Dare in pasto la password a SFTP

**magix2003** · 17-08-2005, 13:43

Putty mi collega hai computers tramite ssh io non pensandoci ho cancellato le chiavi cosi' adesso putty non trova la corrispondenza delle chiavbi ed ovviamente non mi fa entrare nel sistema... La mia domanda e' come si fanno a ripristanere le chiavi con putty?

**magix2003** · 17-08-2005, 14:03

Nei log di putty vi e' questro errore:

codice:

=~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2005.08.17 14:00:56 =~=~=~=~=~=~=~=~=~=~=~=
login as: root
No supported authentication methods left to try!

Allora il problema e' del server e delle sue impostazioni, qualcuno sa come si connette putty? Magari ha sempre bisogno del controllo password....
ciao

**Ikitt** · 17-08-2005, 14:07

Originariamente inviato da magix2003
Nei log di putty vi e' questro errore:

codice:

=~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2005.08.17 14:00:56 =~=~=~=~=~=~=~=~=~=~=~=
login as: root
No supported authentication methods left to try!

Allora il problema e' del server e delle sue impostazioni, qualcuno sa come si connette putty? Magari ha sempre bisogno del controllo password....

Se te, come mi pare, hai configurato il server ssh per accettare solo l'autenticazione mediante chiavi, ma hai cancellato le chiavi sul server, il risultato netto e`
- l'autenticazione con chiavi fallisce
- non essendoci altri metodi di autenticazione configurati, l'intero processo di autenticazione fallisce

conseguenza: da ssh non si entra. Serve un altro metodo (telnet, ftp, webmin...) o di recarsi fisicamente davanti alla macchina.

**magix2003** · 17-08-2005, 14:49

Si lo avevo intuito anche io ed adesso ho risolto, almeno parzialmente. Mi si e' presentato pero' un altro problema, ho settato gli altri due client ESATTAMENTE come quello funzionante, ma niente non funziona e da sempre lo stesso errore. Posto il debug, prima di quello non funzionante e poi di quello funzionante:

codice:

