Re: Updating from 6.6 - 6.9 SSH

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



And Server?

- Ben

Nick Stanoszek wrote:
Please see below :). Just a note---this is the EXACT command that I use to log into the server BEFORE i try to update SSH. I continue to use this same command for other servers.

Nicks-MacBook-Pro:Downloads$ ssh -i WHATEVERKEY.pem ubuntu@54.200.249.185 <mailto:ubuntu@54.200.249.185> -v -v -v -v

OpenSSH_6.2p2, OSSLShim 0.9.8r 8 Dec 2011

debug1: Reading configuration data /etc/ssh_config

debug1: /etc/ssh_config line 20: Applying options for *

debug2: ssh_connect: needpriv 0

debug1: Connecting to 54.200.249.185 [54.200.249.185] port 22.

debug1: Connection established.

debug3: Incorrect RSA1 identifier

debug3: Could not load "Payr-SimplicityPOSKey.pem" as a RSA1 public key

debug1: identity file Payr-SimplicityPOSKey.pem type -1

debug1: identity file Payr-SimplicityPOSKey.pem-cert type -1

debug1: Enabling compatibility mode for protocol 2.0

debug1: Local version string SSH-2.0-OpenSSH_6.2

debug1: Remote protocol version 2.0, remote software version OpenSSH_6.9

debug1: match: OpenSSH_6.9 pat OpenSSH*

debug2: fd 3 setting O_NONBLOCK

debug3: load_hostkeys: loading entries for host "54.200.249.185" from file "/Users/nickstanoszek/.ssh/known_hosts"

debug3: load_hostkeys: found key type RSA in file /Users/nickstanoszek/.ssh/known_hosts:55

debug3: load_hostkeys: loaded 1 keys

debug3: order_hostkeyalgs: prefer hostkeyalgs: ssh-rsa-cert-v01@xxxxxxxxxxx <mailto:ssh-rsa-cert-v01@xxxxxxxxxxx>,ssh-rsa-cert-v00@xxxxxxxxxxx <mailto:ssh-rsa-cert-v00@xxxxxxxxxxx>,ssh-rsa

debug1: SSH2_MSG_KEXINIT sent

debug1: SSH2_MSG_KEXINIT received

debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1

debug2: kex_parse_kexinit: ssh-rsa-cert-v01@xxxxxxxxxxx <mailto:ssh-rsa-cert-v01@xxxxxxxxxxx>,ssh-rsa-cert-v00@xxxxxxxxxxx <mailto:ssh-rsa-cert-v00@xxxxxxxxxxx>,ssh-rsa,ssh-dss-cert-v01@xxxxxxxxxxx <mailto:ssh-dss-cert-v01@xxxxxxxxxxx>,ssh-dss-cert-v00@xxxxxxxxxxx <mailto:ssh-dss-cert-v00@xxxxxxxxxxx>,ssh-dss

debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-gcm@xxxxxxxxxxx <mailto:aes128-gcm@xxxxxxxxxxx>,aes256-gcm@xxxxxxxxxxx <mailto:aes256-gcm@xxxxxxxxxxx>,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@xxxxxxxxxxxxxx <mailto:rijndael-cbc@xxxxxxxxxxxxxx>

debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-gcm@xxxxxxxxxxx <mailto:aes128-gcm@xxxxxxxxxxx>,aes256-gcm@xxxxxxxxxxx <mailto:aes256-gcm@xxxxxxxxxxx>,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@xxxxxxxxxxxxxx <mailto:rijndael-cbc@xxxxxxxxxxxxxx>

