Please see below :). Just a note---this is the EXACT command
that I use to log into the server BEFORE i try to update SSH. I
continue to use this same command for other servers.
Nicks-MacBook-Pro:Downloads$ ssh -i WHATEVERKEY.pem
ubuntu@54.200.249.185 <mailto:ubuntu@54.200.249.185> -v -v -v -v
OpenSSH_6.2p2, OSSLShim 0.9.8r 8 Dec 2011
debug1: Reading configuration data /etc/ssh_config
debug1: /etc/ssh_config line 20: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to 54.200.249.185 [54.200.249.185] port 22.
debug1: Connection established.
debug3: Incorrect RSA1 identifier
debug3: Could not load "Payr-SimplicityPOSKey.pem" as a RSA1
public key
debug1: identity file Payr-SimplicityPOSKey.pem type -1
debug1: identity file Payr-SimplicityPOSKey.pem-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.2
debug1: Remote protocol version 2.0, remote software version
OpenSSH_6.9
debug1: match: OpenSSH_6.9 pat OpenSSH*
debug2: fd 3 setting O_NONBLOCK
debug3: load_hostkeys: loading entries for host "54.200.249.185"
from file "/Users/nickstanoszek/.ssh/known_hosts"
debug3: load_hostkeys: found key type RSA in file
/Users/nickstanoszek/.ssh/known_hosts:55
debug3: load_hostkeys: loaded 1 keys
debug3: order_hostkeyalgs: prefer hostkeyalgs:
ssh-rsa-cert-v01@xxxxxxxxxxx
<mailto:ssh-rsa-cert-v01@xxxxxxxxxxx>,ssh-rsa-cert-v00@xxxxxxxxxxx <mailto:ssh-rsa-cert-v00@xxxxxxxxxxx>,ssh-rsa
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit:
diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa-cert-v01@xxxxxxxxxxx
<mailto:ssh-rsa-cert-v01@xxxxxxxxxxx>,ssh-rsa-cert-v00@xxxxxxxxxxx <mailto:ssh-rsa-cert-v00@xxxxxxxxxxx>,ssh-rsa,ssh-dss-cert-v01@xxxxxxxxxxx
<mailto:ssh-dss-cert-v01@xxxxxxxxxxx>,ssh-dss-cert-v00@xxxxxxxxxxx <mailto:ssh-dss-cert-v00@xxxxxxxxxxx>,ssh-dss
debug2: kex_parse_kexinit:
aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-gcm@xxxxxxxxxxx
<mailto:aes128-gcm@xxxxxxxxxxx>,aes256-gcm@xxxxxxxxxxx
<mailto:aes256-gcm@xxxxxxxxxxx>,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@xxxxxxxxxxxxxx
<mailto:rijndael-cbc@xxxxxxxxxxxxxx>
debug2: kex_parse_kexinit:
aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-gcm@xxxxxxxxxxx
<mailto:aes128-gcm@xxxxxxxxxxx>,aes256-gcm@xxxxxxxxxxx
<mailto:aes256-gcm@xxxxxxxxxxx>,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@xxxxxxxxxxxxxx
<mailto:rijndael-cbc@xxxxxxxxxxxxxx>
debug2: kex_parse_kexinit: hmac-md5-etm@xxxxxxxxxxx
<mailto:hmac-md5-etm@xxxxxxxxxxx>,hmac-sha1-etm@xxxxxxxxxxx
<mailto:hmac-sha1-etm@xxxxxxxxxxx>,umac-64-etm@xxxxxxxxxxx
<mailto:umac-64-etm@xxxxxxxxxxx>,umac-128-etm@xxxxxxxxxxx
<mailto:umac-128-etm@xxxxxxxxxxx>,hmac-sha2-256-etm@xxxxxxxxxxx
<mailto:hmac-sha2-256-etm@xxxxxxxxxxx>,hmac-sha2-512-etm@xxxxxxxxxxx
<mailto:hmac-sha2-512-etm@xxxxxxxxxxx>,hmac-ripemd160-etm@xxxxxxxxxxx
<mailto:hmac-ripemd160-etm@xxxxxxxxxxx>,hmac-sha1-96-etm@xxxxxxxxxxx
<mailto:hmac-sha1-96-etm@xxxxxxxxxxx>,hmac-md5-96-etm@xxxxxxxxxxx
<mailto:hmac-md5-96-etm@xxxxxxxxxxx>,hmac-md5,hmac-sha1,umac-64@xxxxxxxxxxx
<mailto:umac-64@xxxxxxxxxxx>,umac-128@xxxxxxxxxxx
<mailto:umac-128@xxxxxxxxxxx>,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@xxxxxxxxxxx
