<p dir="ltr">Can you please provide the sshd.conf being used?</p>
<p dir="ltr">Also could you set sshd.conf to verbose logging, generate a few login attempts, and paste /var/log/auth.log or equivalent of that log for your distro?</p>
<p dir="ltr">-Chris Punches</p>
<div class="gmail_quote">On May 10, 2015 10:46 PM, <<a href="mailto:colug-432-request@colug.net">colug-432-request@colug.net</a>> wrote:<br type="attribution"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Send colug-432 mailing list submissions to<br>
<a href="mailto:colug-432@colug.net">colug-432@colug.net</a><br>
<br>
To subscribe or unsubscribe via the World Wide Web, visit<br>
<a href="http://lists.colug.net/mailman/listinfo/colug-432" target="_blank">http://lists.colug.net/mailman/listinfo/colug-432</a><br>
or, via email, send a message with subject or body 'help' to<br>
<a href="mailto:colug-432-request@colug.net">colug-432-request@colug.net</a><br>
<br>
You can reach the person managing the list at<br>
<a href="mailto:colug-432-owner@colug.net">colug-432-owner@colug.net</a><br>
<br>
When replying, please edit your Subject line so it is more specific<br>
than "Re: Contents of colug-432 digest..."<br>
<br>
<br>
Today's Topics:<br>
<br>
1. Re: Creating SSH for New User (Steve VanSlyck)<br>
2. Re: Creating SSH for New User (Steve VanSlyck)<br>
3. Re: Creating SSH for New User (Steve VanSlyck)<br>
4. Re: Creating SSH for New User (Chris Embree)<br>
5. Re: Creating SSH for New User (Steve VanSlyck)<br>
<br>
<br>
----------------------------------------------------------------------<br>
<br>
Message: 1<br>
Date: Sun, 10 May 2015 22:39:56 -0400<br>
From: Steve VanSlyck <<a href="mailto:s.vanslyck@postpro.net">s.vanslyck@postpro.net</a>><br>
Subject: Re: [colug-432] Creating SSH for New User<br>
To: Central OH Linux User Group - 432xx <<a href="mailto:colug-432@colug.net">colug-432@colug.net</a>><br>
Message-ID: <<a href="mailto:ec912387-c488-424c-a627-6f5248729fce@email.android.com">ec912387-c488-424c-a627-6f5248729fce@email.android.com</a>><br>
Content-Type: text/plain; charset="utf-8"<br>
<br>
Why do you say I am using root's key?<br>
<br>
On May 10, 2015 10:34:39 PM EDT, Zach Villers <<a href="mailto:zachvatwork@gmail.com">zachvatwork@gmail.com</a>> wrote:<br>
>On the remote box, I would su - new user, ssh-keygen -t dsa (or rsa),<br>
>ssh<br>
>copy-id me@myhomebox. I think you are using root's key instead of the<br>
>new<br>
>users' key?<br>
><br>
>On Sun, May 10, 2015 at 10:26 PM, Steve VanSlyck<br>
><<a href="mailto:s.vanslyck@postpro.net">s.vanslyck@postpro.net</a>><br>
>wrote:<br>
><br>
>> My new user (me) can't log on via SSH. Can someone look this over<br>
>and<br>
>> tell me what super basic thing I've done wrong?<br>
>><br>
>> What I did:<br>
>><br>
>> *As root*:<br>
>><br>
>> Add user "name"<br>
>> /usr/sbin/adduser name<br>
>> Create password<br>
>> passwd name<br>
>> [created the password]<br>
>> Give root permissions<br>
>> sudo nano /etc/sudoers<br>
>> [added the line name ALL=(All) ALL<br>
>> Re-enabled password authentication in sshd_config and restarted sshd<br>
>><br>
>> *As the new user "name"*:<br>
>><br>
>> made directory<br>
>> mkdir ./ssh<br>
>> created file and added public key to file authorized keys<br>
>> sudo nano ~/.ssh/authorized_keys<br>
>> [entered the public key (which I call a "lock")]<br>
>> updated permissions "just in case"<br>
>> chmod 700 ~/.ssh<br>
>> chmod 600 ~/.ssh/authorized_keys<br>
>><br>
>> tried to login with the private key<br>
>> Result: server refused the key.<br>
>><br>
>> Any idea what I'm doing wrong?<br>
>><br>
>> _______________________________________________<br>