debug2: kex_parse_kexinit: hmac-md5-etm@xxxxxxxxxxx <mailto:hmac-md5-etm@xxxxxxxxxxx>,hmac-sha1-etm@xxxxxxxxxxx <mailto:hmac-sha1-etm@xxxxxxxxxxx>,umac-64-etm@xxxxxxxxxxx <mailto:umac-64-etm@xxxxxxxxxxx>,umac-128-etm@xxxxxxxxxxx <mailto:umac-128-etm@xxxxxxxxxxx>,hmac-sha2-256-etm@xxxxxxxxxxx <mailto:hmac-sha2-256-etm@xxxxxxxxxxx>,hmac-sha2-512-etm@xxxxxxxxxxx <mailto:hmac-sha2-512-etm@xxxxxxxxxxx>,hmac-ripemd160-etm@xxxxxxxxxxx <mailto:hmac-ripemd160-etm@xxxxxxxxxxx>,hmac-sha1-96-etm@xxxxxxxxxxx <mailto:hmac-sha1-96-etm@xxxxxxxxxxx>,hmac-md5-96-etm@xxxxxxxxxxx <mailto:hmac-md5-96-etm@xxxxxxxxxxx>,hmac-md5,hmac-sha1,umac-64@xxxxxxxxxxx <mailto:umac-64@xxxxxxxxxxx>,umac-128@xxxxxxxxxxx <mailto:umac-128@xxxxxxxxxxx>,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@xxxxxxxxxxx <mailto:hmac-ripemd160@xxxxxxxxxxx>,hmac-sha1-96,hmac-md5-96

debug2: kex_parse_kexinit: hmac-md5-etm@xxxxxxxxxxx <mailto:hmac-md5-etm@xxxxxxxxxxx>,hmac-sha1-etm@xxxxxxxxxxx <mailto:hmac-sha1-etm@xxxxxxxxxxx>,umac-64-etm@xxxxxxxxxxx <mailto:umac-64-etm@xxxxxxxxxxx>,umac-128-etm@xxxxxxxxxxx <mailto:umac-128-etm@xxxxxxxxxxx>,hmac-sha2-256-etm@xxxxxxxxxxx <mailto:hmac-sha2-256-etm@xxxxxxxxxxx>,hmac-sha2-512-etm@xxxxxxxxxxx <mailto:hmac-sha2-512-etm@xxxxxxxxxxx>,hmac-ripemd160-etm@xxxxxxxxxxx <mailto:hmac-ripemd160-etm@xxxxxxxxxxx>,hmac-sha1-96-etm@xxxxxxxxxxx <mailto:hmac-sha1-96-etm@xxxxxxxxxxx>,hmac-md5-96-etm@xxxxxxxxxxx <mailto:hmac-md5-96-etm@xxxxxxxxxxx>,hmac-md5,hmac-sha1,umac-64@xxxxxxxxxxx <mailto:umac-64@xxxxxxxxxxx>,umac-128@xxxxxxxxxxx <mailto:umac-128@xxxxxxxxxxx>,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@xxxxxxxxxxx <mailto:hmac-ripemd160@xxxxxxxxxxx>,hmac-sha1-96,hmac-md5-96

debug2: kex_parse_kexinit: none,zlib@xxxxxxxxxxx <mailto:zlib@xxxxxxxxxxx>,zlib

debug2: kex_parse_kexinit: none,zlib@xxxxxxxxxxx <mailto:zlib@xxxxxxxxxxx>,zlib

debug2: kex_parse_kexinit:

debug2: kex_parse_kexinit:

debug2: kex_parse_kexinit: first_kex_follows 0

debug2: kex_parse_kexinit: reserved 0

debug2: kex_parse_kexinit: curve25519-sha256@xxxxxxxxxx <mailto:curve25519-sha256@xxxxxxxxxx>,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1

debug2: kex_parse_kexinit: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ssh-ed25519

debug2: kex_parse_kexinit: chacha20-poly1305@xxxxxxxxxxx <mailto:chacha20-poly1305@xxxxxxxxxxx>,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@xxxxxxxxxxx <mailto:aes128-gcm@xxxxxxxxxxx>,aes256-gcm@xxxxxxxxxxx <mailto:aes256-gcm@xxxxxxxxxxx>

