quite OT

Jan Stary hans at stare.cz
Thu Sep 6 06:47:39 UTC 2018


On Sep 06 11:40:41, jam at tigger.ws wrote:
> > What is the difference between what this server says in the logs,
> > and what the previous server says in the logs?
> 
> I was able to do password-less login to another High Sierra machine
> exactly as you would expect !!!

Yes, we already know that.

What we don't know is why it doesn't work on this one machine.

> My only hint on my desktop machine is this

"Desktop machine"? This is a log from "haycorn",
which previously was the sshd _server_, right?

> system.log:Sep  6 10:09:27 haycorn com.apple.xpc.launchd[1] (com.openssh.sshd.D2A41AA4-87E8-4832-8745-93B2D3AD3796[580]): Service exited with abnormal code: 255

This is system.log, saying that the sshd launched by launchd exoted with 255.
Show us the sshd log itself, as verbose as possible, which says what failed.

> As promised I’ll stop abusing the list,
> port openssh behaves exactly as the built in server.

No. The oepnssh port is linked (by default) with OpenSSL.
The built in OpenSSH suite uses the system LibreSSL.

> ….from my desktop to a mac that does accept passwd-less

[A successful login to yet another machine not mentioned before.]

> from that machine back to me

Aaaargh. Another login of a different user,
with a different key, from a different machine.

Can you stick to the one failing case?
You are making it quite hard to help you.

> debug2: key: /Users/mary/.ssh/id_rsa (0x7f9cffd16f40)
> debug2: key: /Users/mary/.ssh/id_dsa (0x0)
> debug2: key: /Users/mary/.ssh/id_ecdsa (0x0)
> debug2: key: /Users/mary/.ssh/id_ed25519 (0x0)
> debug3: send packet: type 5
> debug3: receive packet: type 7
> debug1: SSH2_MSG_EXT_INFO received
> debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521>
> debug3: receive packet: type 6
> debug2: service_accept: ssh-userauth
> debug1: SSH2_MSG_SERVICE_ACCEPT received
> debug3: send packet: type 50
> debug3: receive packet: type 51

Is this the "error 51" you mentioned before?

What exactly is the chmod of the $HOME, $HOME/.ssh/ and
$HOME/.ssh/authorized_keys of the target user on the remote side?

	Jan

> debug1: Authentications that can continue: publickey,password,keyboard-interactive
> debug3: start over, passed a different list publickey,password,keyboard-interactive
> debug3: preferred publickey,keyboard-interactive,password
> debug3: authmethod_lookup publickey
> debug3: remaining preferred: keyboard-interactive,password
> debug3: authmethod_is_enabled publickey
> debug1: Next authentication method: publickey
> debug1: Offering RSA public key: /Users/mary/.ssh/id_rsa
> debug3: send_pubkey_test
> debug3: send packet: type 50
> debug2: we sent a publickey packet, wait for reply
> debug3: receive packet: type 51
> debug1: Authentications that can continue: publickey,password,keyboard-interactive
> debug1: Trying private key: /Users/mary/.ssh/id_dsa
> debug3: no such identity: /Users/mary/.ssh/id_dsa: No such file or directory
> debug1: Trying private key: /Users/mary/.ssh/id_ecdsa
> debug3: no such identity: /Users/mary/.ssh/id_ecdsa: No such file or directory
> debug1: Trying private key: /Users/mary/.ssh/id_ed25519
> debug3: no such identity: /Users/mary/.ssh/id_ed25519: No such file or directory
> debug2: we did not send a packet, disable method
> debug3: authmethod_lookup keyboard-interactive
> debug3: remaining preferred: password
> debug3: authmethod_is_enabled keyboard-interactive
> debug1: Next authentication method: keyboard-interactive
> debug2: userauth_kbdint
> debug3: send packet: type 50
> debug2: we sent a keyboard-interactive packet, wait for reply
> debug3: receive packet: type 60
> debug2: input_userauth_info_req
> debug2: input_userauth_info_req: num_prompts 1
> Password:
> 
> 


More information about the macports-users mailing list