Hi folks, hope everything is ok with you guys!
I am trying via bash script reach a sftp server in order to download some files and then load them into a table. Simple as that!
I followed every step described on setting-up-sftp-public-key-authentication and I think I did all ok.
I did created the public/private rsa files (without passphrase)
I did the copy of id_rsa.pub on server side as authorized_keys
I setup the permissions (700) according to the steps mentioned in the link above
At the first moment, everything worked fine and when I tried run, for example, the command sftp /usr/ls.command user#host.xxx.com I got the expected result, that is, the ls command ran without asking me the password.
but now, when I am trying to run the same command, I get the following result:
Permission denied (publickey,password). Couldn't read packet:
Connection reset by peer
I already recreated the public/private, copy the public key to the server side and set up the permission, but it is not working.
here the ls on local side
root#server:~/.ssh> ls -lrt /root/.ssh/
total 12
-r-------- 1 root root 3538 Feb 7 09:54 known_hosts
-rw------- 1 root root 397 Jun 28 08:59 id_rsa.pub
-rw------- 1 root root 1679 Jun 28 08:59 id_rsa
here it is the ls on server side:
sftp> ls -rlt
-rwx------ 1 meli sftpserver 397 Jun 28 10:01 authorized_keys
sftp>
and here the output of sftp -vvv user#host.xxx.com command:
OpenSSH_5.9p1 Debian-5ubuntu1.4, OpenSSL 1.0.1 14 Mar 2012
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to host.xxx.com [0.0.0.0] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug3: Incorrect RSA1 identifier
This line called my attention:
debug3: Could not load "/root/.ssh/id_rsa" as a RSA1 public key
The rest of the output:
debug1: identity file /root/.ssh/id_rsa type 1
debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048
debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048
debug1: identity file /root/.ssh/id_rsa-cert type -1
debug1: identity file /root/.ssh/id_dsa type -1
debug1: identity file /root/.ssh/id_dsa-cert type -1
debug1: identity file /root/.ssh/id_ecdsa type -1
debug1: identity file /root/.ssh/id_ecdsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.2p2 Ubuntu-4ubuntu2.2
debug1: match: OpenSSH_7.2p2 Ubuntu-4ubuntu2.2 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.9p1 Debian-5ubuntu1.4
debug2: fd 3 setting O_NONBLOCK
debug3: load_hostkeys: loading entries for host "host.xxx.com" from file "/root/.ssh/known_hosts"
debug3: load_hostkeys: found key type ECDSA in file /root/.ssh/known_hosts:8
debug3: load_hostkeys: loaded 1 keys
debug3: order_hostkeyalgs: prefer hostkeyalgs: xxx
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-sha1 none
debug1: kex: client->server aes128-ctr hmac-sha1 none
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ECDSA 7c:23:46:da:52:31:6e:75:d2:a3:7a:13:03:b6:7d:21
debug3: load_hostkeys: loading entries for host "host.xxx.com" from file "/root/.ssh/known_hosts"
debug3: load_hostkeys: found key type ECDSA in file /root/.ssh/known_hosts:8
debug3: load_hostkeys: loaded 1 keys
debug3: load_hostkeys: loading entries for host "0.0.0.0" from file "/root/.ssh/known_hosts"
debug3: load_hostkeys: found key type ECDSA in file /root/.ssh/known_hosts:9
debug3: load_hostkeys: loaded 1 keys
debug1: Host 'host.xxx.com' is known and matches the ECDSA host key.
debug1: Found key in /root/.ssh/known_hosts:8
debug1: ssh_ecdsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /root/.ssh/id_rsa (0x7f8bf66ed8e0)
debug2: key: /root/.ssh/id_dsa ((nil))
debug2: key: /root/.ssh/id_ecdsa ((nil))
debug1: Authentications that can continue: publickey,password
debug3: start over, passed a different list publickey,password
debug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /root/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,password
debug1: Trying private key: /root/.ssh/id_dsa
debug3: no such identity: /root/.ssh/id_dsa
debug1: Trying private key: /root/.ssh/id_ecdsa
debug3: no such identity: /root/.ssh/id_ecdsa
debug2: we did not send a packet, disable method
debug3: authmethod_lookup password
debug3: remaining preferred: ,password
debug3: authmethod_is_enabled password
debug1: Next authentication method: password
password:
Any idea?