<mailto:hmac-ripemd160@xxxxxxxxxxx>,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5-etm@xxxxxxxxxxx
<mailto:hmac-md5-etm@xxxxxxxxxxx>,hmac-sha1-etm@xxxxxxxxxxx
<mailto:hmac-sha1-etm@xxxxxxxxxxx>,umac-64-etm@xxxxxxxxxxx
<mailto:umac-64-etm@xxxxxxxxxxx>,umac-128-etm@xxxxxxxxxxx
<mailto:umac-128-etm@xxxxxxxxxxx>,hmac-sha2-256-etm@xxxxxxxxxxx
<mailto:hmac-sha2-256-etm@xxxxxxxxxxx>,hmac-sha2-512-etm@xxxxxxxxxxx
<mailto:hmac-sha2-512-etm@xxxxxxxxxxx>,hmac-ripemd160-etm@xxxxxxxxxxx
<mailto:hmac-ripemd160-etm@xxxxxxxxxxx>,hmac-sha1-96-etm@xxxxxxxxxxx
<mailto:hmac-sha1-96-etm@xxxxxxxxxxx>,hmac-md5-96-etm@xxxxxxxxxxx
<mailto:hmac-md5-96-etm@xxxxxxxxxxx>,hmac-md5,hmac-sha1,umac-64@xxxxxxxxxxx
<mailto:umac-64@xxxxxxxxxxx>,umac-128@xxxxxxxxxxx
<mailto:umac-128@xxxxxxxxxxx>,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@xxxxxxxxxxx
<mailto:hmac-ripemd160@xxxxxxxxxxx>,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib@xxxxxxxxxxx
<mailto:zlib@xxxxxxxxxxx>,zlib
debug2: kex_parse_kexinit: none,zlib@xxxxxxxxxxx
<mailto:zlib@xxxxxxxxxxx>,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: curve25519-sha256@xxxxxxxxxx
<mailto:curve25519-sha256@xxxxxxxxxx>,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha1
debug2: kex_parse_kexinit:
ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ssh-ed25519
debug2: kex_parse_kexinit: chacha20-poly1305@xxxxxxxxxxx
<mailto:chacha20-poly1305@xxxxxxxxxxx>,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@xxxxxxxxxxx
<mailto:aes128-gcm@xxxxxxxxxxx>,aes256-gcm@xxxxxxxxxxx
<mailto:aes256-gcm@xxxxxxxxxxx>
debug2: kex_parse_kexinit: chacha20-poly1305@xxxxxxxxxxx
<mailto:chacha20-poly1305@xxxxxxxxxxx>,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@xxxxxxxxxxx
<mailto:aes128-gcm@xxxxxxxxxxx>,aes256-gcm@xxxxxxxxxxx
<mailto:aes256-gcm@xxxxxxxxxxx>
debug2: kex_parse_kexinit: umac-64-etm@xxxxxxxxxxx
<mailto:umac-64-etm@xxxxxxxxxxx>,umac-128-etm@xxxxxxxxxxx
<mailto:umac-128-etm@xxxxxxxxxxx>,hmac-sha2-256-etm@xxxxxxxxxxx
<mailto:hmac-sha2-256-etm@xxxxxxxxxxx>,hmac-sha2-512-etm@xxxxxxxxxxx
<mailto:hmac-sha2-512-etm@xxxxxxxxxxx>,hmac-sha1-etm@xxxxxxxxxxx
<mailto:hmac-sha1-etm@xxxxxxxxxxx>,umac-64@xxxxxxxxxxx
<mailto:umac-64@xxxxxxxxxxx>,umac-128@xxxxxxxxxxx
<mailto:umac-128@xxxxxxxxxxx>,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: kex_parse_kexinit: umac-64-etm@xxxxxxxxxxx
<mailto:umac-64-etm@xxxxxxxxxxx>,umac-128-etm@xxxxxxxxxxx
<mailto:umac-128-etm@xxxxxxxxxxx>,hmac-sha2-256-etm@xxxxxxxxxxx
<mailto:hmac-sha2-256-etm@xxxxxxxxxxx>,hmac-sha2-512-etm@xxxxxxxxxxx
<mailto:hmac-sha2-512-etm@xxxxxxxxxxx>,hmac-sha1-etm@xxxxxxxxxxx
<mailto:hmac-sha1-etm@xxxxxxxxxxx>,umac-64@xxxxxxxxxxx
<mailto:umac-64@xxxxxxxxxxx>,umac-128@xxxxxxxxxxx
<mailto:umac-128@xxxxxxxxxxx>,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: kex_parse_kexinit: none,zlib@xxxxxxxxxxx
<mailto:zlib@xxxxxxxxxxx>
debug2: kex_parse_kexinit: none,zlib@xxxxxxxxxxx
<mailto:zlib@xxxxxxxxxxx>
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_setup: found hmac-sha1-etm@xxxxxxxxxxx
<mailto:hmac-sha1-etm@xxxxxxxxxxx>
debug1: kex: server->client aes128-ctr hmac-sha1-etm@xxxxxxxxxxx
