sent: Friday, May 09, 2008 3:25 PM
To: kannappan
Cc: openssh-unix-dev at mindrot.org
Subject: Re: ssh works, but sftp doesn't

On Fri, 9 May 2008, kannappan wrote:

> Hello All,
> 
> I have built the OpenSSH provided with the "buildroot" package for ARM
> board. OpenSSH version is openssh-4.7p1. 
> 
> After starting the SSHD, I am able to ssh to my ARM board, from my PC,
> but SFTP fails.
> 
> Attached is the log I got from the daemon.  Any help is appreciated.

For some reason your sftp-server is exiting immediately. Check that
/usr/sbin/sftp-server exists, is executable and doesn't crash
when executed.

For a better test of sftp-server, you can run it directly from
sftp: "sftp -P /usr/sbin/sftp-server blah"

-d




------------------------------

Message: 4
Date: Fri, 9 May 2008 22:58:01 +1000 (EST)
From: Damien Miller <djm at mindrot.org>
Subject: RE: ssh works, but sftp doesn't
To: kannappan <kannappan at tesbv.com>
Cc: openssh-unix-dev at mindrot.org
Message-ID: <alpine.BSO.1.00.0805092257410.26137 at fuyu.mindrot.org>
Content-Type: TEXT/PLAIN; charset=US-ASCII

On Fri, 9 May 2008, kannappan wrote:

> Hi Damien,
> 
> It seems that sftp-server is working.
> 
> I have performed the following:
> 
> [root at 10 opt]# sftp -P /usr/sbin/sftp-server 10.20.0.183
> Attaching to /usr/sbin/sftp-server...
> sftp> ls
> 
> Please suggest me some other options.

Can it be executed by whichever user you are logging in as? 

-d


------------------------------

Message: 5
Date: Fri, 9 May 2008 18:45:37 +0530
From: "kannappan" <kannappan at tesbv.com>
Subject: RE: ssh works, but sftp doesn't
To: <openssh-unix-dev at mindrot.org>,	"'Damien Miller'"
	<djm at mindrot.org>
Message-ID: <006d01c8b1d6$c8a2a880$8200140a at Kanslaptop>
Content-Type: text/plain;	charset="us-ascii"

Hi Damien,

Yeap. I am able to execute that command(sftp -P /usr/sbin/sftp-server
10.20.0.183) for any users.

Regards,
Kans.

-----Original Message-----
From: Damien Miller [mailto:djm at mindrot.org] 
Sent: Friday, May 09, 2008 6:28 PM
To: kannappan
Cc: openssh-unix-dev at mindrot.org
Subject: RE: ssh works, but sftp doesn't

On Fri, 9 May 2008, kannappan wrote:

> Hi Damien,
> 
> It seems that sftp-server is working.
> 
> I have performed the following:
> 
> [root at 10 opt]# sftp -P /usr/sbin/sftp-server 10.20.0.183
> Attaching to /usr/sbin/sftp-server...
> sftp> ls
> 
> Please suggest me some other options.

Can it be executed by whichever user you are logging in as? 

-d




------------------------------

Message: 6
Date: Sat, 10 May 2008 00:13:11 +1000 (EST)
From: Damien Miller <djm at mindrot.org>
Subject: RE: ssh works, but sftp doesn't
To: kannappan <kannappan at tesbv.com>
Cc: openssh-unix-dev at mindrot.org
Message-ID: <alpine.BSO.1.00.0805100008510.26137 at fuyu.mindrot.org>
Content-Type: TEXT/PLAIN; charset=US-ASCII

On Fri, 9 May 2008, kannappan wrote:

> Hi Damien,
> 
> Yeap. I am able to execute that command(sftp -P /usr/sbin/sftp-server
> 10.20.0.183) for any users.

Sorry, I don't have any idea what is going wrong. Some more things
for you to try:

1. Run sftp server directly from a ssh client, what happends?
   ssh yourhost /usr/sbin/sftp-server

2. Change the SubSystem declaration in the server to point to a 
   different program instead of /usr/sbin/sftp-server and repeat
   test #1 - does this work?

3. Rebuild OpenSSH from pristine sources (making sure you are using the
   latest version - 5.0). Does this help?

4. Rebuild sftp-server and insert a sleep() call at the start so you
   can attach a debugger to it. 

5. Try the new sshd_config "internal-sftp" subsystem (in openssh-5.0).

-d


------------------------------

Message: 7
Date: Fri, 09 May 2008 16:46:03 -0400
From: Daniel Kahn Gillmor <dkg-openssh.com at fifthhorseman.net>
Subject: Re: Request for generic engine support
To: "openssh-unix-dev\@mindrot.org" <openssh-unix-dev at mindrot.org>
Message-ID: <87prrv1a0k.fsf at squeak.fifthhorseman.net>
Content-Type: text/plain; charset="us-ascii"

A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 826 bytes
Desc: not available
Url :
http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20080509
/7941dead/attachment.bin 

------------------------------

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev at mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev


End of openssh-unix-dev Digest, Vol 61, Issue 4
***********************************************

More information about the openssh-unix-dev mailing list