Thanks!!!!!
Related
This question already has answers here:
Using git with ssh-agent on Windows
(6 answers)
Closed 8 months ago.
I'm using git in PowerShell on Windows. I made sure ssh-agent is running, and ssh-add has my private key.
$ Get-Service ssh-agent
Status Name DisplayName
------ ---- -----------
Running ssh-agent OpenSSH Authentication Agent
$ ssh-add -l
256 SHA256:2MDH36ZZcM1uf9wQ2tsMj4NROkiGeKUD+CwBsVXrKXY xxxxxxxxxx#gmail.com (ED25519)
But git still asks for passphrase every time. I tried to debug by setting GIT_SSH_COMMAND="ssh -vvv", but couldn't understand what's wrong. Below is the verbose output when I run git push.
$ git push
OpenSSH_8.5p1, OpenSSL 1.1.1k 25 Mar 2021
debug1: Reading configuration data /etc/ssh/ssh_config
debug3: expanded UserKnownHostsFile '~/.ssh/known_hosts' -> '/c/Users/username/.ssh/known_hosts'
debug3: expanded UserKnownHostsFile '~/.ssh/known_hosts2' -> '/c/Users/username/.ssh/known_hosts2'
debug2: resolving "github.com" port 22
debug3: ssh_connect_direct: entering
debug1: Connecting to github.com [140.82.114.4] port 22.
debug3: set_sock_tos: set socket 3 IP_TOS 0x48
debug1: Connection established.
debug1: identity file /c/Users/username/.ssh/id_rsa type -1
debug1: identity file /c/Users/username/.ssh/id_rsa-cert type -1
debug1: identity file /c/Users/username/.ssh/id_dsa type -1
debug1: identity file /c/Users/username/.ssh/id_dsa-cert type -1
debug1: identity file /c/Users/username/.ssh/id_ecdsa type -1
debug1: identity file /c/Users/username/.ssh/id_ecdsa-cert type -1
debug1: identity file /c/Users/username/.ssh/id_ecdsa_sk type -1
debug1: identity file /c/Users/username/.ssh/id_ecdsa_sk-cert type -1
debug1: identity file /c/Users/username/.ssh/id_ed25519 type 3
debug1: identity file /c/Users/username/.ssh/id_ed25519-cert type -1
debug1: identity file /c/Users/username/.ssh/id_ed25519_sk type -1
debug1: identity file /c/Users/username/.ssh/id_ed25519_sk-cert type -1
debug1: identity file /c/Users/username/.ssh/id_xmss type -1
debug1: identity file /c/Users/username/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_8.5
debug1: Remote protocol version 2.0, remote software version babeld-7f91b4d6
debug1: compat_banner: no match: babeld-7f91b4d6
debug2: fd 3 setting O_NONBLOCK
debug1: Authenticating to github.com:22 as 'git'
debug3: record_hostkey: found key type ED25519 in file /c/Users/username/.ssh/known_hosts:1
debug3: record_hostkey: found key type RSA in file /c/Users/username/.ssh/known_hosts:2
debug3: record_hostkey: found key type ECDSA in file /c/Users/username/.ssh/known_hosts:3
debug3: load_hostkeys_file: loaded 3 keys from github.com
debug1: load_hostkeys: fopen /c/Users/username/.ssh/known_hosts2: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory
debug3: order_hostkeyalgs: have matching best-preference key type ssh-ed25519-cert-v01#openssh.com, using HostkeyAlgorithms verbatim
debug3: send packet: type 20
debug1: SSH2_MSG_KEXINIT sent
debug3: receive packet: type 20
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,curve25519-sha256#libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,ext-info-c
