This post is more than 5 years old
1 Rookie
•
106 Posts
0
2331
December 20th, 2019 18:00
Can not get pubkey ssh to work on a N1548
I have ssh enabled and can login with admin@switch using password just fine.
I created a ssh pubkey user/key (both with name "admin" and another name).
Both entries have my pubkey though.
When i try to login with "ssh -vvv admin@switch" i see this and still get prompted for the admin password though. Why? What else can i try?
The pubkey that is being sent over (RSA 10:43:c7:58:...) is the one that i have pasted in the web UI (and can see and confirm there). I have it added in the ssh-agent, thats why ssh doesnt find it on the disk.
...
debug1: Host 'mlmsw1-0' is known and matches the RSA host key.
debug1: Found key in /home/support/.ssh/known_hosts:674
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: .ssh/id_rsa (0x7ff7b8455360),
debug2: key: /home/support/.ssh/id_rsa ((nil)),
debug2: key: /home/support/.ssh/id_dsa ((nil)),
debug2: key: /home/support/.ssh/id_ecdsa ((nil)),
debug2: key: /home/support/.ssh/id_ed25519 ((nil)),
debug1: Authentications that can continue: publickey,password
debug3: start over, passed a different list publickey,password
debug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: .ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,password
debug1: Trying private key: /home/support/.ssh/id_rsa
debug1: key_parse_private2: missing begin marker
debug1: key_parse_private_pem: PEM_read_PrivateKey failed
debug1: read PEM private key done: type
Enter passphrase for key '/home/support/.ssh/id_rsa':
debug1: key_parse_private2: missing begin marker
debug1: read PEM private key done: type RSA
debug3: sign_and_send_pubkey: RSA 10:43:c7:58:dd:f2:2e:42:95:e7:8f:1d:3a:54:dc:59
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,password
debug1: Trying private key: /home/support/.ssh/id_dsa
debug3: no such identity: /home/support/.ssh/id_dsa: No such file or directory
debug1: Trying private key: /home/support/.ssh/id_ecdsa
debug3: no such identity: /home/support/.ssh/id_ecdsa: No such file or directory
debug1: Trying private key: /home/support/.ssh/id_ed25519
debug3: no such identity: /home/support/.ssh/id_ed25519: No such file or directory
debug2: we did not send a packet, disable method
debug3: authmethod_lookup password
debug3: remaining preferred: ,password
debug3: authmethod_is_enabled password
debug1: Next authentication method: password
admin@mlmsw1-0's password:
0 events found
Alexander-36725
1 Rookie
•
106 Posts
0
December 26th, 2019 15:00
Looks like i had simply not done this
# ip ssh pubkey-auth
But another question.
I can only have one single key for one (e.g. admin) account?
DELL-Josh Cr
Moderator
•
9.6K Posts
•
42.1K Points
0
December 23rd, 2019 07:00
Hi,
Try using crypto key zeroize pubkey-chain user and then creating the pubkey again. Page 1151 https://downloads.dell.com/manuals/common/n-series_cli_660_en-us.pdf
Alexander-36725
1 Rookie
•
106 Posts
0
December 26th, 2019 15:00
Hello!
I did
mlmsw1-0(config)#crypto key zeroize pubkey-chain ssh
Then i created a pubkey-user again and tried logging in.
It didnt help.
In the RAM Log i see this
DELL-Josh Cr
Moderator
•
9.6K Posts
•
42.1K Points
0
December 27th, 2019 09:00
Yes only one key per account.