>> colug-432 mailing list<br>
>> <a href="mailto:colug-432@colug.net">colug-432@colug.net</a><br>
>> <a href="http://lists.colug.net/mailman/listinfo/colug-432" target="_blank">http://lists.colug.net/mailman/listinfo/colug-432</a><br>
>><br>
>><br>
><br>
><br>
>------------------------------------------------------------------------<br>
><br>
>_______________________________________________<br>
>colug-432 mailing list<br>
><a href="mailto:colug-432@colug.net">colug-432@colug.net</a><br>
><a href="http://lists.colug.net/mailman/listinfo/colug-432" target="_blank">http://lists.colug.net/mailman/listinfo/colug-432</a><br>
-------------- next part --------------<br>
An HTML attachment was scrubbed...<br>
URL: <a href="http://lists.colug.net/pipermail/colug-432/attachments/20150510/0ce93a26/attachment-0001.html" target="_blank">http://lists.colug.net/pipermail/colug-432/attachments/20150510/0ce93a26/attachment-0001.html</a><br>
<br>
------------------------------<br>
<br>
Message: 2<br>
Date: Sun, 10 May 2015 22:40:24 -0400<br>
From: Steve VanSlyck <<a href="mailto:s.vanslyck@postpro.net">s.vanslyck@postpro.net</a>><br>
Subject: Re: [colug-432] Creating SSH for New User<br>
To: Central OH Linux User Group - 432xx <<a href="mailto:colug-432@colug.net">colug-432@colug.net</a>><br>
Message-ID: <<a href="mailto:23e55d04-6752-4472-bae4-50aa1cf395d0@email.android.com">23e55d04-6752-4472-bae4-50aa1cf395d0@email.android.com</a>><br>
Content-Type: text/plain; charset="utf-8"<br>
<br>
I create the keys in putty.<br>
<br>
On May 10, 2015 10:34:39 PM EDT, Zach Villers <<a href="mailto:zachvatwork@gmail.com">zachvatwork@gmail.com</a>> wrote:<br>
>On the remote box, I would su - new user, ssh-keygen -t dsa (or rsa),<br>
>ssh<br>
>copy-id me@myhomebox. I think you are using root's key instead of the<br>
>new<br>
>users' key?<br>
><br>
>On Sun, May 10, 2015 at 10:26 PM, Steve VanSlyck<br>
><<a href="mailto:s.vanslyck@postpro.net">s.vanslyck@postpro.net</a>><br>
>wrote:<br>
><br>
>> My new user (me) can't log on via SSH. Can someone look this over<br>
>and<br>
>> tell me what super basic thing I've done wrong?<br>
>><br>
>> What I did:<br>
>><br>
>> *As root*:<br>
>><br>
>> Add user "name"<br>
>> /usr/sbin/adduser name<br>
>> Create password<br>
>> passwd name<br>
>> [created the password]<br>
>> Give root permissions<br>
>> sudo nano /etc/sudoers<br>
>> [added the line name ALL=(All) ALL<br>
>> Re-enabled password authentication in sshd_config and restarted sshd<br>
>><br>
>> *As the new user "name"*:<br>
>><br>
>> made directory<br>
>> mkdir ./ssh<br>
>> created file and added public key to file authorized keys<br>
>> sudo nano ~/.ssh/authorized_keys<br>
>> [entered the public key (which I call a "lock")]<br>
>> updated permissions "just in case"<br>
>> chmod 700 ~/.ssh<br>
>> chmod 600 ~/.ssh/authorized_keys<br>
>><br>
>> tried to login with the private key<br>
>> Result: server refused the key.<br>
>><br>
>> Any idea what I'm doing wrong?<br>
>><br>
>> _______________________________________________<br>
>> colug-432 mailing list<br>
>> <a href="mailto:colug-432@colug.net">colug-432@colug.net</a><br>
>> <a href="http://lists.colug.net/mailman/listinfo/colug-432" target="_blank">http://lists.colug.net/mailman/listinfo/colug-432</a><br>
>><br>
>><br>
><br>
><br>
>------------------------------------------------------------------------<br>
><br>
>_______________________________________________<br>
>colug-432 mailing list<br>
><a href="mailto:colug-432@colug.net">colug-432@colug.net</a><br>
><a href="http://lists.colug.net/mailman/listinfo/colug-432" target="_blank">http://lists.colug.net/mailman/listinfo/colug-432</a><br>