debug2: host key algorithms: ssh-ed25519-cert-v01#openssh.com,ecdsa-sha2-nistp256-cert-v01#openssh.com,ecdsa-sha2-nistp384-cert-v01#openssh.com,ecdsa-sha2-nistp521-cert-v01#openssh.com,sk-ssh-ed25519-cert-v01#openssh.com,sk-ecdsa-sha2-nistp256-cert-v01#openssh.com,rsa-sha2-512-cert-v01#openssh.com,rsa-sha2-256-cert-v01#openssh.com,ssh-rsa-cert-v01#openssh.com,ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ssh-ed25519#openssh.com,sk-ecdsa-sha2-nistp256#openssh.com,rsa-sha2-512,rsa-sha2-256,ssh-rsa
debug2: ciphers ctos: chacha20-poly1305#openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm#openssh.com,aes256-gcm#openssh.com,aes128-cbc,3des-cbc,aes256-cbc,aes192-cbc
debug2: ciphers stoc: chacha20-poly1305#openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm#openssh.com,aes256-gcm#openssh.com,aes128-cbc,3des-cbc,aes256-cbc,aes192-cbc
debug2: MACs ctos: umac-64-etm#openssh.com,umac-128-etm#openssh.com,hmac-sha2-256-etm#openssh.com,hmac-sha2-512-etm#openssh.com,hmac-sha1-etm#openssh.com,umac-64#openssh.com,umac-128#openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm#openssh.com,umac-128-etm#openssh.com,hmac-sha2-256-etm#openssh.com,hmac-sha2-512-etm#openssh.com,hmac-sha1-etm#openssh.com,umac-64#openssh.com,umac-128#openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib#openssh.com,zlib
debug2: compression stoc: none,zlib#openssh.com,zlib
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug2: peer server KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,curve25519-sha256#libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256
debug2: host key algorithms: ssh-ed25519,ecdsa-sha2-nistp256,rsa-sha2-512,rsa-sha2-256,ssh-rsa
debug2: ciphers ctos: chacha20-poly1305#openssh.com,aes256-gcm#openssh.com,aes128-gcm#openssh.com,aes256-ctr,aes192-ctr,aes128-ctr
debug2: ciphers stoc: chacha20-poly1305#openssh.com,aes256-gcm#openssh.com,aes128-gcm#openssh.com,aes256-ctr,aes192-ctr,aes128-ctr
debug2: MACs ctos: hmac-sha2-512-etm#openssh.com,hmac-sha2-256-etm#openssh.com,hmac-sha2-512,hmac-sha2-256
debug2: MACs stoc: hmac-sha2-512-etm#openssh.com,hmac-sha2-256-etm#openssh.com,hmac-sha2-512,hmac-sha2-256
debug2: compression ctos: none,zlib#openssh.com,zlib
debug2: compression stoc: none,zlib#openssh.com,zlib
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ssh-ed25519
debug1: kex: server->client cipher: chacha20-poly1305#openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305#openssh.com MAC: <implicit> compression: none
debug3: send packet: type 30
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug3: receive packet: type 31
debug1: SSH2_MSG_KEX_ECDH_REPLY received
debug1: Server host key: ssh-ed25519 SHA256:+DiY3wvvV6TuJJhbpZisF/zLDA0zPMSvHdkr4UvCOqU
debug3: record_hostkey: found key type ED25519 in file /c/Users/username/.ssh/known_hosts:1
debug3: record_hostkey: found key type RSA in file /c/Users/username/.ssh/known_hosts:2
debug3: record_hostkey: found key type ECDSA in file /c/Users/username/.ssh/known_hosts:3
debug3: load_hostkeys_file: loaded 3 keys from github.com
debug1: load_hostkeys: fopen /c/Users/username/.ssh/known_hosts2: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory
debug1: Host 'github.com' is known and matches the ED25519 host key.
