[colug-432] colug-432 Digest, Vol 69, Issue 5

Chris Punches punches.chris at gmail.com
Mon May 11 00:07:17 EDT 2015


Can you please provide the sshd.conf being used?

Also could you set sshd.conf to verbose logging, generate a few login
attempts, and paste /var/log/auth.log or equivalent of that log for your
distro?

-Chris Punches
On May 10, 2015 10:46 PM, <colug-432-request at colug.net> wrote:

> Send colug-432 mailing list submissions to
>         colug-432 at colug.net
>
> To subscribe or unsubscribe via the World Wide Web, visit
>         http://lists.colug.net/mailman/listinfo/colug-432
> or, via email, send a message with subject or body 'help' to
>         colug-432-request at colug.net
>
> You can reach the person managing the list at
>         colug-432-owner at colug.net
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of colug-432 digest..."
>
>
> Today's Topics:
>
>    1. Re: Creating SSH for New User (Steve VanSlyck)
>    2. Re: Creating SSH for New User (Steve VanSlyck)
>    3. Re: Creating SSH for New User (Steve VanSlyck)
>    4. Re: Creating SSH for New User (Chris Embree)
>    5. Re: Creating SSH for New User (Steve VanSlyck)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Sun, 10 May 2015 22:39:56 -0400
> From: Steve VanSlyck <s.vanslyck at postpro.net>
> Subject: Re: [colug-432] Creating SSH for New User
> To: Central OH Linux User Group - 432xx <colug-432 at colug.net>
> Message-ID: <ec912387-c488-424c-a627-6f5248729fce at email.android.com>
> Content-Type: text/plain; charset="utf-8"
>
> Why do you say I am using root's key?
>
> On May 10, 2015 10:34:39 PM EDT, Zach Villers <zachvatwork at gmail.com>
> wrote:
> >On the remote box, I would su - new user, ssh-keygen -t dsa (or rsa),
> >ssh
> >copy-id me at myhomebox. I think you are using root's key instead of the
> >new
> >users' key?
> >
> >On Sun, May 10, 2015 at 10:26 PM, Steve VanSlyck
> ><s.vanslyck at postpro.net>
> >wrote:
> >
> >>  My new user (me) can't log on via SSH. Can someone look this over
> >and
> >> tell me what super basic thing I've done wrong?
> >>
> >> What I did:
> >>
> >> *As root*:
> >>
> >> Add user "name"
> >>      /usr/sbin/adduser name
> >> Create password
> >>      passwd name
> >>           [created the password]
> >> Give root permissions
> >>      sudo nano /etc/sudoers
> >>           [added the line name ALL=(All) ALL
> >> Re-enabled password authentication in sshd_config and restarted sshd
> >>
> >> *As the new user "name"*:
> >>
> >> made directory
> >>      mkdir ./ssh
> >> created file and added public key to file authorized keys
> >>      sudo nano ~/.ssh/authorized_keys
> >>           [entered the public key (which I call a "lock")]
> >> updated permissions "just in case"
> >>      chmod 700 ~/.ssh
> >>      chmod 600 ~/.ssh/authorized_keys
> >>
> >> tried to login with the private key
> >>      Result: server refused the key.
> >>
> >> Any idea what I'm doing wrong?
> >>
> >> _______________________________________________
> >> colug-432 mailing list
> >> colug-432 at colug.net
> >> http://lists.colug.net/mailman/listinfo/colug-432
> >>
> >>
> >
> >
> >------------------------------------------------------------------------
> >
> >_______________________________________________
> >colug-432 mailing list
> >colug-432 at colug.net
> >http://lists.colug.net/mailman/listinfo/colug-432
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL:
> http://lists.colug.net/pipermail/colug-432/attachments/20150510/0ce93a26/attachment-0001.html
>
> ------------------------------
>
> Message: 2
> Date: Sun, 10 May 2015 22:40:24 -0400
> From: Steve VanSlyck <s.vanslyck at postpro.net>
> Subject: Re: [colug-432] Creating SSH for New User
> To: Central OH Linux User Group - 432xx <colug-432 at colug.net>
> Message-ID: <23e55d04-6752-4472-bae4-50aa1cf395d0 at email.android.com>
> Content-Type: text/plain; charset="utf-8"
>
> I create the keys in putty.