-------------- next part --------------<br>
An HTML attachment was scrubbed...<br>
URL: <a href="http://lists.colug.net/pipermail/colug-432/attachments/20150510/9f0813b5/attachment-0001.html" target="_blank">http://lists.colug.net/pipermail/colug-432/attachments/20150510/9f0813b5/attachment-0001.html</a><br>
<br>
------------------------------<br>
<br>
Message: 3<br>
Date: Sun, 10 May 2015 22:41:19 -0400<br>
From: Steve VanSlyck <<a href="mailto:s.vanslyck@postpro.net">s.vanslyck@postpro.net</a>><br>
Subject: Re: [colug-432] Creating SSH for New User<br>
To: Central OH Linux User Group - 432xx <<a href="mailto:colug-432@colug.net">colug-432@colug.net</a>><br>
Message-ID: <<a href="mailto:a5545738-e26f-4966-a2e3-8887ff4acd41@email.android.com">a5545738-e26f-4966-a2e3-8887ff4acd41@email.android.com</a>><br>
Content-Type: text/plain; charset="utf-8"<br>
<br>
Actually I am following the same exact procedure for the new user as I used for root<br>
<br>
On May 10, 2015 10:35:11 PM EDT, Christopher Cavello <<a href="mailto:cavello.1@osu.edu">cavello.1@osu.edu</a>> wrote:<br>
>Maybe you added one or more line breaks to the ssh key?<br>
><br>
>Try a "wc" on the key on both client and server.<br>
><br>
>Or check your sshd_config and make sure keys are allowed.<br>
>"ssh -vvv" is good for debugging.<br>
>On May 10, 2015 10:27 PM, "Steve VanSlyck" <<a href="mailto:s.vanslyck@postpro.net">s.vanslyck@postpro.net</a>><br>
>wrote:<br>
><br>
>> My new user (me) can't log on via SSH. Can someone look this over<br>
>and<br>
>> tell me what super basic thing I've done wrong?<br>
>><br>
>> What I did:<br>
>><br>
>> *As root*:<br>
>><br>
>> Add user "name"<br>
>> /usr/sbin/adduser name<br>
>> Create password<br>
>> passwd name<br>
>> [created the password]<br>
>> Give root permissions<br>
>> sudo nano /etc/sudoers<br>
>> [added the line name ALL=(All) ALL<br>
>> Re-enabled password authentication in sshd_config and restarted sshd<br>
>><br>
>> *As the new user "name"*:<br>
>><br>
>> made directory<br>
>> mkdir ./ssh<br>
>> created file and added public key to file authorized keys<br>
>> sudo nano ~/.ssh/authorized_keys<br>
>> [entered the public key (which I call a "lock")]<br>
>> updated permissions "just in case"<br>
>> chmod 700 ~/.ssh<br>
>> chmod 600 ~/.ssh/authorized_keys<br>
>><br>
>> tried to login with the private key<br>
>> Result: server refused the key.<br>
>><br>
>> Any idea what I'm doing wrong?<br>
>><br>
>> _______________________________________________<br>
>> colug-432 mailing list<br>
>> <a href="mailto:colug-432@colug.net">colug-432@colug.net</a><br>
>> <a href="http://lists.colug.net/mailman/listinfo/colug-432" target="_blank">http://lists.colug.net/mailman/listinfo/colug-432</a><br>
>><br>
>><br>
><br>
><br>
>------------------------------------------------------------------------<br>
><br>
>_______________________________________________<br>
>colug-432 mailing list<br>
><a href="mailto:colug-432@colug.net">colug-432@colug.net</a><br>
><a href="http://lists.colug.net/mailman/listinfo/colug-432" target="_blank">http://lists.colug.net/mailman/listinfo/colug-432</a><br>
-------------- next part --------------<br>
An HTML attachment was scrubbed...<br>
URL: <a href="http://lists.colug.net/pipermail/colug-432/attachments/20150510/1478f585/attachment-0001.html" target="_blank">http://lists.colug.net/pipermail/colug-432/attachments/20150510/1478f585/attachment-0001.html</a><br>
<br>
------------------------------<br>
<br>
Message: 4<br>
Date: Sun, 10 May 2015 22:43:38 -0400<br>
From: Chris Embree <<a href="mailto:cembree@ez-as.net">cembree@ez-as.net</a>><br>