debug1: Found key in /c/Users/username/.ssh/known_hosts:1
debug3: send packet: type 21
debug2: set_newkeys: mode 1
debug1: rekey out after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug3: receive packet: type 21
debug1: SSH2_MSG_NEWKEYS received
debug2: set_newkeys: mode 0
debug1: rekey in after 134217728 blocks
debug1: Will attempt key: /c/Users/username/.ssh/id_rsa
debug1: Will attempt key: /c/Users/username/.ssh/id_dsa
debug1: Will attempt key: /c/Users/username/.ssh/id_ecdsa
debug1: Will attempt key: /c/Users/username/.ssh/id_ecdsa_sk
debug1: Will attempt key: /c/Users/username/.ssh/id_ed25519 ED25519 SHA256:2MDH36ZZcM1uf9wQ2tsMj4NROkiGeKUD+CwBsVXrKXY
debug1: Will attempt key: /c/Users/username/.ssh/id_ed25519_sk
debug1: Will attempt key: /c/Users/username/.ssh/id_xmss
debug2: pubkey_prepare: done
debug3: send packet: type 5
debug3: receive packet: type 7
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519-cert-v01#openssh.com,ecdsa-sha2-nistp521-cert-v01#openssh.com,ecdsa-sha2-nistp384-cert-v01#openssh.com,ecdsa-sha2-nistp256-cert-v01#openssh.com,sk-ssh-ed25519-cert-v01#openssh.com,sk-ecdsa-sha2-nistp256-cert-v01#openssh.com,rsa-sha2-512-cert-v01#openssh.com,rsa-sha2-256-cert-v01#openssh.com,ssh-rsa-cert-v01#openssh.com,sk-ssh-ed25519#openssh.com,sk-ecdsa-sha2-nistp256#openssh.com,ssh-ed25519,ecdsa-sha2-nistp521,ecdsa-sha2-nistp384,ecdsa-sha2-nistp256,rsa-sha2-512,rsa-sha2-256,ssh-rsa>
debug3: receive packet: type 6
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug3: send packet: type 50
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey
debug3: start over, passed a different list publickey
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /c/Users/username/.ssh/id_rsa
debug3: no such identity: /c/Users/username/.ssh/id_rsa: No such file or directory
debug1: Trying private key: /c/Users/username/.ssh/id_dsa
debug3: no such identity: /c/Users/username/.ssh/id_dsa: No such file or directory
debug1: Trying private key: /c/Users/username/.ssh/id_ecdsa
debug3: no such identity: /c/Users/username/.ssh/id_ecdsa: No such file or directory
debug1: Trying private key: /c/Users/username/.ssh/id_ecdsa_sk
debug3: no such identity: /c/Users/username/.ssh/id_ecdsa_sk: No such file or directory
debug1: Offering public key: /c/Users/username/.ssh/id_ed25519 ED25519 SHA256:2MDH36ZZcM1uf9wQ2tsMj4NROkiGeKUD+CwBsVXrKXY
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 60
debug1: Server accepts key: /c/Users/username/.ssh/id_ed25519 ED25519 SHA256:2MDH36ZZcM1uf9wQ2tsMj4NROkiGeKUD+CwBsVXrKXY
debug3: sign_and_send_pubkey: ED25519 SHA256:2MDH36ZZcM1uf9wQ2tsMj4NROkiGeKUD+CwBsVXrKXY
debug3: sign_and_send_pubkey: signing using ssh-ed25519 SHA256:2MDH36ZZcM1uf9wQ2tsMj4NROkiGeKUD+CwBsVXrKXY
Enter passphrase for key '/c/Users/username/.ssh/id_ed25519':
As mentioned here by Ajedi32, if you are using Windows' native implementation of OpenSSH with the native ssh-agent Windows service, make sure that Git for Windows was configured to use that SSH implementation when you installed it
You can force using another ssh.exe with the GIT_SSH environment variable.
Try also to start the agent as a service.
Try to run these two lines one after another in this order in git bash, Windows WLS or bash on real GNU/Linux.
eval ssh-agent -s
ssh-add ~/.ssh/*_rsa
it will ask for passphrase in the second command, and that's it. Each additional action you will need to do (which normally requires passphrase) won't ask you for the passphrase.
