Missing begin marker error with public key ssh login
up vote
0
down vote
favorite
I have two Redhat 7.3 machines. I want password-less ssh access to the machine2 from machine1. Here is what I have done.
On machine1, I sudo (sudo su -) as a root and generated the rsa public and private keys using ssh-keygen command with all default settings.
These are present in /root/.ssh/ directory with names id_rsa, id_rsa.pub
The permissions for .ssh are as follows
drwx------ 2 root root 54 Jan 17 05:08 .
drwxr-x---. 7 root root 4.0K Jan 17 04:08 ..
-rw------- 1 root root 1.7K Jan 17 06:18 id_rsa
-rw-r--r-- 1 root root 414 Jan 17 06:18 id_rsa.pub
-rw-r--r-- 1 root root 4.0K Jan 17 07:37 known_hosts
I copied the contents of id_rsa.pub to machine2 into the file authorized_keys in /root/.ssh created by myself as a root.
permissions of .ssh directory on machine2 are as follows
drwxr-xr-x 2 root root 28 Jan 17 06:32 .
dr-xr-x---. 6 root root 4.0K Jan 17 03:28 ..
-rw-r--r-- 1 root root 414 Jan 17 06:32 authorized_keys
Now I tried to ssh (with verbose) from machine1 to machine2 using the following command. But it still asks for the password to connect. I am expecting the connection should be established without asking for password.
I tried changing the permissions of .ssh and authorized_keys to 700 and 600 on machine2 as suggested by
SSH asks for password, even with public key installed
But the problem persists.
I have given the debug output of ssh command. It works as expected till the server accepts the public key. After that I notice
debug1: key_parse_private2: missing begin marker
might be causing this issue. Can any one suggest me a way out of this problem?
[root@machine1 ~]# ssh -v machine2
OpenSSH_6.6.1, OpenSSL 1.0.1e-fips 11 Feb 2013
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 56: Applying options for *
debug1: Connecting to machine2 [x.x.x.x] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: identity file /root/.ssh/id_rsa type 1
debug1: identity file /root/.ssh/id_rsa-cert type -1
debug1: identity file /root/.ssh/id_dsa type -1
debug1: identity file /root/.ssh/id_dsa-cert type -1
debug1: identity file /root/.ssh/id_ecdsa type -1
debug1: identity file /root/.ssh/id_ecdsa-cert type -1
debug1: identity file /root/.ssh/id_ed25519 type -1
debug1: identity file /root/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.6.1
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6.1
debug1: match: OpenSSH_6.6.1 pat OpenSSH_6.6.1* compat 0x04000000
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5-etm@openssh.com none
debug1: kex: client->server aes128-ctr hmac-md5-etm@openssh.com none
debug1: kex: curve25519-sha256@libssh.org need=16 dh_need=16
debug1: kex: curve25519-sha256@libssh.org need=16 dh_need=16
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: RSA X:X:X:X:....
debug1: Host 'machine2' is known and matches the RSA host key.
debug1: Found key in /root/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
========================================================
| The system is to be used only by authorized users. |
| |
| By continuing to use the system, the user represents |
| that he/she is an authorized user. |
| |
| Use of the system constitutes consent to monitoring |
| and review. |
| |
| I have received, read and understand the Company's |
| Acceptable Use Policy and agree to abide by the |
| policy and its terms and conditions. |
| |
========================================================
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /root/.ssh/id_rsa
debug1: Server accepts key: pkalg ssh-rsa blen 279
debug1: key_parse_private2: missing begin marker
debug1: read PEM private key done: type RSA
debug1: Authentications that can continue: publickey,password
debug1: Trying private key: /root/.ssh/id_dsa
debug1: Trying private key: /root/.ssh/id_ecdsa
debug1: Trying private key: /root/.ssh/id_ed25519
debug1: Next authentication method: password
root@machine2's password:
linux ssh passwords openssh rsa
edited Mar 20 '17 at 10:17
Community♦
1
asked Jan 18 '17 at 9:34
Ravi Chandra
10613
add a comment |
up vote
0
down vote
favorite
I have two Redhat 7.3 machines. I want password-less ssh access to the machine2 from machine1. Here is what I have done.
On machine1, I sudo (sudo su -) as a root and generated the rsa public and private keys using ssh-keygen command with all default settings.
These are present in /root/.ssh/ directory with names id_rsa, id_rsa.pub
The permissions for .ssh are as follows
drwx------ 2 root root 54 Jan 17 05:08 .
drwxr-x---. 7 root root 4.0K Jan 17 04:08 ..
-rw------- 1 root root 1.7K Jan 17 06:18 id_rsa
-rw-r--r-- 1 root root 414 Jan 17 06:18 id_rsa.pub
-rw-r--r-- 1 root root 4.0K Jan 17 07:37 known_hosts
I copied the contents of id_rsa.pub to machine2 into the file authorized_keys in /root/.ssh created by myself as a root.
permissions of .ssh directory on machine2 are as follows
drwxr-xr-x 2 root root 28 Jan 17 06:32 .
dr-xr-x---. 6 root root 4.0K Jan 17 03:28 ..
