Conversation
precedente ou
suivante
Connexion ssh impossible
Envoyé par:
Cyril M.
Bonjour,
Je m'arrache les cheveux sur un facheux probleme pour créer une liaison ssh entre un serveur linux et une machine distante avec echange de clés et surtout SANS mot de passe (la machine distante n'a pas d'ecran, ni clavier).
Lorsque je lance :
ssh -v -v -v 172.17.0.148 -F /appli/save/comp/param/ssh_config
j'obtiens:
user@serverlinux:/appli/save/var/log> cat 5739trace_ssh.log
OpenSSH_3.5p1, SSH protocols 1.5/2.0, OpenSSL 0x0090609f
5749: debug1: Reading configuration data /appli/save/comp/param/ssh_config
5749: debug1: Applying options for *
5749: debug1: Rhosts Authentication disabled, originating port will not be trusted.
5749: debug1: ssh_connect: needpriv 0
5749: debug1: Connecting to 172.17.0.148 [172.17.0.148] port 22.
5749: debug1: Connection established.
5749: debug3: Not a RSA1 key file /appli/save/comp/param/id_dsa.
5749: debug2: key_type_from_name: unknown key type '-----BEGIN'
5749: debug3: key_read: no key found
5749: debug3: key_read: no space
5749: debug3: key_read: no space
5749: debug3: key_read: no space
5749: debug3: key_read: no space
5749: debug3: key_read: no space
5749: debug3: key_read: no space
5749: debug3: key_read: no space
5749: debug3: key_read: no space
5749: debug3: key_read: no space
5749: debug3: key_read: no space
5749: debug2: key_type_from_name: unknown key type '-----END'
5749: debug3: key_read: no key found
5749: debug1: identity file /appli/save/comp/param/id_dsa type -1
5749: debug1: Remote protocol version 2.0, remote software version OpenSSH_3.6p1
5749: debug1: match: OpenSSH_3.6p1 pat OpenSSH*
5749: debug1: Enabling compatibility mode for protocol 2.0
5749: debug1: Local version string SSH-2.0-OpenSSH_3.5p1
5749: debug1: SSH2_MSG_KEXINIT sent
5749: debug1: SSH2_MSG_KEXINIT received
5749: debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
5749: debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
5749: debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se
5749: debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se
5749: debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
5749: debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
5749: debug2: kex_parse_kexinit: none,zlib
5749: debug2: kex_parse_kexinit: none,zlib
5749: debug2: kex_parse_kexinit:
5749: debug2: kex_parse_kexinit:
5749: debug2: kex_parse_kexinit: first_kex_follows 0
5749: debug2: kex_parse_kexinit: reserved 0
5749: debug2: kex_parse_kexinit: diffie-hellman-group1-sha1
5749: debug2: kex_parse_kexinit: ssh-dss
5749: debug2: kex_parse_kexinit: blowfish-cbc,3des-cbc
5749: debug2: kex_parse_kexinit: blowfish-cbc,3des-cbc
5749: debug2: kex_parse_kexinit: hmac-md5,hmac-sha1
5749: debug2: kex_parse_kexinit: hmac-md5,hmac-sha1
5749: debug2: kex_parse_kexinit: none
5749: debug2: kex_parse_kexinit: none
5749: debug2: kex_parse_kexinit:
5749: debug2: kex_parse_kexinit:
5749: debug2: kex_parse_kexinit: first_kex_follows 0
5749: debug2: kex_parse_kexinit: reserved 0
5749: debug2: mac_init: found hmac-md5
5749: debug1: kex: server->client 3des-cbc hmac-md5 none
5749: debug2: mac_init: found hmac-md5
5749: debug1: kex: client->server 3des-cbc hmac-md5 none
5749: debug1: dh_gen_key: priv key bits set: 191/384
5749: debug1: bits set: 532/1024
5749: debug1: sending SSH2_MSG_KEXDH_INIT
5749: debug1: expecting SSH2_MSG_KEXDH_REPLY
5749: debug3: check_host_in_hostfile: filename /appli/save/comp/param/known_hosts
5749: debug3: check_host_in_hostfile: match line 1
5749: debug1: Host '172.17.0.148' is known and matches the DSA host key.
5749: debug1: Found key in /appli/save/comp/param/known_hosts:1
5749: debug1: bits set: 525/1024
5749: debug1: ssh_dss_verify: signature correct
5749: debug1: kex_derive_keys
5749: debug1: newkeys: mode 1
5749: debug1: SSH2_MSG_NEWKEYS sent
5749: debug1: waiting for SSH2_MSG_NEWKEYS
5749: debug1: newkeys: mode 0
5749: debug1: SSH2_MSG_NEWKEYS received
5749: debug1: done: ssh_kex2.
