On Sunday, December 25, 2016 at 12:39:27 AM UTC, Maxie Schmidt wrote: > > It's also reassuring for me that it can be fixed on the server. I > literally tried almost everything available online to tweak the config > files and regenerated keys a few separate times to see if that was the > issue. Do you know when this will be fixed? >
Fixing the setup might be tricky, as we do not seem to have a way to reproduce this problem. Let me try to hack this around - I'd try to inject your public key into the system in some other way. > On Sat, Dec 24, 2016 at 5:03 PM, Dima Pasechnik <dim...@gmail.com > <javascript:>> wrote: > >> >> >> On Saturday, December 24, 2016 at 10:30:44 PM UTC, Maxie Schmidt wrote: >>> >>> I also easily added the same key to my existing github account and it >>> works as expected. >>> >> this is good to know. As I wrote, it looks now to me as this is a problem >> on trac side. >> The one I don't seem to recall, for sure. We did have issues with keys >> being inserted >> with broken formatting, resulting in the breakage of the whole thing. >> Maybe it's this again, in a more tricky shape. >> >> I must say I do not understand why the interface does not ask one to >> upload the public key, instead >> doing this cut and paste error-prone stuff; probably a necessity for some >> truly weird setups, though. >> >> Dima >> >> >> >> >>> >>> On Sat, Dec 24, 2016 at 4:12 PM, Maxie Schmidt <max...@gmail.com> wrote: >>> >>>> I tried re-adding the key on the trac preferences page. I'm still not >>>> able to access the server using "ssh g...@trac.sagemath.org info". >>>> >>>> On Sat, Dec 24, 2016 at 4:09 PM, Maxie Schmidt <max...@gmail.com> >>>> wrote: >>>> >>>>> I also have a local ~/.ssh/config file which contains: >>>>> >>>>> Host * >>>>> PubKeyAuthentication yes >>>>> IdentityFile /home/maxie/.ssh/id_rsa >>>>> PubkeyAcceptedKeyTypes=+ssh-rsa >>>>> IdentityFile ~/.ssh/id_rsa.pub >>>>> >>>>> >>>>> On Sat, Dec 24, 2016 at 4:08 PM, Maxie Schmidt <max...@gmail.com> >>>>> wrote: >>>>> >>>>>> This is the output of listing my ~/.ssh directory: >>>>>> ls -l ~/.ssh/ >>>>>> total 36 >>>>>> -r--r--r-- 1 maxie maxie 404 Dec 21 20:01 authorized_keys >>>>>> -rw-r--r-- 1 maxie maxie 192 Dec 24 06:58 config >>>>>> -rw------- 1 maxie maxie 1679 Sep 8 23:46 google_compute_engine >>>>>> -rw------- 1 maxie maxie 404 Sep 8 23:46 google_compute_engine.pub >>>>>> -rw------- 1 maxie maxie 1110 Oct 18 23:40 google_compute_known_hosts >>>>>> -rw------- 1 maxie maxie 1679 Dec 21 14:08 id_rsa >>>>>> -rw-r--r-- 1 maxie maxie 404 Dec 21 14:08 id_rsa.pub >>>>>> -rw-r--r-- 1 maxie maxie 374 Dec 24 06:49 known_hosts >>>>>> -rw------- 1 maxie maxie 2878 Dec 20 20:23 known_hosts-backup >>>>>> >>>>>> And here'e /etc/ssh/ssh_config: >>>>>> >>>>>> # This is the ssh client system-wide configuration file. See >>>>>> # ssh_config(5) for more information. This file provides defaults for >>>>>> # users, and the values can be changed in per-user configuration files >>>>>> # or on the command line. >>>>>> >>>>>> # Configuration data is parsed as follows: >>>>>> # 1. command line options >>>>>> # 2. user-specific file >>>>>> # 3. system-wide file >>>>>> # Any configuration value is only changed the first time it is set. >>>>>> # Thus, host-specific definitions should be at the beginning of the >>>>>> # configuration file, and defaults at the end. >>>>>> >>>>>> # Site-wide defaults for some commonly used options. For a >>>>>> comprehensive >>>>>> # list of available options, their meanings and defaults, please see >>>>>> the >>>>>> # ssh_config(5) man page. >>>>>> >>>>>> Host * >>>>>> # ForwardAgent no >>>>>> ForwardX11 no >>>>>> # ForwardX11Trusted yes >>>>>> # RhostsRSAAuthentication no >>>>>> # RSAAuthentication yes >>>>>> PasswordAuthentication no >>>>>> # HostbasedAuthentication no >>>>>> # GSSAPIAuthentication no >>>>>> # GSSAPIDelegateCredentials no >>>>>> # GSSAPIKeyExchange no >>>>>> # GSSAPITrustDNS no >>>>>> # BatchMode no >>>>>> # CheckHostIP yes >>>>>> AddressFamily inet >>>>>> # ConnectTimeout 0 >>>>>> # StrictHostKeyChecking ask >>>>>> # IdentityFile ~/.ssh/identity >>>>>> IdentityFile ~/.ssh/id_rsa >>>>>> # IdentityFile ~/.ssh/id_dsa >>>>>> # IdentityFile ~/.ssh/id_ecdsa >>>>>> # IdentityFile ~/.ssh/id_ed25519 >>>>>> # Port 22 >>>>>> Protocol 2 >>>>>> # Cipher 3des >>>>>> # Ciphers >>>>>> aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc >>>>>> # MACs hmac-md5,hmac-sha1,uma...