tkota
Reputation: 71
Passwordless ssh authentication fails because of 'Unable to load host key'
Unable to set ssh passwordless authentication
I am unable to ssh with passwordless authentication from Windows client onto UBuntu server. The ssh version on UBuntu is OpenSSH_5.8p1 Debian-7ubuntu1, OpenSSL 1.0.0e , while SSH on Windows Client is OpenSSH_5.1p1, OpenSSL 0.9.8k. I turned on ssh debugging and noticed these messages on server and client:
/usr/bin/sshd -d -p 2222 on server
adminuser@server:~/.ssh$ /usr/sbin/sshd -d -p 2222
debug1: sshd version OpenSSH_5.8p1 Debian-7ubuntu1
debug1: could not open key file '/etc/ssh/ssh_host_rsa_key': Permission denied
Could not load host key: /etc/ssh/ssh_host_rsa_key
debug1: could not open key file '/etc/ssh/ssh_host_dsa_key': Permission denied
Could not load host key: /etc/ssh/ssh_host_dsa_key
debug1: could not open key file '/etc/ssh/ssh_host_ecdsa_key': Permission denied
Could not load host key: /etc/ssh/ssh_host_ecdsa_key
debug1: setgroups() failed: Operation not permitted
debug1: rexec_argv[0]='/usr/sbin/sshd'
debug1: rexec_argv[1]='-d'
debug1: rexec_argv[2]='-p'
debug1: rexec_argv[3]='2222'
Set /proc/self/oom_score_adj from 0 to -1000
debug1: Bind to port 2222 on 0.0.0.0.
Server listening on 0.0.0.0 port 2222.
debug1: Bind to port 2222 on ::.
Server listening on :: port 2222.
debug1: Server will not fork when running in debugging mode.
debug1: rexec start in 5 out 5 newsock 5 pipe -1 sock 8
debug1: inetd sockets after dupping: 3, 3
Connection from 10.221.84.65 port 2414
debug1: Client protocol version 2.0; client software version OpenSSH_5.1
debug1: match: OpenSSH_5.1 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.8p1 Debian-7ubuntu1
debug1: list_hostkey_types:
No supported key exchange algorithms
debug1: do_cleanup
debug1: do_cleanup
ssh -vvv on client
C:\Documents and Settings\clientuser>ssh -vvv -p 2222 [email protected]
OpenSSH_5.1p1, OpenSSL 0.9.8k 25 Mar 2009
debug2: ssh_connect: needpriv 0
debug1: Connecting to server.com port 2222.
debug1: Connection established.
debug1: identity file /cygdrive/c/Documents and Settings/clientuser/.ssh/identity type -1
debug3: Not a RSA1 key file /cygdrive/c/Documents and Settings/clientuser/.ssh/
id_rsa.
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug3: key_read: missing keytype
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug2: key_type_from_name: unknown key type '-----END'
debug3: key_read: missing keytype
debug1: identity file /cygdrive/c/Documents and Settings/clientuser/.ssh/id_rsa
type 1
debug1: identity file /cygdrive/c/Documents and Settings/clientuser/.ssh/id_dsa
type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.8p1 Debia
n-7ubuntu1
debug1: match: OpenSSH_5.8p1 Debian-7ubuntu1 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.1
debug2: fd 3 setting O_NONBLOCK
debug1: SSH2_MSG_KEXINIT sent
Read from socket failed: Connection reset by peer
I verified that the permissions on authorized_keys, .ssh etc on host are correct. I regenerated host keys to get around the 'Could not load host keys' and restarted ssh services, but problem persists. Any suggestions on what could be wrong? The host private keys are unable to load because they are owned by 'root' user. Changing their permissions to anything other than mode 600 is not allowed. I am stuck at this point.. please help! Appreciate it!
Upvotes: 5
Views: 4028
Answers (1)
Kimvais
Reputation: 39608
You need to run the SSH server as root sudo /usr/sbin/sshd in order to read the server's private key.
Upvotes: 1
Related Questions
- SSH Handshake complains about missing host key
- SSH auth fails with "Host key verification failed" despite providing valid keys
- Can't perform no password authentication ssh
- ssh passwordless login fails with permission denied (publickey)
- SSH keys setup but still asking for password (but not for 2nd, 3rd, etc. sessions)
- ssh key passwordless using bash
- SSH login between servers still asking for password, why?
- Setting up passwordless authentication from one host to another
- ssh still asking for password