Hi, I have successfully uploaded my SSH public key to the authorized_keys file in ~/.ssh on the remote server using ssh-copy-id. I connected using password authentication to check whether it really is the correct key there and it is. Permissions are ok.
Public key authentication is the first (in order and priority) of several auth methods that the server offers. But as to the output below something is not working with the submission of the secret part of the key (well, the proof of being in possession of it) by the ssh-agent. Before establishing connection for the first time I did eval $(ssh-agent) PID xxxx ssh-add ~/.ssh/id_rsa But it seems that the ssh-agent does not really authenticates to the remote server and as a fallback password auth is selected. (I anonymized the output below.) So, pubkey authentication is not working :-( Can anyone tell me what's going wrong, especially this debug1: Offering RSA public key: ~/.ssh/id_rsa debug2: we sent a publickey packet, wait for reply ... debug2: we did not send a packet, disable method Any hints welcome. Stephan ----------------------------------------------------------------------- me@mymachine:~/.ssh$ ssh -vv me@theremoteserver OpenSSH_6.7p1 Debian-5+deb8u3, OpenSSL 1.0.1t 3 May 2016 debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 19: Applying options for * debug2: ssh_connect: needpriv 0 debug1: Connecting to theremoteserver [IPaddress_remoteserver] port 22. debug1: Connection established. [debug messages concerning type 1 keys, snipped] debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_6.7p1 Debian-5+deb8u3 debug1: Remote protocol version 2.0, remote software version OpenSSH_6.0p1 Debian-4+deb7u6 debug1: match: OpenSSH_6.0p1 Debian-4+deb7u6 pat OpenSSH* compat 0x04000000 debug2: fd 3 setting O_NONBLOCK debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received [debug messages concerning ciphers, snipped] debug1: Server host key: RSA [server_host_key] debug1: Host 'theremoteserver' is known and matches the RSA host key. debug1: Found key in ~/.ssh/known_hosts:4 debug2: kex_derive_keys debug2: set_newkeys: mode 1 debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug2: set_newkeys: mode 0 debug1: SSH2_MSG_NEWKEYS received debug1: SSH2_MSG_SERVICE_REQUEST sent debug2: service_accept: ssh-userauth debug1: SSH2_MSG_SERVICE_ACCEPT received debug2: key: ~/.ssh/id_rsa (0x1cpt789b66z1), debug2: key: ~/.ssh/id_dsa ((nil)), debug2: key: ~/.ssh/id_ecdsa ((nil)), debug2: key: ~/.ssh/id_ed25519 ((nil)), debug1: Authentications that can continue: publickey,password,keyboard-interactive debug1: Next authentication method: publickey debug1: Offering RSA public key: ~/.ssh/id_rsa debug2: we sent a publickey packet, wait for reply debug1: Authentications that can continue: publickey,password,keyboard-interactive debug1: Trying private key: ~/.ssh/id_dsa debug1: Trying private key: ~/.ssh/id_ecdsa debug1: Trying private key: ~/.ssh/id_ed25519 debug2: we did not send a packet, disable method debug1: Next authentication method: keyboard-interactive debug2: userauth_kbdint debug2: we sent a keyboard-interactive packet, wait for reply debug2: input_userauth_info_req debug2: input_userauth_info_req: num_prompts 1 Password: ------------------------------------------------------------------------ NOTE: I pray for the OpenSSL version OpenSSH ships with being patched soon in Jessie!