OpenSSH_4.1p1, OpenSSL 0.9.7f 22 Mar 2005
debug1: Reading configuration data /etc/ssh/ssh_config^M
debug2: ssh_connect: needpriv 0^M
debug1: Connecting to sniffer [10.150.51.21] port 22.^M
debug1: Connection established.^M
debug1: permanently_set_uid: 0/0^M
debug1: identity file /root/.ssh/identity type -1^M
debug1: identity file /root/.ssh/id_rsa type -1^M
debug1: identity file /root/.ssh/id_dsa type -1^M
debug1: Remote protocol version 2.0, remote software version OpenSSH_3.8.1p1 Debian-8.sarge.4^M
debug1: match: OpenSSH_3.8.1p1 Debian-8.sarge.4 pat OpenSSH_3.*^M
debug1: Enabling compatibility mode for protocol 2.0^M
debug1: Local version string SSH-2.0-OpenSSH_4.1^M
debug2: fd 3 setting O_NONBLOCK^M
debug1: SSH2_MSG_KEXINIT sent^M
debug1: SSH2_MSG_KEXINIT received^M
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1^M
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss^M
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr^M
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr^M
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96^M
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96^M
debug2: kex_parse_kexinit: none,zlib^M
debug2: kex_parse_kexinit: none,zlib^M
debug2: kex_parse_kexinit: ^M
debug2: kex_parse_kexinit: ^M
debug2: kex_parse_kexinit: first_kex_follows 0 ^M
debug2: kex_parse_kexinit: reserved 0 ^M
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1^M
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss^M
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr^M
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr^M
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96^M
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96^M
debug2: kex_parse_kexinit: none,zlib^M
debug2: kex_parse_kexinit: none,zlib^M
debug2: kex_parse_kexinit: ^M
debug2: kex_parse_kexinit: ^M
debug2: kex_parse_kexinit: first_kex_follows 0 ^M
debug2: kex_parse_kexinit: reserved 0 ^M
debug2: mac_init: found hmac-md5^M
debug1: kex: server->client aes128-cbc hmac-md5 none^M
debug2: mac_init: found hmac-md5^M
debug1: kex: client->server aes128-cbc hmac-md5 none^M
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent^M
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP^M
debug2: dh_gen_key: priv key bits set: 125/256^M
debug2: bits set: 489/1024^M
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent^M
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY^M
debug3: check_host_in_hostfile: filename /root/.ssh/known_hosts^M
debug3: check_host_in_hostfile: match line 1^M
debug3: check_host_in_hostfile: filename /root/.ssh/known_hosts^M
debug3: check_host_in_hostfile: match line 1^M
debug1: Host 'sniffer' is known and matches the RSA host key.^M
debug1: Found key in /root/.ssh/known_hosts:1^M
debug2: bits set: 505/1024^M
debug1: ssh_rsa_verify: signature correct^M
debug2: kex_derive_keys^M
debug2: set_newkeys: mode 1^M
debug1: SSH2_MSG_NEWKEYS sent^M
debug1: expecting SSH2_MSG_NEWKEYS^M
debug2: set_newkeys: mode 0^M
debug1: SSH2_MSG_NEWKEYS received^M
debug1: SSH2_MSG_SERVICE_REQUEST sent^M
debug2: service_accept: ssh-userauth^M
debug1: SSH2_MSG_SERVICE_ACCEPT received^M
debug2: key: /root/.ssh/identity ((nil))^M
debug2: key: /root/.ssh/id_rsa ((nil))^M
debug2: key: /root/.ssh/id_dsa ((nil))^M
debug1: Authentications that can continue: publickey,keyboard-interactive^M
debug3: start over, passed a different list publickey,keyboard-interactive^M
debug3: preferred publickey,keyboard-interactive,password^M
debug3: authmethod_lookup publickey^M
debug3: remaining preferred: keyboard-interactive,password^M
debug3: authmethod_is_enabled publickey^M
debug1: Next authentication method: publickey^M
debug1: Trying private key: /root/.ssh/identity^M
debug3: no such identity: /root/.ssh/identity^M
debug1: Trying private key: /root/.ssh/id_rsa^M
debug3: no such identity: /root/.ssh/id_rsa^M
debug1: Trying private key: /root/.ssh/id_dsa^M
debug3: no such identity: /root/.ssh/id_dsa^M
debug2: we did not send a packet, disable method^M
debug3: authmethod_lookup keyboard-interactive^M
debug3: remaining preferred: password^M
debug3: authmethod_is_enabled keyboard-interactive^M
debug1: Next authentication method: keyboard-interactive^M
debug2: userauth_kbdint^M
debug2: we sent a keyboard-interactive packet, wait for reply^M
debug1: Authentications that can continue: publickey,keyboard-interactive^M
debug3: userauth_kbdint: disable: no info_req_seen^M
debug2: we did not send a packet, disable method^M
debug1: No more authentication methods to try.^M
Permission denied (publickey,keyboard-interactive).^M

Funzionante:

codice:

OpenSSH_4.1p1, OpenSSL 0.9.7f 22 Mar 2005
debug1: Reading configuration data /etc/ssh/ssh_config^M
debug2: ssh_connect: needpriv 0^M
debug1: Connecting to sniffer [10.150.51.21] port 22.^M
debug1: Connection established.^M
debug1: permanently_set_uid: 0/0^M
debug1: identity file /root/.ssh/identity type -1^M
debug3: Not a RSA1 key file /root/.ssh/id_rsa.^M
debug2: key_type_from_name: unknown key type '-----BEGIN'^M
debug3: key_read: missing keytype^M
debug3: key_read: missing whitespace^M
debug3: key_read: missing whitespace^M
debug3: key_read: missing whitespace^M
debug3: key_read: missing whitespace^M
debug3: key_read: missing whitespace^M
debug3: key_read: missing whitespace^M
debug3: key_read: missing whitespace^M
debug3: key_read: missing whitespace^M
debug3: key_read: missing whitespace^M
debug3: key_read: missing whitespace^M
debug3: key_read: missing whitespace^M
debug3: key_read: missing whitespace^M
debug3: key_read: missing whitespace^M
debug2: key_type_from_name: unknown key type '-----END'^M
debug3: key_read: missing keytype^M
debug1: identity file /root/.ssh/id_rsa type -1^M
debug3: Not a RSA1 key file /root/.ssh/id_dsa.^M
debug2: key_type_from_name: unknown key type '-----BEGIN'^M
debug3: key_read: missing keytype^M
debug3: key_read: missing whitespace^M
debug3: key_read: missing whitespace^M
debug3: key_read: missing whitespace^M
debug3: key_read: missing whitespace^M
debug3: key_read: missing whitespace^M
debug3: key_read: missing whitespace^M
debug3: key_read: missing whitespace^M
debug3: key_read: missing whitespace^M
debug3: key_read: missing whitespace^M
debug3: key_read: missing whitespace^M
debug2: key_type_from_name: unknown key type '-----END'^M
debug3: key_read: missing keytype^M
debug1: identity file /root/.ssh/id_dsa type 2^M
debug1: Remote protocol version 2.0, remote software version OpenSSH_3.8.1p1 Debian-8.sarge.4^M
debug1: match: OpenSSH_3.8.1p1 Debian-8.sarge.4 pat OpenSSH_3.*^M
debug1: Enabling compatibility mode for protocol 2.0^M
debug1: Local version string SSH-2.0-OpenSSH_4.1^M
debug2: fd 3 setting O_NONBLOCK^M
debug1: SSH2_MSG_KEXINIT sent^M
debug1: SSH2_MSG_KEXINIT received^M
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1^M
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss^M
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr^M
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr^M
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96^M
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96^M
debug2: kex_parse_kexinit: none,zlib^M
debug2: kex_parse_kexinit: none,zlib^M
debug2: kex_parse_kexinit: ^M
debug2: kex_parse_kexinit: ^M
debug2: kex_parse_kexinit: first_kex_follows 0 ^M
debug2: kex_parse_kexinit: reserved 0 ^M
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1^M
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss^M
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr^M
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr^M
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96^M
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96^M
debug2: kex_parse_kexinit: none,zlib^M
debug2: kex_parse_kexinit: none,zlib^M
debug2: kex_parse_kexinit: ^M
debug2: kex_parse_kexinit: ^M
debug2: kex_parse_kexinit: first_kex_follows 0 ^M
debug2: kex_parse_kexinit: reserved 0 ^M
debug2: mac_init: found hmac-md5^M
debug1: kex: server->client aes128-cbc hmac-md5 none^M
debug2: mac_init: found hmac-md5^M
debug1: kex: client->server aes128-cbc hmac-md5 none^M
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent^M
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP^M
debug2: dh_gen_key: priv key bits set: 129/256^M
debug2: bits set: 525/1024^M
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent^M
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY^M
debug3: check_host_in_hostfile: filename /root/.ssh/known_hosts^M
debug3: check_host_in_hostfile: match line 1^M
debug3: check_host_in_hostfile: filename /root/.ssh/known_hosts^M
debug3: check_host_in_hostfile: match line 1^M
debug1: Host 'sniffer' is known and matches the RSA host key.^M
debug1: Found key in /root/.ssh/known_hosts:1^M
debug2: bits set: 513/1024^M
debug1: ssh_rsa_verify: signature correct^M
debug2: kex_derive_keys^M
debug2: set_newkeys: mode 1^M
debug1: SSH2_MSG_NEWKEYS sent^M
debug1: expecting SSH2_MSG_NEWKEYS^M
debug2: set_newkeys: mode 0^M
debug1: SSH2_MSG_NEWKEYS received^M
debug1: SSH2_MSG_SERVICE_REQUEST sent^M
debug2: service_accept: ssh-userauth^M
debug1: SSH2_MSG_SERVICE_ACCEPT received^M
debug2: key: /root/.ssh/identity ((nil))^M
debug2: key: /root/.ssh/id_rsa ((nil))^M
debug2: key: /root/.ssh/id_dsa (0x941e110)^M
debug1: Authentications that can continue: publickey,keyboard-interactive^M
debug3: start over, passed a different list publickey,keyboard-interactive^M
debug3: preferred publickey,keyboard-interactive,password^M
debug3: authmethod_lookup publickey^M
debug3: remaining preferred: keyboard-interactive,password^M
debug3: authmethod_is_enabled publickey^M
debug1: Next authentication method: publickey^M
debug1: Trying private key: /root/.ssh/identity^M
debug3: no such identity: /root/.ssh/identity^M
debug1: Trying private key: /root/.ssh/id_rsa^M
debug1: read PEM private key done: type RSA^M
debug3: sign_and_send_pubkey^M
debug2: we sent a publickey packet, wait for reply^M
debug1: Authentication succeeded (publickey).^M
debug2: fd 5 setting O_NONBLOCK^M
debug1: channel 0: new [client-session]^M
debug3: ssh_session2_open: channel_new: 0^M
debug2: channel 0: send open^M
debug1: Entering interactive session.^M
debug2: callback start^M
debug2: client_session2_setup: id 0^M
debug2: channel 0: request pty-req confirm 0^M
debug3: tty_make_modes: ospeed 38400^M
debug3: tty_make_modes: ispeed 38400^M
debug3: tty_make_modes: 1 3^M
debug3: tty_make_modes: 2 28^M
debug3: tty_make_modes: 3 127^M
debug2: channel 0: request shell confirm 0^M
debug2: fd 3 setting TCP_NODELAY^M
debug2: callback done^M
debug3: tty_make_modes: 93 0^M
debug2: channel 0: request shell confirm 0^M
debug2: fd 3 setting TCP_NODELAY^M
debug2: callback done^M
debug2: channel 0: open confirm rwindow 0 rmax 32768^M
debug2: channel 0: rcvd adjust 131072^M
Last login: Wed Aug 17 14:40:49 2005 from probe3.siag.it^M^M