I have created ssh keys in my local machine (Mac)
I've copied the public key to gitLab and I can ssh to gitLab successfully from my local machine
I'm also using a server. I can ssh from my local machine to the server. I login as root
I wanted to have also an ssh connection between server and gitLab but I cannot connect
In the server if I execute
ssh -T git#gitlab.com
The result is
Permission denied (publickey,keyboard-interactive).
dir permissions in the server
drwx------ 2 root root 4096 Jan 13 23:01 .ssh
file permissions within folder .ssh in the server
total 8
-rw------- 1 root root 406 Jan 13 23:00 authorized_keys
-rw-r--r-- 1 root root 444 Jan 13 23:01 known_hosts
Dir permissions in my local machine
drwxr-xr-x 9 ctavares staff 288 Jan 13 23:00 .ssh
file permissions with .ssh in my local machine
-rw-r--r-- 1 ctavares staff 3576 Jan 9 2016 authorized_keys
-rw-r--r-- 1 ctavares staff 113 Mar 14 2019 config
-rw------- 1 ctavares staff 1679 Jun 28 2018 id_rsa
-rw-r--r--# 1 ctavares staff 406 Jun 28 2018 id_rsa.pub
-rw-r--r-- 1 ctavares staff 1118 Jan 13 16:57 known_hosts
Executing the debug command in server
ssh -Tvvv git#gitlab.com
the output
OpenSSH_7.4p1 Debian-10+deb9u7, OpenSSL 1.0.2u 20 Dec 2019
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug2: resolving "gitlab.com" port 22
debug2: ssh_connect_direct: needpriv 0
debug1: Connecting to gitlab.com [172.65.251.78] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_rsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.4p1 Debian-10+deb9u7
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.9p1 Debian-10+deb10u2
debug1: match: OpenSSH_7.9p1 Debian-10+deb10u2 pat OpenSSH* compat 0x04000000
debug2: fd 3 setting O_NONBLOCK
debug1: Authenticating to gitlab.com:22 as 'git'
debug3: hostkeys_foreach: reading file "/root/.ssh/known_hosts"
debug3: record_hostkey: found key type ECDSA in file /root/.ssh/known_hosts:1
debug3: load_hostkeys: loaded 1 keys from gitlab.com
debug3: order_hostkeyalgs: prefer hostkeyalgs: ecdsa-sha2-nistp256-cert-v01#openssh.com,ecdsa-sha2-nistp384-cert-v01#openssh.com,ecdsa-sha2-nistp521-cert-v01#openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
debug3: send packet: type 20
debug1: SSH2_MSG_KEXINIT sent
debug3: receive packet: type 20
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,curve25519-sha256#libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,ext-info-c
debug2: host key algorithms: ecdsa-sha2-nistp256-cert-v01#openssh.com,ecdsa-sha2-nistp384-cert-v01#openssh.com,ecdsa-sha2-nistp521-cert-v01#openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519-cert-v01#openssh.com,ssh-rsa-cert-v01#openssh.com,ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa
debug2: ciphers ctos: chacha20-poly1305#openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm#openssh.com,aes256-gcm#openssh.com,aes128-cbc,aes192-cbc,aes256-cbc
debug2: ciphers stoc: chacha20-poly1305#openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm#openssh.com,aes256-gcm#openssh.com,aes128-cbc,aes192-cbc,aes256-cbc
debug2: MACs ctos: umac-64-etm#openssh.com,umac-128-etm#openssh.com,hmac-sha2-256-etm#openssh.com,hmac-sha2-512-etm#openssh.com,hmac-sha1-etm#openssh.com,umac-64#openssh.com,umac-128#openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm#openssh.com,umac-128-etm#openssh.com,hmac-sha2-256-etm#openssh.com,hmac-sha2-512-etm#openssh.com,hmac-sha1-etm#openssh.com,umac-64#openssh.com,umac-128#openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib#openssh.com,zlib
debug2: compression stoc: none,zlib#openssh.com,zlib
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug2: peer server KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,curve25519-sha256#libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1
debug2: host key algorithms: rsa-sha2-512,rsa-sha2-256,ssh-rsa,ecdsa-sha2-nistp256,ssh-ed25519
debug2: ciphers ctos: chacha20-poly1305#openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm#openssh.com,aes256-gcm#openssh.com
debug2: ciphers stoc: chacha20-poly1305#openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm#openssh.com,aes256-gcm#openssh.com
debug2: MACs ctos: umac-64-etm#openssh.com,umac-128-etm#openssh.com,hmac-sha2-256-etm#openssh.com,hmac-sha2-512-etm#openssh.com,hmac-sha1-etm#openssh.com,umac-64#openssh.com,umac-128#openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm#openssh.com,umac-128-etm#openssh.com,hmac-sha2-256-etm#openssh.com,hmac-sha2-512-etm#openssh.com,hmac-sha1-etm#openssh.com,umac-64#openssh.com,umac-128#openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib#openssh.com
debug2: compression stoc: none,zlib#openssh.com
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: chacha20-poly1305#openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305#openssh.com MAC: <implicit> compression: none
debug3: send packet: type 30
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug3: receive packet: type 31
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:HbW3g8zUjNSksFbqTiUWPWg2Bq1x8xdGUrliXFzSnUw
debug3: hostkeys_foreach: reading file "/root/.ssh/known_hosts"
debug3: record_hostkey: found key type ECDSA in file /root/.ssh/known_hosts:1
debug3: load_hostkeys: loaded 1 keys from gitlab.com
debug3: hostkeys_foreach: reading file "/root/.ssh/known_hosts"
debug3: record_hostkey: found key type ECDSA in file /root/.ssh/known_hosts:2
debug3: load_hostkeys: loaded 1 keys from 172.65.251.78
debug1: Host 'gitlab.com' is known and matches the ECDSA host key.