@openssh.com,hmac-ripemd160 >>>>>> # EscapeChar ~ >>>>>> # Tunnel no >>>>>> # TunnelDevice any:any >>>>>> # PermitLocalCommand no >>>>>> # VisualHostKey no >>>>>> # ProxyCommand ssh -q -W %h:%p gateway.example.com >>>>>> # RekeyLimit 1G 1h >>>>>> #SendEnv LANG LC_* >>>>>> HashKnownHosts no >>>>>> #GSSAPIAuthentication yes >>>>>> #GSSAPIDelegateCredentials no >>>>>> PubkeyAuthentication = yes >>>>>> >>>>>> If that's not the issue, I will try to setup the key with my other >>>>>> github account to see if I can get that working. >>>>>> >>>>>> On Sat, Dec 24, 2016 at 3:31 PM, Dima Pasechnik <dim...@gmail.com> >>>>>> wrote: >>>>>> >>>>>>> On Saturday, December 24, 2016 at 5:45:28 PM UTC, Maxie Schmidt >>>>>>> wrote: >>>>>>>> >>>>>>>> Ok, I changed the comment in the key uploaded on the trac server >>>>>>>> preferences page. It's reflected in the output I get from running "git >>>>>>>> trac >>>>>>>> config". However, when I run "ssh [-k] -vvv g...@trac.sagemath.org >>>>>>>> info", I'm still getting the message Permission denied (publickey). >>>>>>>> Can you >>>>>>>> think of anything else I should try? >>>>>>>> >>>>>>> I suspect that the permissions of your >>>>>>> /home/maxie/.ssh/id_rsa >>>>>>> are wrong, they should be 600 (i.e. rw------), not 644 (i.e. >>>>>>> rw--r--e) >>>>>>> >>>>>>> what is the output of >>>>>>> ls -l /home/maxie/.ssh/id_rsa >>>>>>> >>>>>>> The is probably indicated by following line in your logs: >>>>>>> debug1: Offering RSA public key: /home/maxie/.ssh/id_rsa >>>>>>> >>>>>>> >>>>>>> And, more importantly, perhaps: do we have a case of working ssh >>>>>>> setup here, and a bug on >>>>>>> a server side, or you do not know whether your setup works? >>>>>>> I asked you about this, but did not hear back. >>>>>>> E.g. it would be great if you tried getting ssh authentication to >>>>>>> work with your github account, >>>>>>> and let us know whether that worked. >>>>>>> >>>>>>> We would like to see the output of >>>>>>> ls -l ~/.ssh/ >>>>>>> Specifically, id_rsa must have permissions 600/rw------- , whereas >>>>>>> id_rsa.pub must have 644rw--r---r >>>>>>> These files should be owned by the same user as the one that starts >>>>>>> ssh session >>>>>>> >>>>>>> We would like to see the contents of your /etc/ssh/ssh_config >>>>>>> as well >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>>> >>>>>>>> Maxie >>>>>>>> >>>>>>>> On Sat, Dec 24, 2016 at 11:01 AM, Dima Pasechnik <dim...@gmail.com> >>>>>>>> wrote: >>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> On Saturday, December 24, 2016 at 2:19:40 PM UTC, Maxie Schmidt >>>>>>>>> wrote: >>>>>>>>>> >>>>>>>>>> The comment on the key is the last field of text, like >>>>>>>>>> maxie@locakbox or id_rsa.pub or any other text comment. These were >>>>>>>>>> different between what ssh-add -l was returning and what git Trac >>>>>>>>>> config >>>>>>>>>> were returning, but the comment field should be ignored. My username >>>>>>>>>> is >>>>>>>>>> maxieds on the Trac server. >>>>>>>>>> >>>>>>>>> >>>>>>>>> OK, your ssh public key has got into the trac database, >>>>>>>>> which is in gitolite-admin/keydir, >>>>>>>>> but it did not make it into the actual ./ssh/authorized_keys >>>>>>>>> files used by sshd to authorise access. >>>>>>>>> Your public key is unique among the keys in the database >>>>>>>>> in the sense that the comment field begins with " /blah". >>>>>>>>> This probably confuses the script that maintains the >>>>>>>>> authorized_keys file. >>>>>>>>> >>>>>>>>> Could you instead keep the original comment, or at least >>>>>>>>> change it to something that looks like a normal comment >>>>>>>>> (something like blah@foo) >>>>>>>>> >>>>>>>>> Hope this helps. >>>>>>>>> Let us know anyway how it goes. >>>>>>>>> >>>>>>>>> Dima >>>>>>>>> >>>>>>>>> >>>>>>>>>> On Dec 24, 2016 7:52 AM, "Dima Pasechnik" <dim...