>
> On May 10, 2015 10:34:39 PM EDT, Zach Villers <zachvatwork at gmail.com>
> wrote:
> >On the remote box, I would su - new user, ssh-keygen -t dsa (or rsa),
> >ssh
> >copy-id me at myhomebox. I think you are using root's key instead of the
> >new
> >users' key?
> >
> >On Sun, May 10, 2015 at 10:26 PM, Steve VanSlyck
> ><s.vanslyck at postpro.net>
> >wrote:
> >
> >>  My new user (me) can't log on via SSH. Can someone look this over
> >and
> >> tell me what super basic thing I've done wrong?
> >>
> >> What I did:
> >>
> >> *As root*:
> >>
> >> Add user "name"
> >>      /usr/sbin/adduser name
> >> Create password
> >>      passwd name
> >>           [created the password]
> >> Give root permissions
> >>      sudo nano /etc/sudoers
> >>           [added the line name ALL=(All) ALL
> >> Re-enabled password authentication in sshd_config and restarted sshd
> >>
> >> *As the new user "name"*:
> >>
> >> made directory
> >>      mkdir ./ssh
> >> created file and added public key to file authorized keys
> >>      sudo nano ~/.ssh/authorized_keys
> >>           [entered the public key (which I call a "lock")]
> >> updated permissions "just in case"
> >>      chmod 700 ~/.ssh
> >>      chmod 600 ~/.ssh/authorized_keys
> >>
> >> tried to login with the private key
> >>      Result: server refused the key.
> >>
> >> Any idea what I'm doing wrong?
> >>
> >> _______________________________________________
> >> colug-432 mailing list
> >> colug-432 at colug.net
> >> http://lists.colug.net/mailman/listinfo/colug-432
> >>
> >>
> >
> >
> >------------------------------------------------------------------------
> >
> >_______________________________________________
> >colug-432 mailing list
> >colug-432 at colug.net
> >http://lists.colug.net/mailman/listinfo/colug-432
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL:
> http://lists.colug.net/pipermail/colug-432/attachments/20150510/9f0813b5/attachment-0001.html
>
> ------------------------------
>
> Message: 3
> Date: Sun, 10 May 2015 22:41:19 -0400
> From: Steve VanSlyck <s.vanslyck at postpro.net>
> Subject: Re: [colug-432] Creating SSH for New User
> To: Central OH Linux User Group - 432xx <colug-432 at colug.net>
> Message-ID: <a5545738-e26f-4966-a2e3-8887ff4acd41 at email.android.com>
> Content-Type: text/plain; charset="utf-8"
>
> Actually I am following the same exact procedure for the new user as I
> used for root
>
> On May 10, 2015 10:35:11 PM EDT, Christopher Cavello <cavello.1 at osu.edu>
> wrote:
> >Maybe you added one or more line breaks to the ssh key?
> >
> >Try a "wc" on the key on both client and server.
> >
> >Or check your sshd_config and make sure keys are allowed.
> >"ssh -vvv" is good for debugging.
> >On May 10, 2015 10:27 PM, "Steve VanSlyck" <s.vanslyck at postpro.net>
> >wrote:
> >
> >>  My new user (me) can't log on via SSH. Can someone look this over
> >and
> >> tell me what super basic thing I've done wrong?
