[solved]Re: login to server ok but cannot login to another server from the first

Sat Nov 3 19:36:04 UTC 2018

On 11/3/18 11:43 AM, Colin Law wrote:
> I believe you can get additional info out of sshd by specifying one or
> more -d on the sshd command line.  I think the debug will then be in
> auth.log.  I have not done that myself though so perhaps some googling
> is required.
>
> Colin
> On Sat, 3 Nov 2018 at 15:28, Mark Barton <mark at atldes.com> wrote:
>> On 11/3/18 10:47 AM, Colin Law wrote:
>>> On Sat, 3 Nov 2018 at 14:34, Peter Silva <peter at bsqt.homeip.net> wrote:
>>>> how old are the keys?  The new version might have deprecated DSA keys or something?
>>>> Perhaps generate newish RSA keys.
>>>>
>>>> 2nd option: -oIdentitiesOnly=yes
>>>> sometimes the credential caching daemon causes the remote to say too many tries.
>>>> the above option may help.
>>> Would that explain why C->B works and B->A works but not C->B->A?
>>>
>>> Colin
>>>
>>>> On Sat, Nov 3, 2018 at 10:15 AM Colin Law <clanlaw at gmail.com> wrote:
>>>>> On Sat, 3 Nov 2018 at 13:52, Mark Barton <mark at atldes.com> wrote:
>>>>>> ...
>>>>>> The same user name but different keys.
>>>>> That is odd, I do it all the time.  So just to recap, you can logon
>>>>> directly on B and see
>>>>> me at B:~$ ssh A
>>>>> with no username specified and it works fine, but if you ssh to B from
>>>>> C then you see the same thing
>>>>> me at B:~$ ssh A
>>>>> but this time it asks for a password?
>>>>>
>>>>> Colin
>>>>>
>>>>>> --
>>>>>> ubuntu-users mailing list
>>>>>> ubuntu-users at lists.ubuntu.com
>>>>>> Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
>>>>> --
>>>>> ubuntu-users mailing list
>>>>> ubuntu-users at lists.ubuntu.com
>>>>> Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
>>>> --
>>>> ubuntu-users mailing list
>>>> ubuntu-users at lists.ubuntu.com
>>>> Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
>> I was able to connect a monitor to that headless
>> server (server A) and I verified that I could
>> connect to server B using a key. I also tried it
>> with a raspberry Pi bypassing the 18.04 server.
>> The results where identical which tells me that is
>> not specific to the 18.04 install.
>>
>> Thinking back I might have used a single key for
>> each client but I am not sure if that is true is
>> all cases.
>>
>> Colin,
>>
>> Yes the sequence you described is correct.
>>
>> Peter,
>>
>> The keys I'm using are RSA and have been freshly
>> generated on each client.
>>
>>
>>
>>
>>
>> --
>> ubuntu-users mailing list
>> ubuntu-users at lists.ubuntu.com
>> Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users

The issue turned out to be with the key names. I 
prefix the id_rsa and is_rsa.pub files with a name 
to help me identify what was generated where. To 
fix the login problem I ended up changing the 
IdentityFile keyword in ssh_config for the ssh 
client to find the correct private key. This work 
for my login from A to server B and from B to A, 
but I don't know why I was able to login to either 
A or B to start with. The IdentityFile is 
commented out on that client. I guess the behavior 
is somehow different for a shell and secure shell.

Colin, thank you for the debug hint. It really 
help in tracking this down. I really should have 
mentioned the name change it my original post. Now 
to get Git working.