@gmail.com> >>>>>>>>>> wrote: >>>>>>>>>> >>>>>>>>>>> also, what is your trac account? >>>>>>>>>>> I can then look at your record on the trac server. >>>>>>>>>>> >>>>>>>>>>> On Saturday, December 24, 2016 at 1:41:14 PM UTC, Dima Pasechnik >>>>>>>>>>> wrote: >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> On Saturday, December 24, 2016 at 1:08:42 PM UTC, Maxie Schmidt >>>>>>>>>>>> wrote: >>>>>>>>>>>>> >>>>>>>>>>>>> I'm uploading the public key data I get by running "cat >>>>>>>>>>>>> ~/.ssh/id_rsa.pub" to the trac server preferences page. I've >>>>>>>>>>>>> checked this >>>>>>>>>>>>> multiple times. The comment on the key shouldn't matter, correct? >>>>>>>>>>>>> >>>>>>>>>>>> I don't know what "the comment on the key" is. >>>>>>>>>>>> A typical entry in https://trac.sagemath.org/prefs/sshkeys >>>>>>>>>>>> would look like >>>>>>>>>>>> >>>>>>>>>>>> ssh-rsa >>>>>>>>>>>> AAAAB3NzaC1yc2EAAAADAQABAAABAxxxxTKN44nSoJ3wS+mA9HdtcpOj+5TF+j0pO2Z2A/vVwul46m74USp8rgobmWNuyVBK1IBU1Mp3N0TQsqY6sUUY96Oa5Nqy/CGOPcOtz0XRPX+mxMX0jsyYmEFrvNSpEIkyytyuEd3xWN112ZsUYXPvDnB6HHfIKXe2KXPIKGuTpsIqedbKNnyVQebDOfc0XF7BuIsfbwtMNWa+OJdSme4NzQ/XpAAk4cG+ZqJxEDGSjuGSqbtz1CGdpuixH507TzzMIYjHQ3TYfevIMGpNSLzRqSxu+fJ6Hzkpiy+UnW7mX3tYf0/Zd9GhYh9SXkAzkOdYr/6ntiKiBdXLNgzMPgpN >>>>>>>>>>>> >>>>>>>>>>>> blahblah@myaccount >>>>>>>>>>>> >>>>>>>>>>>> (no spaces, no line breaks; you can have a number of entries >>>>>>>>>>>> like this, but there is no telling what happens if you put things >>>>>>>>>>>> like text >>>>>>>>>>>> comments there...) >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>>> I do have a github account with the same user name as the trac >>>>>>>>>>>>> server account, but I don't believe I've ever setup a ssh key for >>>>>>>>>>>>> this >>>>>>>>>>>>> github account. When I push changes to the server it always asks >>>>>>>>>>>>> me for a >>>>>>>>>>>>> username and password. >>>>>>>>>>>>> >>>>>>>>>>>> This is because for ssh pull/push you need to set git remote in >>>>>>>>>>>> the right format. Something like >>>>>>>>>>>> >>>>>>>>>>>> $ git remote -v >>>>>>>>>>>> originssh g...@github.com:blah/foo.git (fetch) >>>>>>>>>>>> originssh g...@github.com:blah/foo.git (push) >>>>>>>>>>>> >>>>>>>>>>>> I just want to understand whether your ssh setup is working, in >>>>>>>>>>>> general. >>>>>>>>>>>> Are you able to successfully ssh to any remote server? >>>>>>>>>>>> (you could potentially have wrong permissions on key files, >>>>>>>>>>>> disabled publickey authentication in global >>>>>>>>>>>> setting, etc) >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> Here is the output of running "ssh -k -vvv -i >>>>>>>>>>>>> ~/.ssh/id_rsa.pub g...@trac.sagemath.org": >>>>>>>>>>>>> >>>>>>>>>>>>> OpenSSH_7.2p2 Ubuntu-4ubuntu2.1, OpenSSL 1.0.2g 1 Mar 2016 >>>>>>>>>>>>> debug1: Reading configuration data /home/maxie/.ssh/config >>>>>>>>>>>>> debug1: /home/maxie/.ssh/config line 4: Applying options for * >>>>>>>>>>>>> debug1: Reading configuration data /etc/ssh/ssh_config >>>>>>>>>>>>> debug1: /etc/ssh/ssh_config line 19: Applying options for * >>>>>>>>>>>>> debug2: resolving "trac.sagemath.org" port 22 >>>>>>>>>>>>> debug2: ssh_connect_direct: needpriv 0 >>>>>>>>>>>>> debug1: Connecting to trac.sagemath.org [104.197.143.230] >>>>>>>>>>>>> port 22. >>>>>>>>>>>>> debug1: Connection established. >>>>>>>>>>>>> debug1: identity file /home/maxie/.ssh/id_rsa.pub type 1 >>>>>>>>>>>>> debug1: key_load_public: No such file or directory >>>>>>>>>>>>> debug1: identity file /home/maxie/.ssh/id_rsa.pub-cert type -1 >>>>>>>>>>>>> debug1: identity file /home/maxie/.ssh/id_rsa type 1 >>>>>>>>>>>>> debug1: key_load_public: No such file or directory >>>>>>>>>>>>> debug1: identity file /home/maxie/.ssh/id_rsa-cert type -1 >>>>>>>>>>>>> debug1: identity file /home/maxie/.ssh/id_rsa.pub type 1 >>>>>>>>>>>>> debug1: key_load_public: No such file or directory >>>>>>>>>>>>> debug1: identity file /home/maxie/.ssh/id_rsa.pub-cert type -1 >>>>>>>>>>>>> debug1: identity file /home/maxie/.ssh/id_rsa