Skip to main content

Troubleshooting ssh connectivity issue using public/private key




We have a scenario in which our code is failing to establish ssh connection to an AIX host using public/private key. I took the following approach to perform the troubleshooting,

i. Our code uses JSCH library to establish the SSH connection. To make sure this is not an issue with jsch usage, I made sure the following
1) Public key - Made sure public key is configured in .ssh/authorized_keys file in the target host
2) Private key - Made sure we have the private key and setting it correctly in jsch library
ii. Next step is to see if we are able to connect using ssh tool from a linux machine. Following are the steps
1) Get the private key and create a file named 'privatekey'. Put the content of the private key in the file
2) Now connect to the target machine using ssh -v -i key user@hostname. If it doesn't work, then you can be sure that the problem is not with your code
iii. Next step is to run sshd in debug mode and then try to connect and analyze the debug logs to troubleshoot the issue. Follow the below steps
1) stopsrc -s sshd  -> To stop the sshd service
2) /usr/sbin/sshd -D -e -ddd > /tmp/sshd.log 2>&1  - To start the sshd in debug mode. Logs will get written to /tmp/sshd.log
3) Connect to the target host using ssh -v -i key user@hostname
4) Press CTRL + C to stop sshd in debug mode
5) startsrc -s sshd  - To start the sshd daemon
iv. Collect the logs and analyze and you should get some clue about what is going wrong

In my case, it is trying to get the public key from authorized_keys2 and as per the my google search this is deprecated log time back in early 2000. Now to figure out from where it is taking authorized_keys2
i. This information is available in the config file /etc/ssh/sshd_config and you need to look for the key "AuthorizedKeysFile". In my case this value is set to authorized_keys2 and after editing this value everything started working
Labels:

Comments

Post a Comment

Popular posts from this blog

Unicode and UTF8 Encoding

Unicode provides a unique number for every character, no matter what the platform, no matter what the program, no matter what the language. Unicode officially encodes 1,114,112 characters, from 0x000000 to 0x10FFFF. (The idea that Unicode is a 16-bit encoding is completely wrong.) For maximum compatibility, individual Unicode values are usually passed around as 32-bit integers (4 bytes per character), even though this is more than necessary. The consensus is that storing four bytes per character is wasteful, so a variety of representations have sprung up for Unicode characters. The most interesting one for C programmers is called UTF-8. UTF-8 is a "multi-byte" encoding scheme, meaning that it requires a variable number of bytes to represent a single Unicode value. Given a so-called "UTF-8 sequence", you can convert it to a Unicode value that refers to a character. http://www.cprogramming.com/tutorial/unicode.html There are 3 types of encoding in unicode, UT...
Post a Comment
Read more

Base64 Encoding

The base-64 encoding converts a series of arbitrary bytes into a longer sequence of common text characters that are all legal header field values. Base-64 encoding takes a sequence of 8-bit bytes, breaks the sequence into 6-bit pieces, and assigns each 6-bit piece to one of 64 characters comprising the base-64 alphabet. Base 64–encoded strings are about 33% larger than the original values. For example “Ow!” -> “T3ch” 1. The string “Ow!” is broken into 3 8-bit bytes (0x4F, 0x77, 0x21). 2. The 3 bytes create the 24-bit binary value 010011110111011100100001. 3. These bits are segmented into the 6-bit sequences 010011, 110111, 01110,100001.
Post a Comment
Read more

Docker in Linux

Docker Installation Need 64bit machine and follow the steps available in below link, https://docs.docker.com/installation/ubuntulinux/ What is Docker? Docker is a tool that promises to easily encapsulate the process of creating a distributable artifact for any application, deploying it at scale into any environment, and streamlining the workflow and responsiveness of agile software organizations. In a nutshell, here's what Docker can do for you: It can get more applications running on the same hardware than other technologies; it makes it easy for developers to quickly create, ready-to-run containered applications; and it makes managing and deploying applications much easier. Difference between hypervisor and containers The key difference between containers and VMs is that while the hypervisor abstracts an entire device, containers just abstract the operating system kernel. They are much more efficient than hypervisors in system resource terms. Instead of ...
Post a Comment
Read more