1

I'm using linux system I created a ssh key on local directory $ ssh-keygen -t rsa -f ~/.ssh/id_rsa

and then uploaded the public key to planetLab system

then I tried to log in a PlanetLab node using: ssh -v
the debug information is as follows:

    OpenSSH_5.8p2, OpenSSL 1.0.0j-fips 10 May 2012
    debug1: Reading configuration data /etc/ssh/ssh_config
    debug1: Applying options for *
    debug1: Connecting to openlab01.pl.sophia.inria.fr [138.96.116.22] port 22. 
    debug1: Connection established.
    debug1: identity file /user/wgong/home/.ssh/id_rsa type 1
    debug1: identity file /user/wgong/home/.ssh/id_rsa-cert type -1
    debug1: identity file /user/wgong/home/.ssh/id_dsa type -1
    debug1: identity file /user/wgong/home/.ssh/id_dsa-cert type -1
    debug1: Remote protocol version 2.0, remote software version OpenSSH_5.5
    debug1: match: OpenSSH_5.5 pat OpenSSH*
    debug1: Enabling compatibility mode for protocol 2.0 
    debug1: Local version string SSH-2.0-OpenSSH_5.8
    debug1: SSH2_MSG_KEXINIT sent
    debug1: SSH2_MSG_KEXINIT received
    debug1: kex: server->client aes128-ctr hmac-md5 none
    debug1: kex: client->server aes128-ctr hmac-md5 none
    debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
    debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
    debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
    debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
    debug1: Server host key: RSA 3b:a4:2a:ec:89:d0:7b:d7:b2:08:fe:ca:0d:24:ae:20
    debug1: Host 'openlab01.pl.sophia.inria.fr' is known and matches the RSA host key.
    debug1: Found key in /user/wgong/home/.ssh/known_hosts:10
    debug1: ssh_rsa_verify: signature correct
    debug1: SSH2_MSG_NEWKEYS sent
    debug1: expecting SSH2_MSG_NEWKEYS
    debug1: SSH2_MSG_NEWKEYS received
    debug1: Roaming not allowed by server
    debug1: SSH2_MSG_SERVICE_REQUEST sent
    debug1: SSH2_MSG_SERVICE_ACCEPT received
    debug1: Authentications that can continue: publickey,keyboard-interactive
    debug1: Next authentication method: publickey
    debug1: Offering RSA public key: /user/wgong/home/.ssh/id_rsa
    debug1: Authentications that can continue: publickey,keyboard-interactive
    debug1: Trying private key: /user/wgong/home/.ssh/id_dsa
    debug1: Next authentication method: keyboard-interactive
    debug1: Authentications that can continue: publickey,keyboard-interactive
    debug1: No more authentication methods to try.
    Permission denied (publickey,keyboard-interactive).

how to deal with this problem? thanks!

I notice a problem, previously, our group is tika now it is changed to uslin however, even if I deleted the previous keys and use ssh-keygen to generate new keys, the group is still as below:

-rw------- 1 wgong tika 1766 Mar  6 19:06 id_rsa
-rw-r--r-- 1 wgong tika  394 Mar  6 19:06 id_rsa.pub
-rw-r--r-- 1 wgong uslin   3987 Mar  6 18:11 known_hosts

is this the problem? how to fix it? thanks!

user1944267
  • 1,557
  • 5
  • 20
  • 27

1 Answers1

7

Make sure your ~/.ssh/authorized_keys file on the server contains your publik key. Also, check this file's permissions - if permissions are too lax, you won't be able to log in:

chmod 600 ~/.ssh/authorized_keys
chmod 700 ~/.ssh/
chmod 700 ~

Yes, even your home directory's permissions may make logging in with the key impossible.

Michał Kosmulski
  • 9,855
  • 1
  • 32
  • 51
  • recently, our group name has changed from tika to uslin, it is strange that when I use ssh-keygen -t rsa -f ~/.ssh/id_rsa to create rsa keys, the created keys are still with previous group names, and I can't use chgrp to modify it. Is this the problem? – user1944267 Mar 06 '13 at 18:08
  • @user1944267 For most cases only the group's ID counts, not its name. Certainly you need to be the owner of you `~/.ssh` directory, but the raw `id_rsa` and `id_rsa.pub` files shouldn't really matter (you need to copy your public key to `~/.ssh/authorized_keys` on the server anyway, so it's that file's access rights that matter). – Michał Kosmulski Mar 06 '13 at 21:46