[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [atomic-devel] Can't ssh to root



On Thu, May 21, 2015 at 10:57 PM, SGhosh <sghosh redhat com> wrote:
> #PermitRootLogin yes
> ?

I believe the commented out values are indeed the defaults, but
nevertheless I have the same issue with this set explicitly and sshd
restarted.
As an aside, I also ran:
echo vagrant | passwd --stdin root
to ensure a valid root password was possible, even when not set previously.

If any know knows why it's not working, I'd appreciate it, otherwise
I'll try again tomorrow with a clear head once I can get
/var/log/secure back and working again ;)

Cheers,
James

>
>
> On 05/21/2015 05:21 PM, James wrote:
>>
>> I'm having trouble SSH-ing to root on an atomic host. To make it easy
>> to debug, I can replicate the issue *from* the host.
>>
>> boot up atomic host. I'm using Fedora 21
>>
>> $ cat foo
>> Host localhost
>>    HostName localhost
>>    User vagrant
>>    Port 22
>>    UserKnownHostsFile /dev/null
>>    StrictHostKeyChecking no
>>    PasswordAuthentication no
>>    IdentityFile insecure_private_key
>>    IdentitiesOnly yes
>>    LogLevel FATAL
>>
>> $ ssh -v -t -F foo root localhost
>> OpenSSH_6.8p1, OpenSSL 1.0.1k-fips 8 Jan 2015
>> debug1: Reading configuration data foo
>> debug1: foo line 1: Applying options for localhost
>> debug1: Connecting to localhost [::1] port 22.
>> debug1: Connection established.
>> debug1: key_load_public: No such file or directory
>> debug1: identity file insecure_private_key type -1
>> debug1: key_load_public: No such file or directory
>> debug1: identity file insecure_private_key-cert type -1
>> debug1: Enabling compatibility mode for protocol 2.0
>> debug1: Local version string SSH-2.0-OpenSSH_6.8
>> debug1: Remote protocol version 2.0, remote software version OpenSSH_6.8
>> debug1: match: OpenSSH_6.8 pat OpenSSH* compat 0x04000000
>> debug1: SSH2_MSG_KEXINIT sent
>> debug1: SSH2_MSG_KEXINIT received
>> debug1: kex: server->client aes128-ctr umac-64-etm openssh com none
>> debug1: kex: client->server aes128-ctr umac-64-etm openssh com none
>> debug1: kex: curve25519-sha256 libssh org need=16 dh_need=16
>> debug1: kex: curve25519-sha256 libssh org need=16 dh_need=16
>> debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
>> debug1: Server host key: ecdsa-sha2-nistp256
>> SHA256:bZ890jxWtxfs31anyYZyo5ZO8uCqJ0RIm8ErlRIp0i0
>> Warning: Permanently added 'localhost' (ECDSA) to the list of known hosts.
>> debug1: SSH2_MSG_NEWKEYS sent