5749: debug1: send SSH2_MSG_SERVICE_REQUEST
5749: debug1: service_accept: ssh-userauth
5749: debug1: got SSH2_MSG_SERVICE_ACCEPT
5749: debug1: authentications that can continue: publickey
5749: debug3: start over, passed a different list publickey
5749: debug3: preferred publickey
5749: debug3: authmethod_lookup publickey
5749: debug3: remaining preferred:
5749: debug3: authmethod_is_enabled publickey
5749: debug1: next auth method to try is publickey
5749: debug1: try privkey: /appli/save/comp/param/id_dsa
5749: debug1: read PEM private key done: type DSA
5749: debug3: sign_and_send_pubkey
5749: debug2: we sent a publickey packet, wait for reply
5749: debug1: authentications that can continue: publickey
5749: debug2: we did not send a packet, disable method
5749: debug1: no more auth methods to try
5749: Permission denied (publickey).
5749: debug1: Calling cleanup 0x8068d70(0x0)
Attend t il une réponse qui n'arrive jamais (wait for reply)
Cela signifie t il que les ports ne sont pas ouverts?
Si vous avez la moindre piste, je suis preneur.
Je m'arrache les cheveux sur un facheux probleme pour créer une liaison ssh entre un serveur linux et une machine distante avec echange de clés et surtout SANS mot de passe (la machine distante n'a pas d'ecran, ni clavier).
Lorsque je lance :
ssh -v -v -v 172.17.0.148 -F /appli/save/comp/param/ssh_config
j'obtiens:
user@serverlinux:/appli/save/var/log> cat 5739trace_ssh.log
OpenSSH_3.5p1, SSH protocols 1.5/2.0, OpenSSL 0x0090609f
5749: debug1: Reading configuration data /appli/save/comp/param/ssh_config
5749: debug1: Applying options for *
5749: debug1: Rhosts Authentication disabled, originating port will not be trusted.
5749: debug1: ssh_connect: needpriv 0
5749: debug1: Connecting to 172.17.0.148 [172.17.0.148] port 22.
5749: debug1: Connection established.
5749: debug3: Not a RSA1 key file /appli/save/comp/param/id_dsa.
5749: debug2: key_type_from_name: unknown key type '-----BEGIN'
5749: debug3: key_read: no key found
5749: debug3: key_read: no space
5749: debug3: key_read: no space
5749: debug3: key_read: no space
5749: debug3: key_read: no space
5749: debug3: key_read: no space
5749: debug3: key_read: no space
5749: debug3: key_read: no space
5749: debug3: key_read: no space
5749: debug3: key_read: no space
5749: debug3: key_read: no space
5749: debug2: key_type_from_name: unknown key type '-----END'
5749: debug3: key_read: no key found
5749: debug1: identity file /appli/save/comp/param/id_dsa type -1
5749: debug1: Remote protocol version 2.0, remote software version OpenSSH_3.6p1
5749: debug1: match: OpenSSH_3.6p1 pat OpenSSH*
5749: debug1: Enabling compatibility mode for protocol 2.0
5749: debug1: Local version string SSH-2.0-OpenSSH_3.5p1
5749: debug1: SSH2_MSG_KEXINIT sent
5749: debug1: SSH2_MSG_KEXINIT received
5749: debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
5749: debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
5749: debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se
5749: debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se
5749: debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
5749: debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
5749: debug2: kex_parse_kexinit: none,zlib
5749: debug2: kex_parse_kexinit: none,zlib
5749: debug2: kex_parse_kexinit:
5749: debug2: kex_parse_kexinit:
5749: debug2: kex_parse_kexinit: first_kex_follows 0
5749: debug2: kex_parse_kexinit: reserved 0
5749: debug2: kex_parse_kexinit: diffie-hellman-group1-sha1
5749: debug2: kex_parse_kexinit: ssh-dss
5749: debug2: kex_parse_kexinit: blowfish-cbc,3des-cbc
5749: debug2: kex_parse_kexinit: blowfish-cbc,3des-cbc
5749: debug2: kex_parse_kexinit: hmac-md5,hmac-sha1
5749: debug2: kex_parse_kexinit: hmac-md5,hmac-sha1
5749: debug2: kex_parse_kexinit: none
5749: debug2: kex_parse_kexinit: none
5749: debug2: kex_parse_kexinit:
5749: debug2: kex_parse_kexinit:
5749: debug2: kex_parse_kexinit: first_kex_follows 0
5749: debug2: kex_parse_kexinit: reserved 0
5749: debug2: mac_init: found hmac-md5
5749: debug1: kex: server->client 3des-cbc hmac-md5 none
5749: debug2: mac_init: found hmac-md5
5749: debug1: kex: client->server 3des-cbc hmac-md5 none
5749: debug1: dh_gen_key: priv key bits set: 191/384
5749: debug1: bits set: 532/1024
5749: debug1: sending SSH2_MSG_KEXDH_INIT
5749: debug1: expecting SSH2_MSG_KEXDH_REPLY
5749: debug3: check_host_in_hostfile: filename /appli/save/comp/param/known_hosts
5749: debug3: check_host_in_hostfile: match line 1
5749: debug1: Host '172.17.0.148' is known and matches the DSA host key.