debug2: kex_parse_kexinit: chacha20-poly1305@xxxxxxxxxxx <mailto:chacha20-poly1305@xxxxxxxxxxx>,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@xxxxxxxxxxx <mailto:aes128-gcm@xxxxxxxxxxx>,aes256-gcm@xxxxxxxxxxx <mailto:aes256-gcm@xxxxxxxxxxx>

debug2: kex_parse_kexinit: umac-64-etm@xxxxxxxxxxx <mailto:umac-64-etm@xxxxxxxxxxx>,umac-128-etm@xxxxxxxxxxx <mailto:umac-128-etm@xxxxxxxxxxx>,hmac-sha2-256-etm@xxxxxxxxxxx <mailto:hmac-sha2-256-etm@xxxxxxxxxxx>,hmac-sha2-512-etm@xxxxxxxxxxx <mailto:hmac-sha2-512-etm@xxxxxxxxxxx>,hmac-sha1-etm@xxxxxxxxxxx <mailto:hmac-sha1-etm@xxxxxxxxxxx>,umac-64@xxxxxxxxxxx <mailto:umac-64@xxxxxxxxxxx>,umac-128@xxxxxxxxxxx <mailto:umac-128@xxxxxxxxxxx>,hmac-sha2-256,hmac-sha2-512,hmac-sha1

debug2: kex_parse_kexinit: umac-64-etm@xxxxxxxxxxx <mailto:umac-64-etm@xxxxxxxxxxx>,umac-128-etm@xxxxxxxxxxx <mailto:umac-128-etm@xxxxxxxxxxx>,hmac-sha2-256-etm@xxxxxxxxxxx <mailto:hmac-sha2-256-etm@xxxxxxxxxxx>,hmac-sha2-512-etm@xxxxxxxxxxx <mailto:hmac-sha2-512-etm@xxxxxxxxxxx>,hmac-sha1-etm@xxxxxxxxxxx <mailto:hmac-sha1-etm@xxxxxxxxxxx>,umac-64@xxxxxxxxxxx <mailto:umac-64@xxxxxxxxxxx>,umac-128@xxxxxxxxxxx <mailto:umac-128@xxxxxxxxxxx>,hmac-sha2-256,hmac-sha2-512,hmac-sha1

debug2: kex_parse_kexinit: none,zlib@xxxxxxxxxxx <mailto:zlib@xxxxxxxxxxx>

debug2: kex_parse_kexinit: none,zlib@xxxxxxxxxxx <mailto:zlib@xxxxxxxxxxx>

debug2: kex_parse_kexinit:

debug2: kex_parse_kexinit:

debug2: kex_parse_kexinit: first_kex_follows 0

debug2: kex_parse_kexinit: reserved 0

debug2: mac_setup: found hmac-sha1-etm@xxxxxxxxxxx <mailto:hmac-sha1-etm@xxxxxxxxxxx>

debug1: kex: server->client aes128-ctr hmac-sha1-etm@xxxxxxxxxxx <mailto:hmac-sha1-etm@xxxxxxxxxxx> none

debug2: mac_setup: found hmac-sha1-etm@xxxxxxxxxxx <mailto:hmac-sha1-etm@xxxxxxxxxxx>

debug1: kex: client->server aes128-ctr hmac-sha1-etm@xxxxxxxxxxx <mailto:hmac-sha1-etm@xxxxxxxxxxx> none

debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<2048<8192) sent

debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP

debug2: dh_gen_key: priv key bits set: 163/320

debug2: bits set: 1029/2048

debug1: SSH2_MSG_KEX_DH_GEX_INIT sent

debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY

debug1: Server host key: RSA e1:c5:21:7f:b0:88:7d:9f:b6:e1:de:a4:bc:b5:7a:c0

debug3: load_hostkeys: loading entries for host "54.200.249.185" from file "/Users/nickstanoszek/.ssh/known_hosts"

debug3: load_hostkeys: found key type RSA in file /Users/nickstanoszek/.ssh/known_hosts:55

debug3: load_hostkeys: loaded 1 keys

debug1: Host '54.200.249.185' is known and matches the RSA host key.