> >>
> >> What I did:
> >>
> >> *As root*:
> >>
> >> Add user "name"
> >>      /usr/sbin/adduser name
> >> Create password
> >>      passwd name
> >>           [created the password]
> >> Give root permissions
> >>      sudo nano /etc/sudoers
> >>           [added the line name ALL=(All) ALL
> >> Re-enabled password authentication in sshd_config and restarted sshd
> >>
> >> *As the new user "name"*:
> >>
> >> made directory
> >>      mkdir ./ssh
> >> created file and added public key to file authorized keys
> >>      sudo nano ~/.ssh/authorized_keys
> >>           [entered the public key (which I call a "lock")]
> >> updated permissions "just in case"
> >>      chmod 700 ~/.ssh
> >>      chmod 600 ~/.ssh/authorized_keys
> >>
> >> tried to login with the private key
> >>      Result: server refused the key.
> >>
> >> Any idea what I'm doing wrong?
> >>
> >> _______________________________________________
> >> colug-432 mailing list
> >> colug-432 at colug.net
> >> http://lists.colug.net/mailman/listinfo/colug-432
> >>
> >>
> >
> >
> >------------------------------------------------------------------------
> >
> >_______________________________________________
> >colug-432 mailing list
> >colug-432 at colug.net
> >http://lists.colug.net/mailman/listinfo/colug-432
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL:
> http://lists.colug.net/pipermail/colug-432/attachments/20150510/1478f585/attachment-0001.html
>
> ------------------------------
>
> Message: 4
> Date: Sun, 10 May 2015 22:43:38 -0400
> From: Chris Embree <cembree at ez-as.net>
> Subject: Re: [colug-432] Creating SSH for New User
> To: Central OH Linux User Group - 432xx <colug-432 at colug.net>
> Message-ID:
>         <
> CAMDYSCkEwFBj0d4OFL2HdzmVwHOsA_e+rqAQn61Gj_QR6Fhajw at mail.gmail.com>
> Content-Type: text/plain; charset=UTF-8
>
> It's been a while, but I think PuTTY uses different keys than
> ssh-keygen style.  You probably have to run them thru PuTTY's keytool
> thing.
>
>
> On 5/10/15, Steve VanSlyck <s.vanslyck at postpro.net> wrote:
> > I create the keys in putty.
> >
> > On May 10, 2015 10:34:39 PM EDT, Zach Villers <zachvatwork at gmail.com>
> > wrote:
> >>On the remote box, I would su - new user, ssh-keygen -t dsa (or rsa),
> >>ssh
> >>copy-id me at myhomebox. I think you are using root's key instead of the
> >>new
> >>users' key?
> >>
> >>On Sun, May 10, 2015 at 10:26 PM, Steve VanSlyck
> >><s.vanslyck at postpro.net>
> >>wrote:
> >>
> >>>  My new user (me) can't log on via SSH. Can someone look this over
> >>and
> >>> tell me what super basic thing I've done wrong?
> >>>
> >>> What I did:
> >>>
> >>> *As root*:
> >>>
> >>> Add user "name"
> >>>      /usr/sbin/adduser name
> >>> Create password
> >>>      passwd name
> >>>           [created the password]
> >>> Give root permissions
> >>>      sudo nano /etc/sudoers
> >>>           [added the line name ALL=(All) ALL
> >>> Re-enabled password authentication in sshd_config and restarted sshd
> >>>
> >>> *As the new user "name"*:
> >>>
> >>> made directory
> >>>      mkdir ./ssh
> >>> created file and added public key to file authorized keys
> >>>      sudo nano ~/.ssh/authorized_keys
> >>>           [entered the public key (which I call a "lock")]
> >>> updated permissions "just in case"
> >>>      chmod 700 ~/.ssh
> >>>      chmod 600 ~/.ssh/authorized_keys
> >>>
> >>> tried to login with the private key
> >>>      Result: server refused the key.
> >>>
> >>> Any idea what I'm doing wrong?
