[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: [atomic-devel] Can't ssh to root

From: Giuseppe Scrivano <gscrivan redhat com>
To: James <purpleidea gmail com>
Cc: atomic-devel <atomic-devel projectatomic io>
Subject: Re: [atomic-devel] Can't ssh to root
Date: Thu, 21 May 2015 23:56:37 +0200

James <purpleidea gmail com> writes:

> I'm having trouble SSH-ing to root on an atomic host. To make it easy
> to debug, I can replicate the issue *from* the host.
>
> boot up atomic host. I'm using Fedora 21
>
> $ cat foo
> Host localhost
>   HostName localhost
>   User vagrant
>   Port 22
>   UserKnownHostsFile /dev/null
>   StrictHostKeyChecking no
>   PasswordAuthentication no
>   IdentityFile insecure_private_key
>   IdentitiesOnly yes
>   LogLevel FATAL
>
> $ ssh -v -t -F foo root localhost
> OpenSSH_6.8p1, OpenSSL 1.0.1k-fips 8 Jan 2015
> debug1: Reading configuration data foo
> debug1: foo line 1: Applying options for localhost
> debug1: Connecting to localhost [::1] port 22.
> debug1: Connection established.
> debug1: key_load_public: No such file or directory
> debug1: identity file insecure_private_key type -1
> debug1: key_load_public: No such file or directory
> debug1: identity file insecure_private_key-cert type -1
> debug1: Enabling compatibility mode for protocol 2.0
> debug1: Local version string SSH-2.0-OpenSSH_6.8
> debug1: Remote protocol version 2.0, remote software version OpenSSH_6.8
> debug1: match: OpenSSH_6.8 pat OpenSSH* compat 0x04000000
> debug1: SSH2_MSG_KEXINIT sent
> debug1: SSH2_MSG_KEXINIT received
> debug1: kex: server->client aes128-ctr umac-64-etm openssh com none
> debug1: kex: client->server aes128-ctr umac-64-etm openssh com none
> debug1: kex: curve25519-sha256 libssh org need=16 dh_need=16
> debug1: kex: curve25519-sha256 libssh org need=16 dh_need=16
> debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
> debug1: Server host key: ecdsa-sha2-nistp256
> SHA256:bZ890jxWtxfs31anyYZyo5ZO8uCqJ0RIm8ErlRIp0i0
> Warning: Permanently added 'localhost' (ECDSA) to the list of known hosts.
> debug1: SSH2_MSG_NEWKEYS sent
> debug1: expecting SSH2_MSG_NEWKEYS
> debug1: SSH2_MSG_NEWKEYS received
> debug1: Roaming not allowed by server
> debug1: SSH2_MSG_SERVICE_REQUEST sent
> debug1: SSH2_MSG_SERVICE_ACCEPT received
> debug1: Authentications that can continue:
> publickey,gssapi-keyex,gssapi-with-mic,password
> debug1: Next authentication method: publickey
> debug1: Trying private key: insecure_private_key
> debug1: Authentications that can continue:
> publickey,gssapi-keyex,gssapi-with-mic,password
> debug1: No more authentication methods to try.
> Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).

is PermitRootLogin set in /etc/ssh/sshd_config ?

Giuseppe

References:
- [atomic-devel] Can't ssh to root
  - From: James

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]