type 1 >>>>>>>>>>>>> debug1: key_load_public: No such file or directory >>>>>>>>>>>>> debug1: identity file /home/maxie/.ssh/id_rsa-cert type -1 >>>>>>>>>>>>> debug1: Enabling compatibility mode for protocol 2.0 >>>>>>>>>>>>> debug1: Local version string SSH-2.0-OpenSSH_7.2p2 >>>>>>>>>>>>> Ubuntu-4ubuntu2.1 >>>>>>>>>>>>> debug1: Remote protocol version 2.0, remote software version >>>>>>>>>>>>> OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.8 >>>>>>>>>>>>> debug1: match: OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.8 pat >>>>>>>>>>>>> OpenSSH_6.6.1* compat 0x04000000 >>>>>>>>>>>>> debug2: fd 3 setting O_NONBLOCK >>>>>>>>>>>>> debug1: Authenticating to trac.sagemath.org:22 as 'git' >>>>>>>>>>>>> debug3: hostkeys_foreach: reading file >>>>>>>>>>>>> "/home/maxie/.ssh/known_hosts" >>>>>>>>>>>>> debug3: record_hostkey: found key type ECDSA in file >>>>>>>>>>>>> /home/maxie/.ssh/known_hosts:3 >>>>>>>>>>>>> debug3: load_hostkeys: loaded 1 keys from trac.sagemath.org >>>>>>>>>>>>> debug3: order_hostkeyalgs: prefer hostkeyalgs: >>>>>>>>>>>>> ecdsa-sha2-nis...@openssh.com, >>>>>>>>>>>>> ecdsa-sha2-nistp384-cert-...@openssh.com, >>>>>>>>>>>>> ecdsa-sha2-nistp521-cert-...@openssh.com >>>>>>>>>>>>> ,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521 >>>>>>>>>>>>> debug3: send packet: type 20 >>>>>>>>>>>>> debug1: SSH2_MSG_KEXINIT sent >>>>>>>>>>>>> debug3: receive packet: type 20 >>>>>>>>>>>>> debug1: SSH2_MSG_KEXINIT received >>>>>>>>>>>>> debug2: local client KEXINIT proposal >>>>>>>>>>>>> debug2: KEX algorithms: curve255...@libssh.org >>>>>>>>>>>>> ,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,ext-info-c >>>>>>>>>>>>> debug2: host key algorithms: ecdsa-sha2-nis...@openssh.com, >>>>>>>>>>>>> ecdsa-sha2-nistp384-cert-...@openssh.com, >>>>>>>>>>>>> ecdsa-sha2-nistp521-cert-...@openssh.com >>>>>>>>>>>>> ,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, >>>>>>>>>>>>> ssh-ed25519-cert-...@openssh.com,ssh-rsa-cert-...@openssh.com >>>>>>>>>>>>> ,ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa >>>>>>>>>>>>> debug2: ciphers ctos: chacha20...@openssh.com >>>>>>>>>>>>> ,aes128-ctr,aes192-ctr,aes256-ctr,aes12...@openssh.com, >>>>>>>>>>>>> aes256-...@openssh.com >>>>>>>>>>>>> ,aes128-cbc,aes192-cbc,aes256-cbc,3des-cbc >>>>>>>>>>>>> debug2: ciphers stoc: chacha20...@openssh.com >>>>>>>>>>>>> ,aes128-ctr,aes192-ctr,aes256-ctr,aes12...@openssh.com, >>>>>>>>>>>>> aes256-...@openssh.com >>>>>>>>>>>>> ,aes128-cbc,aes192-cbc,aes256-cbc,3des-cbc >>>>>>>>>>>>> debug2: MACs ctos: umac-...@openssh.com, >>>>>>>>>>>>> umac-128-...@openssh.com,hmac-sha2-256-...@openssh.com, >>>>>>>>>>>>> hmac-sha2-512-...@openssh.com,hmac-sha1-...@openssh.com, >>>>>>>>>>>>> uma...@openssh.com,umac...@openssh.com >>>>>>>>>>>>> ,hmac-sha2-256,hmac-sha2-512,hmac-sha1 >>>>>>>>>>>>> debug2: MACs stoc: umac-...@openssh.com, >>>>>>>>>>>>> umac-128-...@openssh.com,hmac-sha2-256-...@openssh.com, >>>>>>>>>>>>> hmac-sha2-512-...@openssh.com,hmac-sha1-...@openssh.com, >>>>>>>>>>>>> uma...@openssh.com,umac...@openssh.com >>>>>>>>>>>>> ,hmac-sha2-256,hmac-sha2-512,hmac-sha1 >>>>>>>>>>>>> debug2: compression ctos: none,zl...@openssh.com,zlib >>>>>>>>>>>>> debug2: compression stoc: none,zl...@openssh.com,zlib >>>>>>>>>>>>> debug2: languages ctos: >>>>>>>>>>>>> debug2: languages stoc: >>>>>>>>>>>>> debug2: first_kex_follows 0 >>>>>>>>>>>>> debug2: reserved 0 >>>>>>>>>>>>> debug2: peer server KEXINIT proposal >>>>>>>>>>>>> debug2: KEX algorithms: curve255...@libssh.org >>>>>>>>>>>>> ,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 >>>>>>>>>>>>> debug2: host key algorithms: >>>>>>>>>>>>> ssh-rsa,ssh-dss,ecdsa-sha2-nistp256 >>>>>>>>>>>>> debug2: ciphers ctos: >>>>>>>>>>>>> aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128, >>>>>>>>>>>>> aes128-...@openssh.com,aes25...@openssh.com, >>>>>>>>>>>>> chacha20...@openssh.com >>>>>>>>>>>>> ,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour, >>>>>>>>>>>>> rijndael-...@lysator.liu.se >>>>>>>>>>>>> debug2: ciphers stoc: >>>>>>>>>>>>> aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128, >>>>>>>>>>>>> aes128-...