2

I connect from a Linux machine to several Macs over ssh using public/private keys.

The setup is the identical on every ac, different OSs from 10.5 to 10.9 and publickey working. Only one of them, running OS X 10.9.5, keeps asking for user's password instead of using publickey.

Actually there's no access using publickey from any machine

ssh -vvv is:

...
debug1: Authentications that can continue: publickey,keyboard-interactive
debug3: start over, passed a different list publickey,keyboard-interactive
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering DSA public key: /Users/akeeem/.ssh/id_dsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: Trying private key: /Users/akeeem/.ssh/id_rsa
debug3: no such identity: /Users/akeeem/.ssh/id_rsa: No such file or directory
debug2: we did not send a packet, disable method
debug3: authmethod_lookup keyboard-interactive
debug3: remaining preferred: password
debug3: authmethod_is_enabled keyboard-interactive
debug1: Next authentication method: keyboard-interactive
debug2: userauth_kbdint
debug2: we sent a keyboard-interactive packet, wait for reply
debug2: input_userauth_info_req
debug2: input_userauth_info_req: num_prompts 1
Password:

What should i check to make sure publickey is operational?

DisplayName
  • 11,688
akeeem
  • 21
  • Is the Mac the client or the server? The above output looks like the Mac is the client, because it's using a file in /Users/akeem, but you said connect from a linux machine. – Barmar Nov 17 '14 at 21:39
  • 1
    The verbose message is pretty clear: the file ~/.ssh/id_rsa is missing on this machine. Copy it from one of the working machines. – Barmar Nov 17 '14 at 21:47
  • @Barmar The client sent a DSA key, which would be just as good. – Gilles 'SO- stop being evil' Nov 18 '14 at 08:57
  • See http://unix.stackexchange.com/questions/16978/how-to-make-password-less-login-work for a basic checklist. If you've checked every item, post the output of the corresponding commands (e.g. ls -l /path/to/file if a file's permissions are relevant), and the content of ~/.ssh/authorized_keys on the server. – Gilles 'SO- stop being evil' Nov 18 '14 at 08:59

1 Answers1

0

you must ensure ssh server had configured to accept public key authentication.

Then if message error said we did not send a packet, disable method meaning ssh server had some trouble to access authorized_keys file. You should check:

The syntax of authorized_keys is correct. The permission of .ssh directory and authorized_keys file is correct. The good option is using ssh-copy-id to copy your public key file to server, it will create all files and directory with necessary permission.

ssh-copy-id -i /home/username/.ssh/id_rsa.pub username@server

BDRSuite
  • 343