>> debug1: expecting SSH2_MSG_NEWKEYS
>> debug1: SSH2_MSG_NEWKEYS received
>> debug1: Roaming not allowed by server
>> debug1: SSH2_MSG_SERVICE_REQUEST sent
>> debug1: SSH2_MSG_SERVICE_ACCEPT received
>> debug1: Authentications that can continue:
>> publickey,gssapi-keyex,gssapi-with-mic,password
>> debug1: Next authentication method: publickey
>> debug1: Trying private key: insecure_private_key
>> debug1: Authentications that can continue:
>> publickey,gssapi-keyex,gssapi-with-mic,password
>> debug1: No more authentication methods to try.
>> Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).
>>
>>
>> $ cat insecure_private_key
>> -----BEGIN RSA PRIVATE KEY-----
>> MIIEogIBAAKCAQEA6NF8iallvQVp22WDkTkyrtvp9eWW6A8YVr+kz4TjGYe7gHzI
>> w+niNltGEFHzD8+v1I2YJ6oXevct1YeS0o9HZyN1Q9qgCgzUFtdOKLv6IedplqoP
>> kcmF0aYet2PkEDo3MlTBckFXPITAMzF8dJSIFo9D8HfdOV0IAdx4O7PtixWKn5y2
>> hMNG0zQPyUecp4pzC6kivAIhyfHilFR61RGL+GPXQ2MWZWFYbAGjyiYJnAmCP3NO
>> Td0jMZEnDkbUvxhMmBYSdETk1rRgm+R4LOzFUGaHqHDLKLX+FIPKcF96hrucXzcW
>> yLbIbEgE98OHlnVYCzRdK8jlqm8tehUc9c9WhQIBIwKCAQEA4iqWPJXtzZA68mKd
>> ELs4jJsdyky+ewdZeNds5tjcnHU5zUYE25K+ffJED9qUWICcLZDc81TGWjHyAqD1
>> Bw7XpgUwFgeUJwUlzQurAv+/ySnxiwuaGJfhFM1CaQHzfXphgVml+fZUvnJUTvzf
>> TK2Lg6EdbUE9TarUlBf/xPfuEhMSlIE5keb/Zz3/LUlRg8yDqz5w+QWVJ4utnKnK
>> iqwZN0mwpwU7YSyJhlT4YV1F3n4YjLswM5wJs2oqm0jssQu/BT0tyEXNDYBLEF4A
>> sClaWuSJ2kjq7KhrrYXzagqhnSei9ODYFShJu8UWVec3Ihb5ZXlzO6vdNQ1J9Xsf
>> 4m+2ywKBgQD6qFxx/Rv9CNN96l/4rb14HKirC2o/orApiHmHDsURs5rUKDx0f9iP
>> cXN7S1uePXuJRK/5hsubaOCx3Owd2u9gD6Oq0CsMkE4CUSiJcYrMANtx54cGH7Rk
>> EjFZxK8xAv1ldELEyxrFqkbE4BKd8QOt414qjvTGyAK+OLD3M2QdCQKBgQDtx8pN
>> CAxR7yhHbIWT1AH66+XWN8bXq7l3RO/ukeaci98JfkbkxURZhtxV/HHuvUhnPLdX
>> 3TwygPBYZFNo4pzVEhzWoTtnEtrFueKxyc3+LjZpuo+mBlQ6ORtfgkr9gBVphXZG
>> YEzkCD3lVdl8L4cw9BVpKrJCs1c5taGjDgdInQKBgHm/fVvv96bJxc9x1tffXAcj
>> 3OVdUN0UgXNCSaf/3A/phbeBQe9xS+3mpc4r6qvx+iy69mNBeNZ0xOitIjpjBo2+
>> dBEjSBwLk5q5tJqHmy/jKMJL4n9ROlx93XS+njxgibTvU6Fp9w+NOFD/HvxB3Tcz
>> 6+jJF85D5BNAG3DBMKBjAoGBAOAxZvgsKN+JuENXsST7F89Tck2iTcQIT8g5rwWC
>> P9Vt74yboe2kDT531w8+egz7nAmRBKNM751U/95P9t88EDacDI/Z2OwnuFQHCPDF
>> llYOUI+SpLJ6/vURRbHSnnn8a/XG+nzedGH5JGqEJNQsz+xT2axM0/W/CRknmGaJ
>> kda/AoGANWrLCz708y7VYgAtW2Uf1DPOIYMdvo6fxIB5i9ZfISgcJ/bbCUkFrhoH
>> +vq/5CIWxCPp0f85R4qxxQ5ihxJ0YDQT9Jpx4TMss4PSavPaBH3RXow5Ohe+bYoQ
>> NE5OgEXk2wVfZczCZpigBKbKZHNYcelXtTt/nP3rsCuGcM4h53s=
>> -----END RSA PRIVATE KEY-----
>>
>>
>> journalctl -f tells me nothing interesting.
>>
>> Cheers,
>> James
>>
>


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]