@openssh.com,aes25...@openssh.com, >>>>>>>>>>>>> chacha20...@openssh.com >>>>>>>>>>>>> ,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour, >>>>>>>>>>>>> rijndael-...@lysator.liu.se >>>>>>>>>>>>> debug2: MACs ctos: hmac-m...@openssh.com, >>>>>>>>>>>>> hmac-sha1-...@openssh.com,umac-64-...@openssh.com, >>>>>>>>>>>>> umac-1...@openssh.com,hmac-sha...@openssh.com, >>>>>>>>>>>>> hmac-sha...@openssh.com,hmac-ripemd160-...@openssh.com, >>>>>>>>>>>>> hmac-sha1-96-...@openssh.com,hmac-md5-96-...@openssh.com >>>>>>>>>>>>> ,hmac-md5,hmac-sha1,uma...@openssh.com,umac-...@openssh.com >>>>>>>>>>>>> ,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160, >>>>>>>>>>>>> hmac-ripemd...@openssh.com,hmac-sha1-96,hmac-md5-96 >>>>>>>>>>>>> debug2: MACs stoc: hmac-m...@openssh.com, >>>>>>>>>>>>> hmac-sha1-...@openssh.com,umac-64-...@openssh.com, >>>>>>>>>>>>> umac-1...@openssh.com,hmac-sha...@openssh.com, >>>>>>>>>>>>> hmac-sha...@openssh.com,hmac-ripemd160-...@openssh.com, >>>>>>>>>>>>> hmac-sha1-96-...@openssh.com,hmac-md5-96-...@openssh.com >>>>>>>>>>>>> ,hmac-md5,hmac-sha1,uma...@openssh.com,umac-...@openssh.com >>>>>>>>>>>>> ,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160, >>>>>>>>>>>>> hmac-ripemd...@openssh.com,hmac-sha1-96,hmac-md5-96 >>>>>>>>>>>>> debug2: compression ctos: none,zl...@openssh.com >>>>>>>>>>>>> debug2: compression stoc: none,zl...@openssh.com >>>>>>>>>>>>> debug2: languages ctos: >>>>>>>>>>>>> debug2: languages stoc: >>>>>>>>>>>>> debug2: first_kex_follows 0 >>>>>>>>>>>>> debug2: reserved 0 >>>>>>>>>>>>> debug1: kex: algorithm: curve255...@libssh.org >>>>>>>>>>>>> debug1: kex: host key algorithm: ecdsa-sha2-nistp256 >>>>>>>>>>>>> debug1: kex: server->client cipher: chacha20...@openssh.com >>>>>>>>>>>>> MAC: <implicit> compression: none >>>>>>>>>>>>> debug1: kex: client->server cipher: chacha20...@openssh.com >>>>>>>>>>>>> MAC: <implicit> compression: none >>>>>>>>>>>>> debug3: send packet: type 30 >>>>>>>>>>>>> debug1: expecting SSH2_MSG_KEX_ECDH_REPLY >>>>>>>>>>>>> debug3: receive packet: type 31 >>>>>>>>>>>>> debug1: Server host key: ecdsa-sha2-nistp256 >>>>>>>>>>>>> SHA256:4Op/q3b5792x+F1lHSKRi5UIORAPDlIFVA5cUq9YVXI >>>>>>>>>>>>> debug3: hostkeys_foreach: reading file >>>>>>>>>>>>> "/home/maxie/.ssh/known_hosts" >>>>>>>>>>>>> debug3: record_hostkey: found key type ECDSA in file >>>>>>>>>>>>> /home/maxie/.ssh/known_hosts:3 >>>>>>>>>>>>> debug3: load_hostkeys: loaded 1 keys from trac.sagemath.org >>>>>>>>>>>>> debug3: hostkeys_foreach: reading file >>>>>>>>>>>>> "/home/maxie/.ssh/known_hosts" >>>>>>>>>>>>> debug3: record_hostkey: found key type ECDSA in file >>>>>>>>>>>>> /home/maxie/.ssh/known_hosts:2 >>>>>>>>>>>>> debug3: load_hostkeys: loaded 1 keys from 104.197.143.230 >>>>>>>>>>>>> debug1: Host 'trac.sagemath.org' is known and matches the >>>>>>>>>>>>> ECDSA host key. >>>>>>>>>>>>> debug1: Found key in /home/maxie/.ssh/known_hosts:3 >>>>>>>>>>>>> debug3: send packet: type 21 >>>>>>>>>>>>> debug2: set_newkeys: mode 1 >>>>>>>>>>>>> debug1: rekey after 134217728 blocks >>>>>>>>>>>>> debug1: SSH2_MSG_NEWKEYS sent >>>>>>>>>>>>> debug1: expecting SSH2_MSG_NEWKEYS >>>>>>>>>>>>> debug3: receive packet: type 21 >>>>>>>>>>>>> debug2: set_newkeys: mode 0 >>>>>>>>>>>>> debug1: rekey after 134217728 blocks >>>>>>>>>>>>> debug1: SSH2_MSG_NEWKEYS received >>>>>>>>>>>>> debug2: key: /home/maxie/.ssh/id_rsa.pub (0x55d872785ab0), >>>>>>>>>>>>> explicit, agent >>>>>>>>>>>>> debug2: key: /home/maxie/.ssh/id_rsa (0x55d872793cd0), explicit >>>>>>>>>>>>> debug2: key: /home/maxie/.ssh/id_rsa.pub (0x55d872793c60), >>>>>>>>>>>>> explicit >>>>>>>>>>>>> debug2: key: /home/maxie/.ssh/id_rsa (0x55d872793c10) >>>>>>>>>>>>> debug3: send packet: type 5 >>>>>>>>>>>>> debug3: receive packet: type 6 >>>>>>>>>>>>> debug2: service_accept: ssh-userauth >>>>>>>>>>>>> debug1: SSH2_MSG_SERVICE_ACCEPT received >>>>>>>>>>>>> debug3: send packet: type 50 >>>>>>>>>>>>> debug3: receive packet: type 51 >>>>>>>>>>>>> debug1: Authentications that can continue: publickey >>>>>>>>>>>>> debug3: start over, passed a different list publickey >>>>>>>>>>>>> debug3: preferred publickey,keyboard-interactive >>>>>>>>>>>>> debug3: authmethod_lookup publickey >>>>>>>>>>>>> debug3: remaining preferred: keyboard-interactive >>>>>>>>>>>>> debug3: authmethod_is_enabled publickey >>>>>>>>>>>>> debug1: Next authentication method: publickey >>>>>>>>>>>>> debug1: Offering RSA public key: /home/maxie/.ssh/id_rsa.pub >>>>>>>>>>>>> debug3: send_pubkey_test >>>>>>>>>>>>> debug3: send packet: type 50 >>>>>>>>>>>>> debug2: we sent a publickey packet, wait for reply >>>>>>>>>>>>> debug3: receive packet: type 51 >>>>>>>>>>>>> debug1: Authentications that can continue: publickey >>>>>>>>>>>>> debug1: Offering RSA public key: /home/maxie/.ssh/id_rsa >>>>>>>>>>>>> debug3: send_pubkey_test >>>>>>>>>>>>> debug3: send packet: type 50 >>>>>>>>>>>>> debug2: we sent a publickey packet, wait for reply >>>>>>>>>>>>> debug3: receive packet: type 51 >>>>>>>>>>>>> debug1: Authentications that can continue: publickey >>>>>>>>>>>>> debug1: Offering RSA public key: /home/maxie/.ssh/id_rsa.pub >>>>>>>>>>>>> debug3: send_pubkey_test >>>>>>>>>>>>> debug3: send packet: type 50 >>>>>>>>>>>>> debug2: we sent a publickey packet, wait for reply >>>>>>>>>>>>> debug3: receive packet: type 51 >>>>>>>>>>>>> debug1: Authentications that can continue: publickey >>>>>>>>>>>>> debug1: Offering RSA public key: /home/maxie/.ssh/id_rsa >>>>>>>>>>>>> debug3: send_pubkey_test >>>>>>>>>>>>> debug3: send packet: type 50 >>>>>>>>>>>>> debug2: we sent a publickey packet, wait for reply >>>>>>>>>>>>> debug3: receive packet: type 51 >>>>>>>>>>>>> debug1: Authentications that can continue: publickey >>>>>>>>>>>>> debug2: we did not send a packet, disable method >>>>>>>>>>>>> debug1: No more authentication methods to try. >>>>>>>>>>>>> Permission denied (publickey). >>>>>>>>>>>>> >>>>>>>>>>>>> One thing that's a little concerning to me is the lines >>>>>>>>>>>>> debug2: key: /home/maxie/.ssh/id_rsa.pub (0x55d872785ab0), >>>>>>>>>>>>> explicit, agent >>>>>>>>>>>>> debug2: key: /home/maxie/.ssh/id_rsa (0x55d872793cd0), explicit >>>>>>>>>>>>> debug2: key: /home/maxie/.ssh/id_rsa.pub (0x55d872793c60), >>>>>>>>>>>>> explicit >>>>>>>>>>>>> debug2: key: /home/maxie/.ssh/id_rsa (0x55d872793c10) >>>>>>>>>>>>> >>>>>>>>>>>>> Does this mean I have multiple keys for the id_rsa.pub key I'm >>>>>>>>>>>>> trying to use? >>>>>>>>>>>>> >>>>>>>>>>>>> On Saturday, December 24, 2016 at 6:24:30 AM UTC-6, Dima >>>>>>>>>>>>> Pasechnik wrote: >>>>>>>>>>>>>> >>>>>>>>>>>>>> PS. please double-check that the public key you upload on >>>>>>>>>>>>>> trac is id_rsa.pub >>>>>>>>>>>>>> and not the other key. >>>>>>>>>>>>>> And it seems that you might have gssapi on (in >>>>>>>>>>>>>> /etc/ssh/ssh_config or in ~/.ssh/config ?), >>>>>>>>>>>>>> and it is broken somehow. >>>>>>>>>>>>>> Could you try running >>>>>>>>>>>>>> >>>>>>>>>>>>>> ssh -k -vvv g...@git.sagemath.org >>>>>>>>>>>>>> >>>>>>>>>>>>>> (-k disables gssapi) >>>>>>>>>>>>>> >>>>>>>>>>>>>> And finally, IIRC you can use https authentication to push to >>>>>>>>>>>>>> trac. >>>>>>>>>>>>>> >>>>>>>>>>>>>> By the way, do you have a github account, and if yes, are you >>>>>>>>>>>>>> able to push branches there via ssh? >>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>> On Saturday, December 24, 2016 at 12:09:11 PM UTC, Dima >>>>>>>>>>>>>> Pasechnik wrote: >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> On Saturday, December 24, 2016 at 11:47:36 AM UTC, Maxie >>>>>>>>>>>>>>> Schmidt wrote: >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> I'm still very much in need of help with fixing the ssh key >>>>>>>>>>>>>>>> issue that's keeping me from uploading files to a new branch >>>>>>>>>>>>>>>> on Trac. The >>>>>>>>>>>>>>>> following is the output when I run "ssh -vvv >>>>>>>>>>>>>>>> g...