[CentOS] can't ssh into C7 host

Sun Jul 19 01:56:53 UTC 2015
Alexander Dalloz <ad+lists at uni-x.org>

Am 19.07.2015 um 01:58 schrieb Tim Dunphy:
> hey guys,
>
> Yesterday I had no trouble loggging into this database host. But today for
> some reason I can't log in using my RSA key and password authentication
> doesn't work either.
>
> I am able to log onto the host via console. And I was able to grab the ssh
> config file. Here it is:
>
> [root at db1 ~]# grep -v '#' /etc/ssh/sshd_config  |sed '/^\s*$/d'

egrep -v '^#|^$' /etc/ssh/sshd_config

would be straighter.

> HostKey /etc/ssh/ssh_host_rsa_key
> HostKey /etc/ssh/ssh_host_ecdsa_key
> SyslogFacility AUTHPRIV
> AuthorizedKeysFile .ssh/authorized_keys
> PasswordAuthentication yes
> ChallengeResponseAuthentication no
> GSSAPIAuthentication yes
> GSSAPICleanupCredentials yes
>
> So I performed a verbose ssh login, and this is what I saw:
>
>
> #ssh -vvv bluethundr at db1.example.com
>
> OpenSSH_6.2p2, OSSLShim 0.9.8r 8 Dec 2011
>
> debug1: Reading configuration data /Users/MyUser/.ssh/config

Odd path.

> debug1: /Users/MyUser/.ssh/config line 4: Skipping Host block because of
> negated match for *.example.com
>
> debug1: Reading configuration data /etc/ssh_config
>
> debug1: /etc/ssh_config line 20: Applying options for *
>
> debug2: ssh_connect: needpriv 0
>
> debug1: Connecting to db1.example.com [104.131.222.29] port 22.
>
> debug1: Connection established.
>
> debug3: Incorrect RSA1 identifier
>
> debug3: Could not load "/Users/MyUser/.ssh/id_rsa" as a RSA1 public key

What's wrong there?

[ ... ]

> debug1: Local version string SSH-2.0-OpenSSH_6.2
>
> debug1: Remote protocol version 2.0, remote software version OpenSSH_6.7p1
> Debian-5
>
> debug1: match: OpenSSH_6.7p1 Debian-5 pat OpenSSH*

I don't see CentOS 7 involved here, neither local nor remote.

[ ... ]

> debug1: Offering RSA public key: /Users/MyUser/.ssh/id_rsa
>
> debug3: send_pubkey_test
>
> debug2: we sent a publickey packet, wait for reply
>
> debug1: Authentications that can continue: publickey,password
>
> debug1: Trying private key: /Users/MyUser/.ssh/id_dsa
>
> debug3: no such identity: /Users/MyUser/.ssh/id_dsa: No such file or
> directory
>
> debug2: we did not send a packet, disable method
>
> debug3: authmethod_lookup password
>
> debug3: remaining preferred: ,password
>
> debug3: authmethod_is_enabled password
>
> debug1: Next authentication method: password
>
> bluethundr at db1.example.com's password:
>
>
> Can anyone give me a heads up as to why this is failing?

Read the syslog() logfile of the SSH daemon logging. That should give 
you a hint.

> Thanks,
>
> Tim

Alexander