debug1: Found key in /Users/nickstanoszek/.ssh/known_hosts:55

debug2: bits set: 1020/2048

debug1: ssh_rsa_verify: signature correct

debug2: kex_derive_keys

debug2: set_newkeys: mode 1

debug1: SSH2_MSG_NEWKEYS sent

debug1: expecting SSH2_MSG_NEWKEYS

debug2: set_newkeys: mode 0

debug1: SSH2_MSG_NEWKEYS received

debug1: Roaming not allowed by server

debug1: SSH2_MSG_SERVICE_REQUEST sent

debug2: service_accept: ssh-userauth

debug1: SSH2_MSG_SERVICE_ACCEPT received

debug2: key: Payr-SimplicityPOSKey.pem (0x0), explicit

debug1: Authentications that can continue: publickey

debug3: start over, passed a different list publickey

debug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password

debug3: authmethod_lookup publickey

debug3: remaining preferred: keyboard-interactive,password

debug3: authmethod_is_enabled publickey

debug1: Next authentication method: publickey

debug1: Trying private key: Payr-SimplicityPOSKey.pem

debug1: read PEM private key done: type RSA

debug3: sign_and_send_pubkey: RSA c6:7b:f7:0f:0e:78:23:83:5a:c8:10:6e:b4:19:f5:97

debug2: we sent a publickey packet, wait for reply

debug1: Authentications that can continue: publickey

debug2: we did not send a packet, disable method

debug1: No more authentication methods to try.

Permission denied (publickey).


On Tue, Jul 28, 2015 at 9:55 PM, Ben Lindstrom <mouring@xxxxxxxxxxxxx <mailto:mouring@xxxxxxxxxxxxx>> wrote:


    Sorry that isn't really useful.  You may need to provide the ssh
    -vvv and sshd -ddd outputs on the client and server respectively
    to determine what is going on.

    Normally public key errors means that permissions are wrong on the
    key material or the directory leading to the key material in the
    user's home directory.

    - Ben

    Nick Stanoszek wrote:
    My apologies Darren,

    The error i get is a "PUBLICKEY" error as noted previously.

    Nicks-MacBook-Pro:Downloads$ ssh -i WHATEVERKEY.pem ubuntu@IPADDRESS

    Permission denied (publickey).

    Nicks-MacBook-Pro:Downloads$


    I followed the directions as noted in the previous email to a T.  Just
    copied and pasted---and used v6.9 ssh (which is the latest).  What other
    info do you need?


    Thanks

    Nick




    On Tue, Jul 28, 2015 at 7:19 PM, Darren Tucker<dtucker@xxxxxxxxxx>  <mailto:dtucker@xxxxxxxxxx>  wrote:

    On Wed, Jul 29, 2015 at 12:06 AM, Nick Stanoszek<nstanoszek@xxxxxxxxx>  <mailto:nstanoszek@xxxxxxxxx>
    wrote:

    Hi again,

    I ran the commands exactly.  I see that some keys are not overwritten and
    skipped---but some are still created.

    You may be able to see that, but we can't unless you show us what it said,
    and you didn't.

    I just tried again...and still get an error.
    quoting from my previous response: "Exactly what error?"


    Thoughts to prevent it from overwriting my keys?

    You have not provided sufficient information to do anything more that
    guess, and I've already done that.

    --
    Darren Tucker (dtucker atzip.com.au  <http://zip.com.au>)
    GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
         Good judgement comes with experience. Unfortunately, the experience
    usually comes from bad judgement.

    _______________________________________________
    openssh-unix-dev mailing list
    openssh-unix-dev@xxxxxxxxxxx  <mailto:openssh-unix-dev@xxxxxxxxxxx>
    https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev



_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev



[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux