David Dyer-Bennet
Patron
- Joined
- Jul 13, 2013
- Messages
- 286
I've been using public-key authentication routinely for a LONG time, from Windows and Solaris and Linux boxes to Solaris, Linux, and some FreeBSD boxes. Usually it's a snap to set up; the one difficult thing is figuring out what that particular distribution and sysadmin has required for protection on the home directory, .ssh directory, and authorized_keys file.
It looks like it should be a snap on FreeNas 9.2.1; I should be able to just paste the public key into the field in the user dialog box and save it, right? And when I do so, it appears in the .ssh/authorized_keys file where I expect. But it doesn't work. (And the .ssh directory protection looks wonky; it's group write, and while the group is the user's private group, most sshd installs refuse to tolerate that.)
SSH is on and working; I can ssh into the box as this user, by providing the password.
But when I try to SSH in using the key, it just prompts me for the password. The Putty log doesn't seem to show anything interesting, just that it didn't seem to see the key it could provide the password for. The auth.log file shows:
Apr 10 23:08:51 gw66 sshd[10893]: error: Received disconnect from 192.168.0.4: 13: Unable to authenticate [preauth]
Is there any kind of known trick to this? Maybe a FreeBSD thing, I haven't admined that before, just Linux and Solaris? Does FreeBSD need the same format for the public key that Linux does, or something different?
I've found a bunch of online stuff on this, but it's all people who eventually say that simple things I've already tried resolved their problem.
It looks like it should be a snap on FreeNas 9.2.1; I should be able to just paste the public key into the field in the user dialog box and save it, right? And when I do so, it appears in the .ssh/authorized_keys file where I expect. But it doesn't work. (And the .ssh directory protection looks wonky; it's group write, and while the group is the user's private group, most sshd installs refuse to tolerate that.)
SSH is on and working; I can ssh into the box as this user, by providing the password.
But when I try to SSH in using the key, it just prompts me for the password. The Putty log doesn't seem to show anything interesting, just that it didn't seem to see the key it could provide the password for. The auth.log file shows:
Apr 10 23:08:51 gw66 sshd[10893]: error: Received disconnect from 192.168.0.4: 13: Unable to authenticate [preauth]
Is there any kind of known trick to this? Maybe a FreeBSD thing, I haven't admined that before, just Linux and Solaris? Does FreeBSD need the same format for the public key that Linux does, or something different?
I've found a bunch of online stuff on this, but it's all people who eventually say that simple things I've already tried resolved their problem.