Subject: Re: [colug-432] Creating SSH for New User<br>
To: Central OH Linux User Group - 432xx <<a href="mailto:colug-432@colug.net">colug-432@colug.net</a>><br>
Message-ID:<br>
<<a href="mailto:CAMDYSCkEwFBj0d4OFL2HdzmVwHOsA_e%2BrqAQn61Gj_QR6Fhajw@mail.gmail.com">CAMDYSCkEwFBj0d4OFL2HdzmVwHOsA_e+rqAQn61Gj_QR6Fhajw@mail.gmail.com</a>><br>
Content-Type: text/plain; charset=UTF-8<br>
<br>
It's been a while, but I think PuTTY uses different keys than<br>
ssh-keygen style. You probably have to run them thru PuTTY's keytool<br>
thing.<br>
<br>
<br>
On 5/10/15, Steve VanSlyck <<a href="mailto:s.vanslyck@postpro.net">s.vanslyck@postpro.net</a>> wrote:<br>
> I create the keys in putty.<br>
><br>
> On May 10, 2015 10:34:39 PM EDT, Zach Villers <<a href="mailto:zachvatwork@gmail.com">zachvatwork@gmail.com</a>><br>
> wrote:<br>
>>On the remote box, I would su - new user, ssh-keygen -t dsa (or rsa),<br>
>>ssh<br>
>>copy-id me@myhomebox. I think you are using root's key instead of the<br>
>>new<br>
>>users' key?<br>
>><br>
>>On Sun, May 10, 2015 at 10:26 PM, Steve VanSlyck<br>
>><<a href="mailto:s.vanslyck@postpro.net">s.vanslyck@postpro.net</a>><br>
>>wrote:<br>
>><br>
>>> My new user (me) can't log on via SSH. Can someone look this over<br>
>>and<br>
>>> tell me what super basic thing I've done wrong?<br>
>>><br>
>>> What I did:<br>
>>><br>
>>> *As root*:<br>
>>><br>
>>> Add user "name"<br>
>>> /usr/sbin/adduser name<br>
>>> Create password<br>
>>> passwd name<br>
>>> [created the password]<br>
>>> Give root permissions<br>
>>> sudo nano /etc/sudoers<br>
>>> [added the line name ALL=(All) ALL<br>
>>> Re-enabled password authentication in sshd_config and restarted sshd<br>
>>><br>
>>> *As the new user "name"*:<br>
>>><br>
>>> made directory<br>
>>> mkdir ./ssh<br>
>>> created file and added public key to file authorized keys<br>
>>> sudo nano ~/.ssh/authorized_keys<br>
>>> [entered the public key (which I call a "lock")]<br>
>>> updated permissions "just in case"<br>
>>> chmod 700 ~/.ssh<br>
>>> chmod 600 ~/.ssh/authorized_keys<br>
>>><br>
>>> tried to login with the private key<br>
>>> Result: server refused the key.<br>
>>><br>
>>> Any idea what I'm doing wrong?<br>
>>><br>
>>> _______________________________________________<br>
>>> colug-432 mailing list<br>
>>> <a href="mailto:colug-432@colug.net">colug-432@colug.net</a><br>
>>> <a href="http://lists.colug.net/mailman/listinfo/colug-432" target="_blank">http://lists.colug.net/mailman/listinfo/colug-432</a><br>
>>><br>
>>><br>
>><br>
>><br>
>>------------------------------------------------------------------------<br>
>><br>
>>_______________________________________________<br>
>>colug-432 mailing list<br>
>><a href="mailto:colug-432@colug.net">colug-432@colug.net</a><br>
>><a href="http://lists.colug.net/mailman/listinfo/colug-432" target="_blank">http://lists.colug.net/mailman/listinfo/colug-432</a><br>
><br>
<br>
<br>
------------------------------<br>
<br>
Message: 5<br>
Date: Sun, 10 May 2015 22:45:59 -0400<br>
From: Steve VanSlyck <<a href="mailto:s.vanslyck@postpro.net">s.vanslyck@postpro.net</a>><br>
Subject: Re: [colug-432] Creating SSH for New User<br>
To: Central OH Linux User Group - 432xx <<a href="mailto:colug-432@colug.net">colug-432@colug.net</a>><br>
Message-ID: <<a href="mailto:e718d0fe-a2d6-44c4-822d-b0226426905a@email.android.com">e718d0fe-a2d6-44c4-822d-b0226426905a@email.android.com</a>><br>
Content-Type: text/plain; charset="utf-8"<br>
<br>
Yes that is a good point, & I am aware of the differences between the putty public key and the way it needs to be on the server.<br>
<br>
On May 10, 2015 10:43:38 PM EDT, Chris Embree <<a href="mailto:cembree@ez-as.net">cembree@ez-as.net</a>> wrote:<br>
