# SOLVED ssh Permission denied (publickey,keyboard-interactive

## Joseph_sys

I have two Gentoo servers and I can ssh internal between them without any problems.

However, I'm trying to setup it up so I can log-in externaly from any comuter using Knoppix but I'm getting an error when I try to log-in:

 *Quote:*   

> Permission denied (publickey,keyboard-interactive)

 

I've coppied added public-key (id_dsa.pub) from my Gentoo sever to Knoppix /ramdisk/home/knoppix/.ssh/authorized_keys

The setting in knoppix /etc/ssh/sshd_conf shouldn't effect the operation, since I'm not trying to log-into Knoppix but from Knoppix to my server (my server is running sshd), knopix is not.

Knoppix /etc/ssh/ssh_conf

 *Quote:*   

> #       $OpenBSD: ssh_config,v 1.9 2001/03/10 12:53:51 deraadt Exp $
> 
> # This is ssh client systemwide configuration file.  See ssh(1) for more
> 
> # information.  This file provides defaults for users, and the values can
> ...

 

Here is the output from ssh -vvv

 *Quote:*   

> knoppix@1[knoppix]$ ssh -vvv joseph@205.206.12.103
> 
> OpenSSH_3.8.1p1 Debian-8.sarge.4, OpenSSL 0.9.7g 11 Apr 2005
> 
> debug1: Reading configuration data /etc/ssh/ssh_config
> ...

 

Why am I getting this error?

#JosephLast edited by Joseph_sys on Sun Nov 20, 2005 9:12 pm; edited 1 time in total

----------

## frostschutz

Uh. The public key goes to the server you want to log into. The client then requires the private key to be able to log into the server. Your description sounds like you got it the wrong way around.

----------

## Joseph_sys

 *frostschutz wrote:*   

> Uh. The public key goes to the server you want to log into. The client then requires the private key to be able to log into the server. Your description sounds like you got it the wrong way around.

 

Correct me if I'm wrong (though I think I'm not ;-/)

Gentoo server (the one I'm trying to long-into) has a public key and private key in ~.ssh/

So the server I'm logging into has both keys Public and Private.  But the client I'm logging from "Knoppix booted PC" has only "Gentoo server Pubic key" in ~.ssh/authorized_keys

2.)

Connection between two Gentoo servers works fine, but not from Knoppix booted PC I was running ssh in debug mode and I've narrow it down to 

the authorization method ssh is trying to use.  When I'm logging from Getnoo workstation the authorization ssh is trying to use:

service ssh-connection method publickey

When I try to login from Knoppix booted PC, ssh is trying to use:

ssh-connection method keyboard-interactive

Here is debug-log from Knoppix (failed) vs Gentoo (successful) login

attempt:

Gentoo (success)

 *Quote:*   

> debug1: userauth-request for user joseph service ssh-connection method none
> 
> debug1: attempt 0 failures 0
> 
> Failed none for joseph from 68.148.84.225 port 61399 ssh2
> ...

 

Knoppix (failed):

 *Quote:*   

> debug1: userauth-request for user joseph service ssh-connection method none
> 
> debug1: attempt 0 failures 0
> 
> Failed none for joseph from 68.148.84.225 port 61398 ssh2
> ...

 

What file control ssh-connection method?

----------

## frostschutz

 *Joseph_sys wrote:*   

> Gentoo server (the one I'm trying to long-into) has a public key and private key in ~.ssh/
> 
> So the server I'm logging into has both keys Public and Private.  But the client I'm logging from "Knoppix booted PC" has only "Gentoo server Pubic key" in ~.ssh/authorized_keys

 

That's wrong. The idea of public/private key pair is that you are the owner, and hand out only the public one for example, you give your public key to the server administrator and he uses it to provide you with an account. The private key is your personal key, you should not hand it out to anyone ever. It's supposed to be on your (client) machine only, never on the server. Otherwise, if you got accounts on several servers using the same key, as soon as just one server is compromised, the hacker gains access to all your other accounts because he's in possession of your private key.

----------

## Joseph_sys

 *frostschutz wrote:*   

>  *Joseph_sys wrote:*   Gentoo server (the one I'm trying to long-into) has a public key and private key in ~.ssh/
> 
> So the server I'm logging into has both keys Public and Private.  But the client I'm logging from "Knoppix booted PC" has only "Gentoo server Pubic key" in ~.ssh/authorized_keys 
> 
> That's wrong. The idea of public/private key pair is that you are the owner, and hand out only the public one for example, you give your public key to the server administrator and he uses it to provide you with an account. The private key is your personal key, you should not hand it out to anyone ever. It's supposed to be on your (client) machine only, never on the server. Otherwise, if you got accounts on several servers using the same key, as soon as just one server is compromised, the hacker gains access to all your other accounts because he's in possession of your private key.

 

Thank you for correcting me. Your were absolutely right  :Smile: .  It works like a charm.

I need to generate key-pair in Knoppix and copy public key into Gentoo ~.ssh/authorized_keys

Such a simple logical mistake, can believe it; and I've been using GPG for so long.

----------

