SSHD and PubkeyAuthentication

Support for security such as Firewalls and securing linux
Post Reply
javaguy
Posts: 5
Joined: 2005/03/18 16:12:38

SSHD and PubkeyAuthentication

Post by javaguy » 2005/06/15 06:54:40

Hi All,
Has anyone successfully got sshd to authenticate user using their public key and pass phrase? Here is what I have done and it is working fine on the Gentoo box but not on CentOS4


Using SSH Secure Shell I created a key and upload it to my CentOS 4 machine. Under my home dir I have a .ssh2/ and the authorized_keys and my mykey.pub.

Here is my current sshd_config:

Port 22
Protocol 2
SyslogFacility AUTHPRIV
LogLevel DEBUG
StrictModes no
MaxAuthTries 3
RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys

PasswordAuthentication no
PermitEmptyPasswords no

ChallengeResponseAuthentication no

UsePAM no

Subsystem sftp /usr/libexec/openssh/sftp-server

This current setting I am getting a "No further authentication methods available". Changing "UsePAM yes" and "ChallengeResponseAuthentication yes" I can use my account password to log in. What am I missing? or What am I doing wrong?


Thanks

Doug Pham

dsegall
Posts: 22
Joined: 2005/02/08 18:37:42
Location: All up in it...
Contact:

SSHD and PubkeyAuthentication

Post by dsegall » 2005/06/15 13:58:29

By default, you should'nt need to mess with your sshd_config to get a key to work. All you should need to do is:

- create the key on the machine you are logging in from.
- transfer the pub keyfile to the user's .ssh dir on the host you are trying to log into.
- login as that user, cat the contents of the keyfile to the users authorized_keys file.
- delete the pub key
- chmod 600 everything in .ssh
- logout & try to login as that user again

If that isn't working, try pointing your ssh client to the keyfile using:
ssh -i /path/to/id.pub

Hope that helps.

javaguy
Posts: 5
Joined: 2005/03/18 16:12:38

Re: SSHD and PubkeyAuthentication

Post by javaguy » 2005/06/15 20:30:41

dsegall,
Jus a quick check, currently my workstation is using the SSH Secure Shell v3.2.9 while the remote server is running SSH-2.0-OpenSSH_3.9p1. When I create the keys, I noticed that they are formatted differently. Could this be a problem? Our workstations here are Windows 2K & XP, is there another tool to use that would be compatible with openSSH?


Thanks

Doug Pham

javaguy
Posts: 5
Joined: 2005/03/18 16:12:38

Re: SSHD and PubkeyAuthentication

Post by javaguy » 2005/06/16 02:27:19

dsegall,
Thanks for the help. It turns out that I need to create the original key using openSSH. I then use puttygen to import for putty & winscp and can also export the key for ssh.com. It's working good now, I have a few more tests to do but thanks for the information.


Doug

Post Reply

Return to “CentOS 4 - Security Support”