5749: debug1: Found key in /appli/save/comp/param/known_hosts:1
5749: debug1: bits set: 525/1024
5749: debug1: ssh_dss_verify: signature correct
5749: debug1: kex_derive_keys
5749: debug1: newkeys: mode 1
5749: debug1: SSH2_MSG_NEWKEYS sent
5749: debug1: waiting for SSH2_MSG_NEWKEYS
5749: debug1: newkeys: mode 0
5749: debug1: SSH2_MSG_NEWKEYS received
5749: debug1: done: ssh_kex2.
5749: debug1: send SSH2_MSG_SERVICE_REQUEST
5749: debug1: service_accept: ssh-userauth
5749: debug1: got SSH2_MSG_SERVICE_ACCEPT
5749: debug1: authentications that can continue: publickey
5749: debug3: start over, passed a different list publickey
5749: debug3: preferred publickey
5749: debug3: authmethod_lookup publickey
5749: debug3: remaining preferred:
5749: debug3: authmethod_is_enabled publickey
5749: debug1: next auth method to try is publickey
5749: debug1: try privkey: /appli/save/comp/param/id_dsa
5749: debug1: read PEM private key done: type DSA
5749: debug3: sign_and_send_pubkey
5749: debug2: we sent a publickey packet, wait for reply
5749: debug1: authentications that can continue: publickey
5749: debug2: we did not send a packet, disable method
5749: debug1: no more auth methods to try
5749: Permission denied (publickey).
5749: debug1: Calling cleanup 0x8068d70(0x0)
Attend t il une réponse qui n'arrive jamais (wait for reply)
Cela signifie t il que les ports ne sont pas ouverts?
Si vous avez la moindre piste, je suis preneur.
Poste le Thursday 9 March 2006 18:27:15
Re: Connexion ssh impossible
Envoyé par:
chromosome
Tu as surtout un probleme bien avant ca .
5749: debug3: Not a RSA1 key file /appli/save/comp/param/id_dsa.
5749: debug2: key_type_from_name: unknown key type '-----BEGIN'
5749: debug3: key_read: no key found
5749: debug3: key_read: no space
5749: debug3: key_read: no space
5749: debug3: key_read: no space
5749: debug3: key_read: no space
5749: debug3: key_read: no space
5749: debug3: key_read: no space
5749: debug3: key_read: no space
5749: debug3: key_read: no space
5749: debug3: key_read: no space
5749: debug3: key_read: no space
5749: debug2: key_type_from_name: unknown key type '-----END'
Ta cle n'a pas l'air d'etre au point. Du moins celle-a, tu peux specifier ta cle avec le "-i" dans ssh.
5749: debug3: Not a RSA1 key file /appli/save/comp/param/id_dsa.
5749: debug2: key_type_from_name: unknown key type '-----BEGIN'
5749: debug3: key_read: no key found
5749: debug3: key_read: no space
5749: debug3: key_read: no space
5749: debug3: key_read: no space
5749: debug3: key_read: no space
5749: debug3: key_read: no space
5749: debug3: key_read: no space
5749: debug3: key_read: no space
5749: debug3: key_read: no space
5749: debug3: key_read: no space
5749: debug3: key_read: no space
5749: debug2: key_type_from_name: unknown key type '-----END'
Ta cle n'a pas l'air d'etre au point. Du moins celle-a, tu peux specifier ta cle avec le "-i" dans ssh.
Poste le Thursday 9 March 2006 20:38:58
Ce forum !
Connexion ssh impossible
Posez dans ce forum les questions qui ne trouvent pas place dans les autres...
Sauf mention contraire, les documentations publiées sont sous licence Creative-Commons