# ssh fails on internal network

## jedsen

When I try to ssh into my laptop, I get this error:

 *Quote:*   

> OpenSSH_4.2p1, OpenSSL 0.9.7e 25 Oct 2004
> 
> debug1: Reading configuration data /etc/ssh/ssh_config
> 
> debug1: Connecting to 192.168.2.2 [192.168.2.2] port 22.
> ...

 

I'm able to ssh into my desktop from my laptop, just not the other way around. I don't have access to the sshd_config on the laptop because it's half-way b0rked, It looks like I don't have a private key? How do I generate one?

----------

## desultory

I do not know the error messages for failed versus lacking private keys.

To generate new keys use ssh-keygen (net-misc/openssh), for default key sizes: 

```
ssh-keygen -t $type
```

 Where $type is one of rsa, dsa or rsa1.  When you use the new keys you will get errors about having the wrong key if you had a key associated with that user on that machine, unless you maunally reshare the key.

Before you generate new keys check your ~/.ssh/ to see what is there, if you have valid keys in that directory, you have other problems.

----------

## jedsen

Generating a private key didn't help, as it is not listed in  ~/.ssh/authorized_keys on the remote machine.

Still, shouldn't the keyboard-interactive and password authentication work? It looks like it's skipping them for some reason.

----------

## desultory

As you had stated that you retained access from the laptop to the desktop, why not ssh in and copy it over?

It is quite possible to configure openssh to not use such forms of authenication.Last edited by desultory on Sun Jan 15, 2006 8:12 pm; edited 1 time in total

----------

## jedsen

 *desultory wrote:*   

> As you had stated that you retained access from the laptop to the desktop, why not ssh in any copy it over?
> 
> It is quite possible to configure openssh to not use such forms of authenication.

 

Yes, but as I cannot ssh into my laptop, and do not have access to it at the moment, I cannot copy the correct keys over.

My question is, why isn't the password/keyboard authentication method working?

Oh, and by the way, thank you for your help    :Very Happy: 

----------

## desultory

Once you can access the laptop, physically, you should be able to ssh in to your desktop and copy the key into the right place to allow the desktop to reciprocate the connection.

You might have a problem with PAM or you could have 'PasswordAuthentication' set to 'no' in the sshd config file, in which case this behaviour is what you asked for.

----------

## jedsen

I didn't say that clearly, I completely removed PAM from my system, so I can no longer log in manually.

It looks like the lack of PAM is the problem. What s stupid mistake, no? Anyway, thanks, desultory, and let this be a lesson to all you out there. My laptop is now completely unusable, because of this, for I can't boot a cd either.

----------

## desultory

All might not yet be lost. 

If you can use grub to boot you might be able to use the old init= trick to get things working enough to get PAM back.

In broad strokes (note that I have not tried this):

Start your machine with your normal kernel command line plus init=/bin/bash.

Change your inittab so that instead of agetty it starts bash on at least tty1.

Reboot (for geek points exec init instead of rebooting).

Revert your inittab.

Emerge PAM and and anything that might use it (openssh, et cetera ).

Take solace in the facts that (a) you are not alone and (b) will likely never do that again.

----------

## jedsen

Awesome, your instructions worked, pam is now re-installed on my laptop. Thanks much! For prosterity:

After init booted, the file system was mounted read-only, so I ran:

```
mount -o remount -rw -t <filesystem type> /dev/hdaX /
```

then edited /etc/inittab

Also, executing init didn't work, i got this error: /dev/initctl: no such file, or some such, so I rebooted.

Thanks again, desultory! You really saved me.

----------

