public key not valid anymore after update to 16.04

robert rottermann robert at redcor.ch
Mon Mar 28 11:03:58 UTC 2016


On 28.03.2016 10:47, Karl Auer wrote:
> On Mon, 2016-03-28 at 09:58 +0200, robert rottermann wrote:
>> I updated my ubuntu 15.10 box to 16.04 beta.
>> Now my public keys do not "work" any more. I can not log into any of
>> the remote machines I could before.
> You should still be able to log in, but you will be asked for a
> password. If you are not asked for a password, then the remote systems
> are probably not allowing password logins. If you are asked for a
> password, but a known good password does not work, then you have a
> different problem.
Sorry I was not precise. I get a password prompt. However I have no valid password
>
> Are your keys still there? That is, in ~/.ssh?
>
> If not, backup whatever is there, restore your backed-up keys to ~/.ssh and try again. If you don't have a backup you are screwed and will have to cut new keys.
>
> Do you see any error messages? If not, add the parameter "-v" to your ssh command line and try again. Look for clues in the output. Send us the output (sanitise it first if you wish). The more "v"s you add, the more detail you see. Up to three :-)
>
> Your host key may have changed, so check the configuration at the other end; look especially for "Match" statements.
It should not have (why should it by update to 16.04?)
I did try with an other key pair that I copied from my box at work. They fail 
with a message like "sign_and_send_pubkey: signing failed: agent refused operation"

I tried with to ssh into the remote computer using the -v option and got the 
following:

robert at chrissy:~$ ssh -v root at katharina
OpenSSH_7.2p2 Ubuntu-1, OpenSSL 1.0.2g  1 Mar 2016
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to katharina [xx.xx.xx.xx] port 22.
debug1: Connection established.
debug1: identity file /home/robert/.ssh/id_rsa type 1
debug1: key_load_public: No such file or directory
debug1: identity file /home/robert/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/robert/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/robert/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/robert/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/robert/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/robert/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/robert/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.2p2 Ubuntu-1
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6.1p1 
Ubuntu-2ubuntu2.6
debug1: match: OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.6 pat OpenSSH_6.6.1* compat 
0x04000000
debug1: Authenticating to katharina:22 as 'root'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256 at libssh.org
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: chacha20-poly1305 at openssh.com MAC: 
<implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305 at openssh.com MAC: 
<implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 
SHA256:65PT/usGd1WsegycpaMzFylgNChnfIUWiMQahnSpinA
debug1: Host 'katharina' is known and matches the ECDSA host key.
debug1: Found key in /home/robert/.ssh/known_hosts:17
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /home/robert/.ssh/id_rsa
debug1: Authentications that can continue: publickey,password
debug1: Trying private key: /home/robert/.ssh/id_dsa
debug1: Trying private key: /home/robert/.ssh/id_ecdsa
debug1: Trying private key: /home/robert/.ssh/id_ed25519
debug1: Next authentication method: password
root at katharina's password:


what I find strange is, that i removed all key pairs (that got accumulated 
during the years) but id_dsa.*
obliviously they are cached somewhere ..

but I still can not log in
thanks
robert
>
>> Is there a way to fix that without generating new keys?
> Unless you have managed to lose the keys and have no backup, that
> really should not be necessary.
>
> Regards, K.
>




More information about the ubuntu-users mailing list