>It's been a while, but I think PuTTY uses different keys than<br>
>ssh-keygen style. You probably have to run them thru PuTTY's keytool<br>
>thing.<br>
><br>
><br>
>On 5/10/15, Steve VanSlyck <<a href="mailto:s.vanslyck@postpro.net">s.vanslyck@postpro.net</a>> wrote:<br>
>> I create the keys in putty.<br>
>><br>
>> On May 10, 2015 10:34:39 PM EDT, Zach Villers <<a href="mailto:zachvatwork@gmail.com">zachvatwork@gmail.com</a>><br>
>> wrote:<br>
>>>On the remote box, I would su - new user, ssh-keygen -t dsa (or rsa),<br>
>>>ssh<br>
>>>copy-id me@myhomebox. I think you are using root's key instead of the<br>
>>>new<br>
>>>users' key?<br>
>>><br>
>>>On Sun, May 10, 2015 at 10:26 PM, Steve VanSlyck<br>
>>><<a href="mailto:s.vanslyck@postpro.net">s.vanslyck@postpro.net</a>><br>
>>>wrote:<br>
>>><br>
>>>> My new user (me) can't log on via SSH. Can someone look this over<br>
>>>and<br>
>>>> tell me what super basic thing I've done wrong?<br>
>>>><br>
>>>> What I did:<br>
>>>><br>
>>>> *As root*:<br>
>>>><br>
>>>> Add user "name"<br>
>>>> /usr/sbin/adduser name<br>
>>>> Create password<br>
>>>> passwd name<br>
>>>> [created the password]<br>
>>>> Give root permissions<br>
>>>> sudo nano /etc/sudoers<br>
>>>> [added the line name ALL=(All) ALL<br>
>>>> Re-enabled password authentication in sshd_config and restarted<br>
>sshd<br>
>>>><br>
>>>> *As the new user "name"*:<br>
>>>><br>
>>>> made directory<br>
>>>> mkdir ./ssh<br>
>>>> created file and added public key to file authorized keys<br>
>>>> sudo nano ~/.ssh/authorized_keys<br>
>>>> [entered the public key (which I call a "lock")]<br>
>>>> updated permissions "just in case"<br>
>>>> chmod 700 ~/.ssh<br>
>>>> chmod 600 ~/.ssh/authorized_keys<br>
>>>><br>
>>>> tried to login with the private key<br>
>>>> Result: server refused the key.<br>
>>>><br>
>>>> Any idea what I'm doing wrong?<br>
>>>><br>
>>>> _______________________________________________<br>
>>>> colug-432 mailing list<br>
>>>> <a href="mailto:colug-432@colug.net">colug-432@colug.net</a><br>
>>>> <a href="http://lists.colug.net/mailman/listinfo/colug-432" target="_blank">http://lists.colug.net/mailman/listinfo/colug-432</a><br>
>>>><br>
>>>><br>
>>><br>
>>><br>
>>>------------------------------------------------------------------------<br>
>>><br>
>>>_______________________________________________<br>
>>>colug-432 mailing list<br>
>>><a href="mailto:colug-432@colug.net">colug-432@colug.net</a><br>
>>><a href="http://lists.colug.net/mailman/listinfo/colug-432" target="_blank">http://lists.colug.net/mailman/listinfo/colug-432</a><br>
>><br>
>_______________________________________________<br>
>colug-432 mailing list<br>
><a href="mailto:colug-432@colug.net">colug-432@colug.net</a><br>
><a href="http://lists.colug.net/mailman/listinfo/colug-432" target="_blank">http://lists.colug.net/mailman/listinfo/colug-432</a><br>
-------------- next part --------------<br>
An HTML attachment was scrubbed...<br>
URL: <a href="http://lists.colug.net/pipermail/colug-432/attachments/20150510/7909424f/attachment.html" target="_blank">http://lists.colug.net/pipermail/colug-432/attachments/20150510/7909424f/attachment.html</a><br>
<br>
------------------------------<br>
<br>
_______________________________________________<br>
colug-432 mailing list<br>
<a href="mailto:colug-432@colug.net">colug-432@colug.net</a><br>
<a href="http://lists.colug.net/mailman/listinfo/colug-432" target="_blank">http://lists.colug.net/mailman/listinfo/colug-432</a><br>
<br>
<br>
End of colug-432 Digest, Vol 69, Issue 5<br>
****************************************<br>
</blockquote></div>