debug1: Found key in /root/.ssh/known_hosts:1
debug3: send packet: type 21
debug2: set_newkeys: mode 1
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug3: receive packet: type 21
debug1: SSH2_MSG_NEWKEYS received
debug2: set_newkeys: mode 0
debug1: rekey after 134217728 blocks
debug2: key: /root/.ssh/id_rsa ((nil))
debug2: key: /root/.ssh/id_dsa ((nil))
debug2: key: /root/.ssh/id_ecdsa ((nil))
debug2: key: /root/.ssh/id_ed25519 ((nil))
debug3: send packet: type 5
debug3: receive packet: type 7
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521>
debug3: receive packet: type 6
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug3: send packet: type 50
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,keyboard-interactive
debug3: start over, passed a different list publickey,keyboard-interactive
debug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /root/.ssh/id_rsa
debug3: no such identity: /root/.ssh/id_rsa: No such file or directory
debug1: Trying private key: /root/.ssh/id_dsa
debug3: no such identity: /root/.ssh/id_dsa: No such file or directory
debug1: Trying private key: /root/.ssh/id_ecdsa
debug3: no such identity: /root/.ssh/id_ecdsa: No such file or directory
debug1: Trying private key: /root/.ssh/id_ed25519
debug3: no such identity: /root/.ssh/id_ed25519: No such file or directory
debug2: we did not send a packet, disable method
debug3: authmethod_lookup keyboard-interactive
debug3: remaining preferred: password
debug3: authmethod_is_enabled keyboard-interactive
debug1: Next authentication method: keyboard-interactive
debug2: userauth_kbdint
debug3: send packet: type 50
debug2: we sent a keyboard-interactive packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey,keyboard-interactive
debug3: userauth_kbdint: disable: no info_req_seen
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
Permission denied (publickey,keyboard-interactive).
What am I doing wrong?
You would need to have the ~/.ssh/id_rsa file in root's account on the server if you wanted to connect from root to gitlab.
I would, however, suggest a different approach.
Connect to the server as yourself using agent forwarding. ssh -A users#server
Connect from there to gitlab using the forwarded credentials.
SO I had an issue recently with my old work laptop and needed to access assets and company instances for administrative purposes. I have OpenSSH installed and can normally use it within Powershell, but for some odd reason my config, keys do not work. How come I can't load my key and gain access, but if I convert it to a PK file using Pageant it will work.
The key was originally made on a Macbook and then I transferred it to my windows host.
