Just as the title says: using PuTTY 0.60 with a PuTTYGen'ed DSA 2048 key with passphrase on a Windows XP host to connect to Ubuntu 10.04.1 LTS (OpenSSH_5.3p1; OpenSSL 0.9.8k).
The odd thing is, it only works when I've logged into the console session of the host as the same user (gravyface, the sudoer user) I'm trying to authenticate with via SSH. If I log out of the console _before_ I SSH in from PuTTY, I get a "Server refused our key" error; the only way I can SSH in is if I have the console session open/logged in _first_ and then I can SSH in no problem; once I'm in/authenticated, I can close the console session. Changed log output to DEBUG3 in sshd_config, and see the following on an unsuccessful attempt (while not logged into the console as the user) in auth.log: 608:Apr 2 13:51:24 CJRR-DB01 sshd[3039]: Connection from 10.10.10.254 port 3715 609:Apr 2 13:51:24 CJRR-DB01 sshd[3039]: debug1: Client protocol version 2.0; client software version PuTTY_Release_0.60 610:Apr 2 13:51:24 CJRR-DB01 sshd[3039]: debug1: no match: PuTTY_Release_0.60 611:Apr 2 13:51:24 CJRR-DB01 sshd[3039]: debug1: Enabling compatibility mode for protocol 2.0 612:Apr 2 13:51:24 CJRR-DB01 sshd[3039]: debug1: Local version string SSH-2.0-OpenSSH_5.3p1 Debian-3ubuntu6 613:Apr 2 13:51:24 CJRR-DB01 sshd[3039]: debug2: fd 3 setting O_NONBLOCK 614:Apr 2 13:51:24 CJRR-DB01 sshd[3039]: debug2: Network child is on pid 3040 615:Apr 2 13:51:24 CJRR-DB01 sshd[3039]: debug3: preauth child monitor started 616:Apr 2 13:51:24 CJRR-DB01 sshd[3039]: debug3: mm_request_receive entering 617:Apr 2 13:51:24 CJRR-DB01 sshd[3039]: debug3: monitor_read: checking request 0 618:Apr 2 13:51:24 CJRR-DB01 sshd[3039]: debug3: mm_answer_moduli: got parameters: 1024 4096 8192 619:Apr 2 13:51:24 CJRR-DB01 sshd[3039]: debug3: mm_request_send entering: type 1 620:Apr 2 13:51:24 CJRR-DB01 sshd[3039]: debug2: monitor_read: 0 used once, disabling now 621:Apr 2 13:51:24 CJRR-DB01 sshd[3039]: debug3: mm_request_receive entering 622:Apr 2 13:51:24 CJRR-DB01 sshd[3039]: debug3: monitor_read: checking request 5 623:Apr 2 13:51:24 CJRR-DB01 sshd[3039]: debug3: mm_answer_sign 624:Apr 2 13:51:24 CJRR-DB01 sshd[3039]: debug3: mm_answer_sign: signature 0x7f7ae924bef0(271) 625:Apr 2 13:51:24 CJRR-DB01 sshd[3039]: debug3: mm_request_send entering: type 6 626:Apr 2 13:51:24 CJRR-DB01 sshd[3039]: debug2: monitor_read: 5 used once, disabling now 627:Apr 2 13:51:24 CJRR-DB01 sshd[3039]: debug3: mm_request_receive entering 628:Apr 2 13:51:27 CJRR-DB01 sshd[3039]: debug3: monitor_read: checking request 7 629:Apr 2 13:51:27 CJRR-DB01 sshd[3039]: debug3: mm_answer_pwnamallow 630:Apr 2 13:51:27 CJRR-DB01 sshd[3039]: debug3: Trying to reverse map address 10.10.10.254. 631:Apr 2 13:51:27 CJRR-DB01 sshd[3039]: debug2: parse_server_config: config reprocess config len 676 632:Apr 2 13:51:27 CJRR-DB01 sshd[3039]: debug3: mm_answer_pwnamallow: sending MONITOR_ANS_PWNAM: 1 633:Apr 2 13:51:27 CJRR-DB01 sshd[3039]: debug3: mm_request_send entering: type 8 634:Apr 2 13:51:27 CJRR-DB01 sshd[3039]: debug2: monitor_read: 7 used once, disabling now 635:Apr 2 13:51:27 CJRR-DB01 sshd[3039]: debug3: mm_request_receive entering 636:Apr 2 13:51:27 CJRR-DB01 sshd[3039]: debug3: monitor_read: checking request 50 637:Apr 2 13:51:27 CJRR-DB01 sshd[3039]: debug1: PAM: initializing for "gravyface" 638:Apr 2 13:51:27 CJRR-DB01 sshd[3039]: debug1: PAM: setting PAM_RHOST to "10.10.10.254" 639:Apr 2 13:51:27 CJRR-DB01 sshd[3039]: debug1: PAM: setting PAM_TTY to "ssh" 640:Apr 2 13:51:27 CJRR-DB01 sshd[3039]: debug2: monitor_read: 50 used once, disabling now 641:Apr 2 13:51:27 CJRR-DB01 sshd[3039]: debug3: mm_request_receive entering 642:Apr 2 13:51:27 CJRR-DB01 sshd[3039]: debug3: monitor_read: checking request 3 643:Apr 2 13:51:27 CJRR-DB01 sshd[3039]: debug3: mm_answer_authserv: service=ssh-connection, style=, role= 644:Apr 2 13:51:27 CJRR-DB01 sshd[3039]: debug2: monitor_read: 3 used once, disabling now 645:Apr 2 13:51:27 CJRR-DB01 sshd[3039]: debug3: mm_request_receive entering 646:Apr 2 13:51:27 CJRR-DB01 sshd[3039]: debug3: monitor_read: checking request 21 647:Apr 2 13:51:27 CJRR-DB01 sshd[3039]: debug3: mm_answer_keyallowed entering 648:Apr 2 13:51:27 CJRR-DB01 sshd[3039]: debug3: mm_answer_keyallowed: key_from_blob: 0x7f7ae9257990 649:Apr 2 13:51:27 CJRR-DB01 sshd[3039]: debug1: Checking blacklist file /usr/share/ssh/blacklist.DSA-2047 650:Apr 2 13:51:27 CJRR-DB01 sshd[3039]: debug1: Checking blacklist file /etc/ssh/blacklist.DSA-2047 651:Apr 2 13:51:27 CJRR-DB01 sshd[3039]: debug1: temporarily_use_uid: 1000/1000 (e=0/0) 652:Apr 2 13:51:27 CJRR-DB01 sshd[3039]: debug1: trying public key file /home/gravyface/.ssh/authorized_keys 653:Apr 2 13:51:27 CJRR-DB01 sshd[3039]: debug1: restore_uid: 0/0 654:Apr 2 13:51:27 CJRR-DB01 sshd[3039]: debug1: temporarily_use_uid: 1000/1000 (e=0/0) 655:Apr 2 13:51:27 CJRR-DB01 sshd[3039]: debug1: trying public key file /home/gravyface/.ssh/authorized_keys2 656:Apr 2 13:51:27 CJRR-DB01 sshd[3039]: debug1: restore_uid: 0/0 657:Apr 2 13:51:27 CJRR-DB01 sshd[3039]: Failed publickey for gravyface from 10.10.10.254 port 3715 ssh2 658:Apr 2 13:51:27 CJRR-DB01 sshd[3039]: debug3: mm_answer_keyallowed: key 0x7f7ae9257990 is not allowed 659:Apr 2 13:51:27 CJRR-DB01 sshd[3039]: debug3: mm_request_send entering: type 22 660:Apr 2 13:51:27 CJRR-DB01 sshd[3039]: debug3: mm_request_receive entering 661:Apr 2 13:51:27 CJRR-DB01 sshd[3039]: debug1: do_cleanup 662:Apr 2 13:51:27 CJRR-DB01 sshd[3039]: debug1: PAM: cleanup 663:Apr 2 13:51:27 CJRR-DB01 sshd[3039]: debug3: PAM: sshpam_thread_cleanup entering /home/gravyface/.ssh/ is 700, /home/gravyface/.ssh/authorized_keys is 600, but like I said, if I login at the console as gravyface, ALT-TAB over to PuTTY and open a new session, it asks for the passphrase and works fine. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
