Public key authentication issues on cygwin
I've been trying "ssh localhost" on cygwin (I use WIndows 7), but it keeps asking for the password.
When I did "ssh -vvv localhost", I found out that the public key authentications were not happening (or failing). Hence, it was asking for the password.
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug3: start over, passed a different list publickey,password,keyboard-interactive
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /home/xxxxxxxx/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,password,keyboard-interactive
I'm not sure if it is unable to read the authorized_keys file, or if there is a timeout issue with this, or did the authentication fail? Is there any way to get more details?
I have done the following steps:
- ssh-host-config. Answered yes to all.
- Generated the RSA key and added it to the authorized_keys file.
- net start sshd
- ssh localhost
These are the permissions:
-rw------- 1 xxxxxxxx mkgroup 402 May 18 16:34 authorized_keys
-rw------- 1 xxxxxxxx mkgroup 1675 May 18 16:33 id_rsa
-rw-r--r-- 1 xxxxxxxx mkgroup 402 May 18 16:33 id_rsa.pub
-rw-r--r-- 1 xxxxxxxx mkgroup 171 May 18 14:33 known_hosts
There are a couple of issues as well: - The group is displayed as mkgroup. - The user "xxxxxxxx" does not exist in the localhost, I guess. It was not displayed in "net user sshd". "xxxxxxxx" is a Domain account. Could this be causing the public key authentication issue?
Just to see if there is any difference in the output, I deleted the authorized_keys file and tried. There was no difference in the output. It still sends a packet and proceeds to the next mode of authentication. There is no error message. Is there any other way to get more details (I'm a Cygwin and SSH n00b)? I would like to find it fails while reading the authorized_keys file.
Answer
Quick double-check, did you add your public key or private key to authorized_keys? It needs to be your public key.
I notice that the server is not responding with a "Server accepts key..." upon receipt of your pubkey_test and I have seen that when the public key is missing from the authorized_keys file on the server you're connecting to. You should see:
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Server accepts key: pkalg ssh-rsa blen 279
Easiest way to set it up is to use ssh-copy-id to do the work, e.g.,:
# ssh-copy-id localhost
That will create your authorized_keys file with the correct permissions. When you run this, you will be prompted for your password, because the server doesn't have the key. Once this command runs successfully, you'll be able to simply ssh to the server using your identity file. Note that ssh_config defaults the identity file to ~/.ssh/identity, ~/.ssh/id_rsa, ~/.ssh/id_dsa, so if you want to use a different file, you should set up an alias in ~/.ssh/config.
Hope this helps.