OpenSSH will work on Windows, but will not offer the correct key.
debug1: kex: algorithm: curve25519-sha256#libssh.org
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: chacha20-poly1305#openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305#openssh.com MAC: <implicit> compression: none
debug3: send packet: type 30
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug3: receive packet: type 31
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:
debug3: hostkeys_foreach: reading file "/dev/null"
debug3: Failed to open file:C:/ProgramData/ssh/ssh_known_hosts error:2
debug3: Failed to open file:C:/ProgramData/ssh/ssh_known_hosts2 error:2
Warning: Permanently added 'XXX.XX.XX.XX' (ECDSA) to the list of known hosts.
debug3: send packet: type 21
debug2: set_newkeys: mode 1
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug3: receive packet: type 21
debug1: SSH2_MSG_NEWKEYS received
debug2: set_newkeys: mode 0
debug1: rekey after 134217728 blocks
debug2: key: C:\\Users\\richard.barrett/\\.ssh\\Mirantis\\id_rsa (00000145F1EB10A0), explicit, agent
debug2: key: C:\\Users\\richard.barrett/.ssh/Mirantis/id_rsa (00000145F1EB1650)
debug3: send packet: type 5
debug3: receive packet: type 7
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<rsa-sha2-256,rsa-sha2-512>
debug3: receive packet: type 6
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug3: send packet: type 50
debug3: receive packet: type 53
debug3: input_userauth_banner
=================================== WARNING ====================================
You have accessed a computer managed by Mirantis INC.
You are required to have authorization from Mirantis INC
before you proceed and you are strictly limited to use set out within that
authorization. Unauthorized access to or misuse of this system is prohibited
and constitutes an offence under the Computer Misuse Act 1990.
If you disclose any information obtained through this system without authority
================================================================================
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey
debug3: start over, passed a different list publickey
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering public key: RSA SHA256:
C:\\Users\\richard.barrett/\\.ssh\\Mirantis\\id_rsa
debug3: send_pubkey_test
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey
debug1: Offering public key: RSA SHA256:
C:\\Users\\richard.barrett/.ssh/Mirantis/id_rsa
debug3: send_pubkey_test
debug3: send packet: type 50
debug2: we sent a publickey packet, wait for reply
debug3: receive packet: type 51
debug1: Authentications that can continue: publickey
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
delvalle_tc\\richard.barrett#XXX.XX.XX.XXX\: Permission denied (publickey).
But when I convert it using putty gen it will work?
I have two openssh keys
~\.ssh\id_rsa
~\.ssh\Mirantis\id_rsa
How can I switch between the two keys?
Furthermore, how can I use my old config from my macbook on my new windows host?
OpenSSH keeps using a different config file, I managed to copy out the old keys from my old macbook before it froze, considering I have never tried to transfer keys between two different OS hosts, I was curious if it was normal as I already have a different key in my ~.ssh folder I made a ~\.ssh\Mirantis\ folder but it keeps offering the main key despite me changing the ssh_config in the C:\ProgramData\ssh
I tried following the directions here, but it doesn't really any offerings as to how to set up ssh_config in Windows as an imported config: https://learn.microsoft.com/en-us/windows-server/administration/openssh/openssh_server_configuration
Okay well I feel stupid and solved it.
I kept getting the permission denied because of the following issue:
delvalle_tc\\richard.barrett#XXX.XX.XX.XXX\: Permission denied (publickey).
I was using
ssh ip_address
Solution:
ssh-add <file_path>
ssh user#ip_address
I didn't take into account that my username is not richard.barrett and it was trying to pass this off instead of using rbarrett.
Hy,
I need to put a file using scp from a ubuntu 18.04 server to a Raspberry, the file is created in the destination directory but it is at 0 bytes and scp freezes.
This is the scp command:
scp -v /home/solergy/MANGO/MA_HOME_TERLIZZI/STM32_BINARIES/S07E-MCU-3AX.bin solergy#172.16.9.14:/home/solergy/ARTESHELL_IP/bin/
and this is the log on Ubuntu server sending the file:
Executing: program /usr/bin/ssh host 172.16.9.14, user
solergy, command scp -v -t /home/solergy/ARTESHELL_IP/bin/
OpenSSH_7.6p1 Ubuntu-4ubuntu0.3, OpenSSL 1.0.2n 7 Dec 2017
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to 172.16.9.14 [172.16.9.14] port 22.
debug1: Connection established.
