[OPEN] SSH public key auth fails from my Arco Linux SSH client

Post Reply
arcra
recruit crewman
Posts: 1
Joined: Mon Jan 11, 2021 1:14 pm

[OPEN] SSH public key auth fails from my Arco Linux SSH client

Post by arcra »

there are 2 local SSH clients (LinuxPC and MAC), a local Server "Banana"(bananapi@192.168.1.57) and a remote Server Uberspace(xxx@elst.uberspace.de)

I passed the public keys from the LinuxPC and the MAC to Banana via ssh-copy-id and to Uberspace using a web interface. ssh-copy-id from LinuxPC to Uberspace throws a "Network is unreachable".

Then I tried to connect to Banana and Uberspace via SSH key authentication with the following results:

LinuxPC -> Banana: not too bad falled back to Passwort auth, but anyway I could login with the password
LinuxPC -> Uberspace: nok connection refused/Network is unreachable

MAC -> Banana: ok with key auth
MAC -> Uberspace: ok with key auth

Also I could not connect to my GIT repo from LinuxPC

My Firewall ist off and LinuxPC and MAC are connected with the same Router (FritzBox). There are no specific settings in the Router so it should behave the same for LinuxPC and MAC.

Finally it seems that LinuxPC is not able to connect to SSH Servers via SSH public key authentication. And I have no idea, why. The ssh_config from LinuxPC is at the end of this text. Is there something missing or wrong. I have not changed the content.

Any hint or guidance would be great
thanks!

---
Details:

---------------------
LinuxPC -> Banana

[xxx@Linux-PC ~]$ ssh bananapi@192.168.1.57
Enter passphrase for key '/home/xxx/.ssh/id_rsa':
bananapi@192.168.1.57's password:
Linux BANANA 3.4.103 #1 SMP PREEMPT Thu Dec 18 13:07:12 CST 2014 armv7l

The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.

---
[xxx@Linux-PC pw]$ nc -vz 192.168.1.57 22
BANANA.fritz.box [192.168.1.57] 22 (ssh) open


---------------------
LinuxPC -> Uberspace

[xxx@Linux-PC ~]$ ssh -v xxx@ elst.uberspace.de
OpenSSH_8.4p1, OpenSSL 1.1.1i 8 Dec 2020
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Connecting to elst.uberspace.de [185.26.156.188] port 22.
debug1: connect to address 185.26.156.188 port 22: Connection refused
debug1: Connecting to elst.uberspace.de [2a00:d0c0:200:0:b9:1a:9c:8e] port 22.
debug1: connect to address 2a00:d0c0:200:0:b9:1a:9c:8e port 22: Network is unreachable
ssh: connect to host elst.uberspace.de port 22: Network is unreachable

---
[xxx@Linux-PC pw]$ nc -vz 95.143.172.245 22
vega.uberspace.de [95.143.172.245] 22 (ssh): Verbindungsaufbau abgelehnt
(means connection rejected)
---
[xxx@Linux-PC pw]$ nc -vz 185.26.156.188 22
elst.uberspace.de [185.26.156.188] 22 (ssh): Verbindungsaufbau abgelehnt
(means connection rejected)

---------------------
MAC -> BananaPi
MAC -> Uberspace

works fine with public key auth
I used the same commands I used on LinuxPC

---------------------
/etc/ssh/ssh_config
---------------------

# $OpenBSD: ssh_config,v 1.35 2020/07/17 03:43:42 dtucker Exp $

# This is the ssh client system-wide configuration file. See
# ssh_config(5) for more information. This file provides defaults for
# users, and the values can be changed in per-user configuration files
# or on the command line.

# Configuration data is parsed as follows:
# 1. command line options
# 2. user-specific file
# 3. system-wide file
# Any configuration value is only changed the first time it is set.
# Thus, host-specific definitions should be at the beginning of the
# configuration file, and defaults at the end.

# Site-wide defaults for some commonly used options. For a comprehensive
# list of available options, their meanings and defaults, please see the
# ssh_config(5) man page.

# Host *
# ForwardAgent no
# ForwardX11 no
# PasswordAuthentication yes
# HostbasedAuthentication no
# GSSAPIAuthentication no
# GSSAPIDelegateCredentials no
# BatchMode no
# CheckHostIP yes
# AddressFamily any
# ConnectTimeout 0
# StrictHostKeyChecking ask
# IdentityFile ~/.ssh/id_rsa
# IdentityFile ~/.ssh/id_dsa
# IdentityFile ~/.ssh/id_ecdsa
# IdentityFile ~/.ssh/id_ed25519
# Port 22
# Ciphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,3des-cbc
# MACs hmac-md5,hmac-sha1,umac-64@openssh.com
# EscapeChar ~
# Tunnel no
# TunnelDevice any:any
# PermitLocalCommand no
# VisualHostKey no
# ProxyCommand ssh -q -W %h:%p gateway.example.com
# RekeyLimit 1G 1h
# UserKnownHostsFile ~/.ssh/known_hosts.d/%k

User avatar
erikdubois
Captain
Posts: 3870
Joined: Tue Nov 07, 2017 3:45 pm
Location: Belgium
Contact:

Re: [OPEN] SSH public key auth fails from my Arco Linux SSH client

Post by erikdubois »

Do others have the knowledge of SSH?
Learn, have fun and enjoy.
But first use the power of the Arch Wiki
use the tutorials on https://www.youtube.com/erikdubois
then use the power of google
then use the power of our moderators.

Post Reply

Return to “Network”