> >>>
> >>> _______________________________________________
> >>> colug-432 mailing list
> >>> colug-432 at colug.net
> >>> http://lists.colug.net/mailman/listinfo/colug-432
> >>>
> >>>
> >>
> >>
> >>------------------------------------------------------------------------
> >>
> >>_______________________________________________
> >>colug-432 mailing list
> >>colug-432 at colug.net
> >>http://lists.colug.net/mailman/listinfo/colug-432
> >
>
>
> ------------------------------
>
> Message: 5
> Date: Sun, 10 May 2015 22:45:59 -0400
> From: Steve VanSlyck <s.vanslyck at postpro.net>
> Subject: Re: [colug-432] Creating SSH for New User
> To: Central OH Linux User Group - 432xx <colug-432 at colug.net>
> Message-ID: <e718d0fe-a2d6-44c4-822d-b0226426905a at email.android.com>
> Content-Type: text/plain; charset="utf-8"
>
> Yes that is a good point, & I am aware of the differences between the
> putty public key and the way it needs to be on the server.
>
> On May 10, 2015 10:43:38 PM EDT, Chris Embree <cembree at ez-as.net> wrote:
> >It's been a while, but I think PuTTY uses different keys than
> >ssh-keygen style.  You probably have to run them thru PuTTY's keytool
> >thing.
> >
> >
> >On 5/10/15, Steve VanSlyck <s.vanslyck at postpro.net> wrote:
> >> I create the keys in putty.
> >>
> >> On May 10, 2015 10:34:39 PM EDT, Zach Villers <zachvatwork at gmail.com>
> >> wrote:
> >>>On the remote box, I would su - new user, ssh-keygen -t dsa (or rsa),
> >>>ssh
> >>>copy-id me at myhomebox. I think you are using root's key instead of the
> >>>new
> >>>users' key?
> >>>
> >>>On Sun, May 10, 2015 at 10:26 PM, Steve VanSlyck
> >>><s.vanslyck at postpro.net>
> >>>wrote:
> >>>
> >>>>  My new user (me) can't log on via SSH. Can someone look this over
> >>>and
> >>>> tell me what super basic thing I've done wrong?
> >>>>
> >>>> What I did:
> >>>>
> >>>> *As root*:
> >>>>
> >>>> Add user "name"
> >>>>      /usr/sbin/adduser name
> >>>> Create password
> >>>>      passwd name
> >>>>           [created the password]
> >>>> Give root permissions
> >>>>      sudo nano /etc/sudoers
> >>>>           [added the line name ALL=(All) ALL
> >>>> Re-enabled password authentication in sshd_config and restarted
> >sshd
> >>>>
> >>>> *As the new user "name"*:
> >>>>
> >>>> made directory
> >>>>      mkdir ./ssh
> >>>> created file and added public key to file authorized keys
> >>>>      sudo nano ~/.ssh/authorized_keys
> >>>>           [entered the public key (which I call a "lock")]
> >>>> updated permissions "just in case"
> >>>>      chmod 700 ~/.ssh
> >>>>      chmod 600 ~/.ssh/authorized_keys
> >>>>
> >>>> tried to login with the private key
> >>>>      Result: server refused the key.
> >>>>
> >>>> Any idea what I'm doing wrong?
> >>>>
> >>>> _______________________________________________
> >>>> colug-432 mailing list
> >>>> colug-432 at colug.net
> >>>> http://lists.colug.net/mailman/listinfo/colug-432
> >>>>
> >>>>
> >>>
> >>>
> >>>------------------------------------------------------------------------
> >>>
> >>>_______________________________________________
> >>>colug-432 mailing list
> >>>colug-432 at colug.net
> >>>http://lists.colug.net/mailman/listinfo/colug-432
> >>
> >_______________________________________________
> >colug-432 mailing list
> >colug-432 at colug.net
> >http://lists.colug.net/mailman/listinfo/colug-432
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL:
> http://lists.colug.net/pipermail/colug-432/attachments/20150510/7909424f/attachment.html
>
> ------------------------------
>
> _______________________________________________
> colug-432 mailing list
> colug-432 at colug.net
> http://lists.colug.net/mailman/listinfo/colug-432
>
>
> End of colug-432 Digest, Vol 69, Issue 5
> ****************************************
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.colug.net/pipermail/colug-432/attachments/20150511/0cf4c674/attachment-0001.html 


More information about the colug-432 mailing list