debug1: identity file /home/solergy/.ssh/id_rsa type 0
debug1: key_load_public: No such file or directory
debug1: identity file /home/solergy/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/solergy/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/solergy/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/solergy/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/solergy/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/solergy/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/solergy/.ssh/id_ed25519-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.4p1 Raspbian-10+deb9u6
debug1: match: OpenSSH_7.4p1 Raspbian-10+deb9u6 pat OpenSSH* compat 0x04000000
debug1: Authenticating to 172.16.9.14:22 as 'solergy'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: chacha20-poly1305#openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305#openssh.com MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecds..........256 SHA256:GLpj.......................o1ng
debug1: Host '172.16.9.14' is known and matches the ECDSA host key.
debug1: Found key in /home/solergy/.ssh/known_hosts:14
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Offering public key: RSA SHA256:N0Ci............ihb/zI1DB..........Pc /home/solergy/.ssh/id_rsa
debug1: Authentications that can continue: publickey,password
debug1: Trying private key: /home/solergy/.ssh/id_dsa
debug1: Trying private key: /home/solergy/.ssh/id_ecdsa
debug1: Trying private key: /home/solergy/.ssh/id_ed25519
debug1: Next authentication method: password
debug1: Authentication succeeded (password).
Authenticated to 172.16.9.14 ([172.16.9.14]:22).
debug1: channel 0: new [client-session]
debug1: Requesting no-more-sessions#openssh.com
debug1: Entering interactive session.
debug1: pledge: network
debug1: client_input_global_request: rtype hostkeys-00#openssh.com want_reply 0
debug1: Sending environment.
debug1: Sending env LANG = en_US.UTF-8
debug1: Sending command: scp -v -t /home/solergy/ARTESHELL_IP/bin/
Sending file modes: C0777 189264 S07E-MCU-3AX.bin
Sink: C0777 189264 S07E-MCU-3AX.bin
And this is the empty file created:
Any idea about where is the problem and how I can solve it.
Thanks,
Antonio
what is strange is that I've no problem using ssh to access the remote server, instead scp is not working.
I'm following below tutorial.
https://www.digitalocean.com/community/tutorials/how-to-set-up-ssh-keys--2
It's generated file on Windows 10 C:\Users\<user name>\.ssh
I'm using GIT to generate files.
~/Desktop
$ PermitRootLogin without-password
bash: PermitRootLogin: command not found
$ ssh a#b.com
a#b.com's password:
Permission denied, please try again.
I have generated .ppk file using puttygen.exe.
Still not able to connect to server.
By doing ssh -Tv a#b.com
It will give below response
OpenSSH_7.1p2, OpenSSL 1.0.2h 3 May 2016
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Connecting to a#b.com [XXX.XXX.XXX.XX] port 22.
debug1: Connection established.
debug1: identity file /c/Users/XUser/.ssh/id_rsa type 1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/XUser/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/XUser/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/XUser/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/XUser/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/XUser/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/XUser/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /c/Users/XUser/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.1
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.6
debug1: match: OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.6 pat OpenSSH_6.6.1* compat 0x04000000
debug1: Authenticating to a#b.com:22 as 'XUser'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client chacha20-poly1305#openssh.com <implicit> none
debug1: kex: client->server chacha20-poly1305#openssh.com <implicit> none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:WrjAO7ldoJ3vjYENd6v7JvxXkbquvvom16RYGKeRO70
debug1: Host 'a#b.com' is known and matches the ECDSA host key.
debug1: Found key in /c/Users/XUser/.ssh/known_hosts:2
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /c/Users/XUser/.ssh/id_rsa
debug1: Authentications that can continue: publickey,password
debug1: Trying private key: /c/Users/XUser/.ssh/id_dsa
debug1: Trying private key: /c/Users/XUser/.ssh/id_ecdsa
debug1: Trying private key: /c/Users/XUser/.ssh/id_ed25519
debug1: Next authentication method: password
XUser#a#b.com's password:
debug1: Authentications that can continue: publickey,password
Permission denied, please try again.
XUser#a#b.com's password:
If you do have
your public key: C:\Users\<user name>\.ssh\id_rsa.pub
your private key: C:\Users\<user name>\.ssh\id_rsa
Do copy your public key (see "How To Use SSH Keys with DigitalOcean Droplets")