SSH Public Key Problems

S

svoltmer

Registered
Hi,
I am using Terminal to generate a public SSH2 key for a Unix machine running Apache. The Unix machine is with my web hosting company Aplus.net. I have requested SSH access to the server for configuring some pearl scripts for website statistics.

My problem is after generating the public key using "ssh-keygen -d -C <username>@<website.com> to generate the keys and copying and pasting the key into the Aplus.net SSH control pannel, I am still unable to log in using terminal and "ssh <username>@<website.com>.

I get the error: "Permission Denied (publickey)"
 
lurk,
call me stupid, but I can't actually see a directory named ".ssh", but I can "cd" to "/Users/steve/.ssh" and there I am. What's up?
 
the . in front of the ssh represents a hidden object. I believe you want your private key in there and your public key at Aplus.net.
 
this is the listing of ".ssh".

authorized_keys
id_dsa
id_dsa.pub
known_hosts

The ssh-keygen -d created the id_dsa and the id_dsa.pub keys and I have copied the id_dsa.pub key from pico to the Aplus.net SSH control pannel. With no luck.
 
OpenSSH_4.2p1, OpenSSL 0.9.7i 14 Oct 2005
debug1: Reading configuration data /etc/ssh_config
debug2: ssh_connect: needpriv 0
debug1: Connecting to crosst.org [66.226.88.136] port 22.
debug1: Connection established.
debug1: identity file /Users/steve/.ssh/identity type -1
debug1: identity file /Users/steve/.ssh/id_rsa type -1
debug3: Not a RSA1 key file /Users/steve/.ssh/id_dsa.
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug3: key_read: missing keytype
debug2: key_type_from_name: unknown key type 'Proc-Type:'
debug3: key_read: missing keytype
debug2: key_type_from_name: unknown key type 'DEK-Info:'
debug3: key_read: missing keytype
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug2: key_type_from_name: unknown key type '-----END'
debug3: key_read: missing keytype
debug1: identity file /Users/steve/.ssh/id_dsa type 2
debug1: Remote protocol version 2.0, remote software version OpenSSH_4.2p1 FreeBSD-20050903
debug1: match: OpenSSH_4.2p1 FreeBSD-20050903 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.2
debug2: fd 3 setting O_NONBLOCK
debug1: Miscellaneous failure
No credentials cache found

debug1: Miscellaneous failure
No credentials cache found

debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-dss
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib@openssh.com
debug2: kex_parse_kexinit: none,zlib@openssh.com
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_init: found hmac-md5
debug1: kex: server->client aes128-cbc hmac-md5 none
debug2: mac_init: found hmac-md5
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug2: dh_gen_key: priv key bits set: 139/256
debug2: bits set: 541/1024
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug3: check_host_in_hostfile: filename /Users/steve/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 1
debug3: check_host_in_hostfile: filename /Users/steve/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 1
debug1: Host 'crosst.org' is known and matches the DSA host key.
debug1: Found key in /Users/steve/.ssh/known_hosts:1
debug2: bits set: 505/1024
debug1: ssh_dss_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /Users/steve/.ssh/identity (0x0)
debug2: key: /Users/steve/.ssh/id_rsa (0x0)
debug2: key: /Users/steve/.ssh/id_dsa (0x300ce0)
debug1: Authentications that can continue: publickey
debug3: start over, passed a different list publickey
debug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /Users/steve/.ssh/identity
debug3: no such identity: /Users/steve/.ssh/identity
debug1: Trying private key: /Users/steve/.ssh/id_rsa
debug3: no such identity: /Users/steve/.ssh/id_rsa
debug1: Offering public key: /Users/steve/.ssh/id_dsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
Permission denied (publickey).
 
Which key do you expect to have work? It looks like you id_dsa kkey is not the private key but might be a public key instead. It need to be a private key tto work.
 
I am pasting the id_dsa.pub key from vi in Terminal into a control pannel from my web hosting company (Aplus.net).

I have noticed that the Aplus.net server is checking the private key on my machine but doesn't like the format "-----BEGIN PRIVATE KEY-----" bla bla bla. So I have tryed taking everyting out except the actual ssh key in the private file. This seems to get me a little further, but near the end of the log there is some other conflict and I am ultimately denied.

Also, I have noticed that the public key is shorter in the web control pannel then the key that I copy from vi in Terminal.

Thanks For You Help
 
How are you generating these keys? I know that the textual key format between ssh implementations, like openssh and putty for example, is different.
 
Look at your debugging output. "debug3: key_read: missing whitespace"

Don't believe you can copy and past ssh keys. They don't format correctly. Try to scp or ftp the key.
 
Where would I FTP to? I only have access to my websites directory on the server. That is one reason I am trying to get SSH access, its impossible to setup or configure any scripts easily without ssh to the server.
 
pwd will tell you where your home directory is. ftp might not be an option if the server is not configured for you to place things in your home directory. If you do have ssh access to the system which I assume you do because your tring to install ssh keys in your .ssh directory then use scp. It will prompt you for your password when you login.

To copy files using scp the syntax is as follows -

scp foo username@foobar.com:/home/username

When you are done coping your keys to the website hosting sytsem write or append them to your autorized_keys file.

cop foo authorized_keys
cat foo >> authorized_keys
 
I tried scp to the home directory on the remote server with no luck.
The only way Aplus.net has it set up is via a web browser control pannel. They want you to paste the public key in a field.

Any other suggestions? I appreciate your help!!
 
Open the file in a real text editor ;-) I just like the oppertunity to dig at vi. But seriously, when you cut and past from the terminal allsorts of funky stuff can happen with line ending and word wrap. Open it in Text Edit.app and tr the cut and past from there.
 
I copied the id_dsa.pub key in Text Editor into the web control ssh field for my hosting company and tried to ssh into the server again and was denied again with this debug log:
 
You must log in or register to reply here.
Back
Top