@git.sagemath.org": >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> OpenSSH_7.2p2 Ubuntu-4ubuntu2.1, OpenSSL 1.0.2g 1 Mar 2016 >>>>>>>>>>>>>>>> debug1: Reading configuration data /home/maxie/.ssh/config >>>>>>>>>>>>>>>> debug1: Reading configuration data /etc/ssh/ssh_config >>>>>>>>>>>>>>>> debug1: /etc/ssh/ssh_config line 19: Applying options for * >>>>>>>>>>>>>>>> debug2: resolving "git.sagemath.org" port 22 >>>>>>>>>>>>>>>> debug2: ssh_connect_direct: needpriv 0 >>>>>>>>>>>>>>>> debug1: Connecting to git.sagemath.org [104.197.143.230] >>>>>>>>>>>>>>>> port 22. >>>>>>>>>>>>>>>> debug1: Connection established. >>>>>>>>>>>>>>>> debug1: identity file /home/maxie/.ssh/id_rsa.pub type 1 >>>>>>>>>>>>>>>> debug1: key_load_public: No such file or directory >>>>>>>>>>>>>>>> debug1: identity file /home/maxie/.ssh/id_rsa.pub-cert type >>>>>>>>>>>>>>>> -1 >>>>>>>>>>>>>>>> debug1: Enabling compatibility mode for protocol 2.0 >>>>>>>>>>>>>>>> debug1: Local version string SSH-2.0-OpenSSH_7.2p2 >>>>>>>>>>>>>>>> Ubuntu-4ubuntu2.1 >>>>>>>>>>>>>>>> debug1: Remote protocol version 2.0, remote software >>>>>>>>>>>>>>>> version OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.8 >>>>>>>>>>>>>>>> debug1: match: OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.8 pat >>>>>>>>>>>>>>>> OpenSSH_6.6.1* compat 0x04000000 >>>>>>>>>>>>>>>> debug2: fd 3 setting O_NONBLOCK >>>>>>>>>>>>>>>> debug1: Authenticating to git.sagemath.org:22 as 'git' >>>>>>>>>>>>>>>> debug3: hostkeys_foreach: reading file >>>>>>>>>>>>>>>> "/home/maxie/.ssh/known_hosts" >>>>>>>>>>>>>>>> debug3: record_hostkey: found key type ECDSA in file >>>>>>>>>>>>>>>> /home/maxie/.ssh/known_hosts:2 >>>>>>>>>>>>>>>> debug3: load_hostkeys: loaded 1 keys from git.sagemath.org >>>>>>>>>>>>>>>> debug3: order_hostkeyalgs: prefer hostkeyalgs: >>>>>>>>>>>>>>>> ecdsa-sha2-nis...@openssh.com, >>>>>>>>>>>>>>>> ecdsa-sha2-nistp384-cert-...@openssh.com, >>>>>>>>>>>>>>>> ecdsa-sha2-nistp521-cert-...@openssh.com >>>>>>>>>>>>>>>> ,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521 >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> I don't anything like order_hostkeyalgs in my log of such a >>>>>>>>>>>>>>> session. >>>>>>>>>>>>>>> IMHO you somehow simply disable publickey locally. >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> And perhaps it's a good idea to update your openssh client >>>>>>>>>>>>>>> and your openssl >>>>>>>>>>>>>>> (the latter is too old) >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> debug3: send packet: type 20 >>>>>>>>>>>>>>>> debug1: SSH2_MSG_KEXINIT sent >>>>>>>>>>>>>>>> debug3: receive packet: type 20 >>>>>>>>>>>>>>>> debug1: SSH2_MSG_KEXINIT received >>>>>>>>>>>>>>>> debug2: local client KEXINIT proposal >>>>>>>>>>>>>>>> debug2: KEX algorithms: curve255...@libssh.org >>>>>>>>>>>>>>>> ,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,ext-info-c >>>>>>>>>>>>>>>> debug2: host key algorithms: ecdsa-sha2-nis...@openssh.com, >>>>>>>>>>>>>>>> ecdsa-sha2-nistp384-cert-...@openssh.com, >>>>>>>>>>>>>>>> ecdsa-sha2-nistp521-cert-...@openssh.com >>>>>>>>>>>>>>>> ,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, >>>>>>>>>>>>>>>> ssh-ed25519-cert-...@openssh.com, >>>>>>>>>>>>>>>> ssh-rsa-cert-...@openssh.com >>>>>>>>>>>>>>>> ,ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa >>>>>>>>>>>>>>>> debug2: ciphers ctos: chacha20...@openssh.com >>>>>>>>>>>>>>>> ,aes128-ctr,aes192-ctr,aes256-ctr,aes12...@openssh.com, >>>>>>>>>>>>>>>> aes256-...@openssh.com >>>>>>>>>>>>>>>> ,aes128-cbc,aes192-cbc,aes256-cbc,3des-cbc >>>>>>>>>>>>>>>> debug2: ciphers stoc: chacha20...@openssh.com >>>>>>>>>>>>>>>> ,aes128-ctr,aes192-ctr,aes256-ctr,aes12...@openssh.com, >>>>>>>>>>>>>>>> aes256-...@openssh.com >>>>>>>>>>>>>>>> ,aes128-cbc,aes192-cbc,aes256-cbc,3des-cbc >>>>>>>>>>>>>>>> debug2: MACs ctos: umac-...@openssh.com, >>>>>>>>>>>>>>>> umac-128-...@openssh.com,hmac-sha2-256-...@openssh.com, >>>>>>>>>>>>>>>> hmac-sha2-512-...@openssh.com,hmac-sha1-...@openssh.com, >>>>>>>>>>>>>>>> uma...@openssh.com,umac...@openssh.com >>>>>>>>>>>>>>>> ,hmac-sha2-256,hmac-sha2-512,hmac-sha1 >>>>>>>>>>>>>>>> debug2: MACs stoc: umac-...@openssh.com, >>>>>>>>>>>>>>>> umac-128-...@openssh.com,hmac-sha2-256-...@openssh.com, >>>>>>>>>>>>>>>> hmac-sha2-512-...@openssh.com,hmac-sha1-...@openssh.com, >>>>>>>>>>>>>>>> uma...