<mailto:hmac-sha1-etm@xxxxxxxxxxx> none
debug2: mac_setup: found hmac-sha1-etm@xxxxxxxxxxx
<mailto:hmac-sha1-etm@xxxxxxxxxxx>
debug1: kex: client->server aes128-ctr hmac-sha1-etm@xxxxxxxxxxx
<mailto:hmac-sha1-etm@xxxxxxxxxxx> none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<2048<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug2: dh_gen_key: priv key bits set: 163/320
debug2: bits set: 1029/2048
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: RSA
e1:c5:21:7f:b0:88:7d:9f:b6:e1:de:a4:bc:b5:7a:c0
debug3: load_hostkeys: loading entries for host "54.200.249.185"
from file "/Users/nickstanoszek/.ssh/known_hosts"
debug3: load_hostkeys: found key type RSA in file
/Users/nickstanoszek/.ssh/known_hosts:55
debug3: load_hostkeys: loaded 1 keys
debug1: Host '54.200.249.185' is known and matches the RSA host key.
debug1: Found key in /Users/nickstanoszek/.ssh/known_hosts:55
debug2: bits set: 1020/2048
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: Payr-SimplicityPOSKey.pem (0x0), explicit
debug1: Authentications that can continue: publickey
debug3: start over, passed a different list publickey
debug3: preferred
gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Trying private key: Payr-SimplicityPOSKey.pem
debug1: read PEM private key done: type RSA
debug3: sign_and_send_pubkey: RSA
c6:7b:f7:0f:0e:78:23:83:5a:c8:10:6e:b4:19:f5:97
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
Permission denied (publickey).
On Tue, Jul 28, 2015 at 9:55 PM, Ben Lindstrom
<mouring@xxxxxxxxxxxxx <mailto:mouring@xxxxxxxxxxxxx>> wrote:
Sorry that isn't really useful. You may need to provide the
ssh -vvv and sshd -ddd outputs on the client and server
respectively to determine what is going on.
Normally public key errors means that permissions are wrong
on the key material or the directory leading to the key
material in the user's home directory.
- Ben
Nick Stanoszek wrote:
My apologies Darren,
The error i get is a "PUBLICKEY" error as noted previously.
Nicks-MacBook-Pro:Downloads$ ssh -i WHATEVERKEY.pem ubuntu@IPADDRESS
Permission denied (publickey).
Nicks-MacBook-Pro:Downloads$
I followed the directions as noted in the previous email to a T. Just
copied and pasted---and used v6.9 ssh (which is the latest). What other
info do you need?
Thanks
Nick
On Tue, Jul 28, 2015 at 7:19 PM, Darren Tucker<dtucker@xxxxxxxxxx> <mailto:dtucker@xxxxxxxxxx> wrote:
On Wed, Jul 29, 2015 at 12:06 AM, Nick Stanoszek<nstanoszek@xxxxxxxxx> <mailto:nstanoszek@xxxxxxxxx>
wrote:
Hi again,
I ran the commands exactly. I see that some keys are not overwritten and
skipped---but some are still created.
You may be able to see that, but we can't unless you show us what it said,
and you didn't.
I just tried again...and still get an error.
quoting from my previous response: "Exactly what error?"
Thoughts to prevent it from overwriting my keys?
You have not provided sufficient information to do anything more that
guess, and I've already done that.
--
Darren Tucker (dtucker atzip.com.au <http://zip.com.au>)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx <mailto:openssh-unix-dev@xxxxxxxxxxx>
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
