publickey authentication only works with existing ssh session

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Posted by aaron on Super User See other posts from Super User or by aaron
Published on 2011-01-16T16:18:51Z Indexed on 2011/01/16 16:55 UTC
Read the original article Hit count: 308

Filed under:
|
|

publickey authentication only works for me if I've already got one ssh session open.

I am trying to log into a host running Ubuntu 10.10 desktop with publickey authentication, and it fails when I first log in:

[me@my-laptop:~]$ ssh -vv host
...
debug1: Next authentication method: publickey
debug1: Offering public key: /Users/me/.ssh/id_rsa
...
debug2: we did not send a packet, disable method
debug1: Next authentication method: password
me@hosts's password:

And the /var/log/auth.log output:

Jan 16 09:57:11 host sshd[1957]: reverse mapping checking getaddrinfo for cpe-70-114-155-20.austin.res.rr.com [70.114.155.20] failed - POSSIBLE BREAK-IN ATTEMPT!
Jan 16 09:57:13 host sshd[1957]: pam_sm_authenticate: Called
Jan 16 09:57:13 host sshd[1957]: pam_sm_authenticate: username = [astacy]
Jan 16 09:57:13 host sshd[1959]: Passphrase file wrapped
Jan 16 09:57:15 host sshd[1959]: Error attempting to add filename encryption key to user session keyring; rc = [1]
Jan 16 09:57:15 host sshd[1957]: Accepted password for astacy from 70.114.155.20 port 42481 ssh2
Jan 16 09:57:15 host sshd[1957]: pam_unix(sshd:session): session opened for user astacy by (uid=0)
Jan 16 09:57:20 host sudo:   astacy : TTY=pts/0 ; PWD=/home/astacy ; USER=root ; COMMAND=/usr/bin/tail -f /var/log/auth.log

The strange thing is that once I've got this first login session, I run the exact same ssh command, and publickey authentication works:

[me@my-laptop:~]$ ssh -vv host
...
debug1: Server accepts key: pkalg ssh-rsa blen 277
...
[me@host:~]$

And the /var/log/auth.log output is:

Jan 16 09:59:11 host sshd[2061]: reverse mapping checking getaddrinfo for cpe-70-114-155-20.austin.res.rr.com [70.114.155.20] failed - POSSIBLE BREAK-IN ATTEMPT!
Jan 16 09:59:11 host sshd[2061]: Accepted publickey for astacy from 70.114.155.20 port 39982 ssh2
Jan 16 09:59:11 host sshd[2061]: pam_unix(sshd:session): session opened for user astacy by (uid=0)

What do I need to do to make publickey authentication work on the first login?

NOTE: When I installed Ubuntu 10.10, I checked the 'encrypt home folder' option. I'm wondering if this has something to do with the log message "Error attempting to add filename encryption key to user session keyring"

© Super User or respective owner

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Related posts about ubuntu

Related posts about ssh

Categories cloud

.NET ASP.NET iphone linux python Windows mysql android sql windows-7 html c ruby-on-rails css objective-c ubuntu networking sql-server wpf asp.net-mvc ruby database Xml apache AJAX osx security regex django Performance 12.04 windows-xp mac web-development iphone-sdk vb.net Silverlight apache2 flash server perl best-practices email installation eclipse visual-studio algorithm windows-server-2008 winforms wcf firefox bash dns /Oracle