@openssh.com,umac...@openssh.com >>>>>>>>>>>>>>>> ,hmac-sha2-256,hmac-sha2-512,hmac-sha1 >>>>>>>>>>>>>>>> debug2: compression ctos: none,zl...@openssh.com,zlib >>>>>>>>>>>>>>>> debug2: compression stoc: none,zl...@openssh.com,zlib >>>>>>>>>>>>>>>> debug2: languages ctos: >>>>>>>>>>>>>>>> debug2: languages stoc: >>>>>>>>>>>>>>>> debug2: first_kex_follows 0 >>>>>>>>>>>>>>>> debug2: reserved 0 >>>>>>>>>>>>>>>> debug2: peer server KEXINIT proposal >>>>>>>>>>>>>>>> debug2: KEX algorithms: curve255...@libssh.org >>>>>>>>>>>>>>>> ,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 >>>>>>>>>>>>>>>> debug2: host key algorithms: >>>>>>>>>>>>>>>> ssh-rsa,ssh-dss,ecdsa-sha2-nistp256 >>>>>>>>>>>>>>>> debug2: ciphers ctos: >>>>>>>>>>>>>>>> aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128, >>>>>>>>>>>>>>>> aes128-...@openssh.com,aes25...@openssh.com, >>>>>>>>>>>>>>>> chacha20...@openssh.com >>>>>>>>>>>>>>>> ,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour, >>>>>>>>>>>>>>>> rijndael-...@lysator.liu.se >>>>>>>>>>>>>>>> debug2: ciphers stoc: >>>>>>>>>>>>>>>> aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128, >>>>>>>>>>>>>>>> aes128-...@openssh.com,aes25...@openssh.com, >>>>>>>>>>>>>>>> chacha20...@openssh.com,ae >>>>>>>>>>>>>>>> >>>>>>>>>>>>>>> -- >>>>>>>>>>> You received this message because you are subscribed to a topic >>>>>>>>>>> in the Google Groups "sage-devel" group. >>>>>>>>>>> To unsubscribe from this topic, visit >>>>>>>>>>> https://groups.google.com/d/topic/sage-devel/4CgBfQ4_bqo/unsubscribe >>>>>>>>>>> . >>>>>>>>>>> To unsubscribe from this group and all its topics, send an email >>>>>>>>>>> to sage-devel+...@googlegroups.com. >>>>>>>>>>> To post to this group, send email to sage-...@googlegroups.com. >>>>>>>>>>> Visit this group at https://groups.google.com/group/sage-devel. >>>>>>>>>>> For more options, visit https://groups.google.com/d/optout. >>>>>>>>>>> >>>>>>>>>> -- >>>>>>>>> You received this message because you are subscribed to a topic in >>>>>>>>> the Google Groups "sage-devel" group. >>>>>>>>> To unsubscribe from this topic, visit >>>>>>>>> https://groups.google.com/d/topic/sage-devel/4CgBfQ4_bqo/unsubscribe >>>>>>>>> . >>>>>>>>> To unsubscribe from this group and all its topics, send an email >>>>>>>>> to sage-devel+...@googlegroups.com. >>>>>>>>> To post to this group, send email to sage-...@googlegroups.com. >>>>>>>>> Visit this group at https://groups.google.com/group/sage-devel. >>>>>>>>> For more options, visit https://groups.google.com/d/optout. >>>>>>>>> >>>>>>>> >>>>>>>> -- >>>>>>> You received this message because you are subscribed to a topic in >>>>>>> the Google Groups "sage-devel" group. >>>>>>> To unsubscribe from this topic, visit >>>>>>> https://groups.google.com/d/topic/sage-devel/4CgBfQ4_bqo/unsubscribe >>>>>>> . >>>>>>> To unsubscribe from this group and all its topics, send an email to >>>>>>> sage-devel+...@googlegroups.com. >>>>>>> To post to this group, send email to sage-...@googlegroups.com. >>>>>>> Visit this group at https://groups.google.com/group/sage-devel. >>>>>>> For more options, visit https://groups.google.com/d/optout. >>>>>>> >>>>>> >>>>>> >>>>> >>>> >>> -- >> You received this message because you are subscribed to a topic in the >> Google Groups "sage-devel" group. >> To unsubscribe from this topic, visit >> https://groups.google.com/d/topic/sage-devel/4CgBfQ4_bqo/unsubscribe. >> To unsubscribe from this group and all its topics, send an email to >> sage-devel+...@googlegroups.com <javascript:>. >> To post to this group, send email to sage-...@googlegroups.com >> <javascript:>. >> Visit this group at https://groups.google.com/group/sage-devel. >> For more options, vi >> > -- You received this message because you are subscribed to the Google Groups "sage-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to sage-devel+unsubscr...@googlegroups.com. To post to this group, send email to sage-devel@googlegroups.com. Visit this group at https://groups.google.com/group/sage-devel. For more options, visit https://groups.google.com/d/optout.