Scusate se vi rompo tanto ma non so piu' dove sbattere la testa... pensavo fosse piu' facile configurare ssh
ciao

**Ikitt** · 17-08-2005, 14:56

Originariamente inviato da magix2003

codice:

[...]
debug1: SSH2_MSG_SERVICE_ACCEPT received^M
debug2: key: /root/.ssh/identity ((nil))^M
debug2: key: /root/.ssh/id_rsa ((nil))^M
debug2: key: /root/.ssh/id_dsa ((nil))^M
[...]

Nessuna chiave disponibile, per questo non funziona; infatti...

Funzionante:

codice:

[...]
debug1: SSH2_MSG_SERVICE_ACCEPT received^M
debug2: key: /root/.ssh/identity ((nil))^M
debug2: key: /root/.ssh/id_rsa ((nil))^M
debug2: key: /root/.ssh/id_dsa (0x941e110)^M
[...]

Qui funziona perche` usa una chiave DSA.

PS: il login diretto come root e` sconsigliato

**magix2003** · 17-08-2005, 14:59

Come fa ad utilizzare una chiave dsa se ho impostato la chiave con rsa in tutti e due i client, tral'altro nel file di config e' permessa solo la RSA. Comunque se io generassi una chiave dsa nel client e la trasferissi nel server dovrebbe funzionare...
Ci provero' ciao
P.S ho controlla to il file authorized_keys ha le chiavi rsa quindi il server non so dove vada a prendere la chiave dsa.

Discussione: Dare in pasto la password a SFTP

Strumenti discussione

Ricerca discussione

Visualizza

Permessi di invio