-rw-r--r-- 1 root root 414 Jan 17 06:32 authorized_keys
Now I tried to ssh (with verbose) from machine1 to machine2 using the following command. But it still asks for the password to connect. I am expecting the connection should be established without asking for password.
I tried changing the permissions of .ssh and authorized_keys to 700 and 600 on machine2 as suggested by
SSH asks for password, even with public key installed
But the problem persists.
I have given the debug output of ssh command. It works as expected till the server accepts the public key. After that I notice
debug1: key_parse_private2: missing begin marker
might be causing this issue. Can any one suggest me a way out of this problem?
[root@machine1 ~]# ssh -v machine2
OpenSSH_6.6.1, OpenSSL 1.0.1e-fips 11 Feb 2013
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 56: Applying options for *
debug1: Connecting to machine2 [x.x.x.x] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: identity file /root/.ssh/id_rsa type 1
debug1: identity file /root/.ssh/id_rsa-cert type -1
debug1: identity file /root/.ssh/id_dsa type -1
debug1: identity file /root/.ssh/id_dsa-cert type -1
debug1: identity file /root/.ssh/id_ecdsa type -1
debug1: identity file /root/.ssh/id_ecdsa-cert type -1
debug1: identity file /root/.ssh/id_ed25519 type -1
debug1: identity file /root/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.6.1
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6.1
debug1: match: OpenSSH_6.6.1 pat OpenSSH_6.6.1* compat 0x04000000
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5-etm@openssh.com none
debug1: kex: client->server aes128-ctr hmac-md5-etm@openssh.com none
debug1: kex: curve25519-sha256@libssh.org need=16 dh_need=16
debug1: kex: curve25519-sha256@libssh.org need=16 dh_need=16
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: RSA X:X:X:X:....
debug1: Host 'machine2' is known and matches the RSA host key.
debug1: Found key in /root/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
========================================================
| The system is to be used only by authorized users. |
| |
| By continuing to use the system, the user represents |
| that he/she is an authorized user. |
| |
| Use of the system constitutes consent to monitoring |
| and review. |
| |
| I have received, read and understand the Company's |
| Acceptable Use Policy and agree to abide by the |
| policy and its terms and conditions. |
| |
========================================================
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /root/.ssh/id_rsa
debug1: Server accepts key: pkalg ssh-rsa blen 279
debug1: key_parse_private2: missing begin marker
debug1: read PEM private key done: type RSA
debug1: Authentications that can continue: publickey,password
debug1: Trying private key: /root/.ssh/id_dsa
debug1: Trying private key: /root/.ssh/id_ecdsa
debug1: Trying private key: /root/.ssh/id_ed25519
debug1: Next authentication method: password
root@machine2's password:
linux ssh passwords openssh rsa
edited Mar 20 '17 at 10:17
Community♦
1
asked Jan 18 '17 at 9:34
Ravi Chandra
10613
Try to change permission on machine2, directory /root/.ssh to be 700
– Romeo Ninov
Jan 18 '17 at 9:38
@Romeo Ninov, I have already tried that and mentioned in this post too... It did not solve the problem.
– Ravi Chandra
Jan 18 '17 at 9:39
Can you provide few lines from begin of id_rsa and the content of authorized_keys and id_rsa.pub. And check for empty lines in authorized_keys
– Romeo Ninov
Jan 18 '17 at 9:42
id_rsa: -----BEGIN RSA PRIVATE KEY----- MKIEpAIBdAKCAQEjtVQ5Zh1inry2g8XYzmUk5Dcg9n9++jRY+enwh+9qWJVx7UGX YR6H0SJT7dFCe7ZGJGwgJrxRLrcOh3ujOJ3+tSS1iBoHBUpfucExsDD8JRE8DduA id_rsa.pub: ssh-rsa AXBAB3NzaC1yf2EAAAADAQABAAXBAQ
– Ravi Chandra
Jan 18 '17 at 9:45
There is no empty line authorized_keys and the id_rsa.pub and authorized_keys are the same
– Ravi Chandra
Jan 18 '17 at 9:47
add a comment |
up vote
0
down vote
favorite
up vote
0
down vote
favorite
I have two Redhat 7.3 machines. I want password-less ssh access to the machine2 from machine1. Here is what I have done.
On machine1, I sudo (sudo su -) as a root and generated the rsa public and private keys using ssh-keygen command with all default settings.
These are present in /root/.ssh/ directory with names id_rsa, id_rsa.pub
The permissions for .ssh are as follows
drwx------ 2 root root 54 Jan 17 05:08 .
drwxr-x---. 7 root root 4.0K Jan 17 04:08 ..
-rw------- 1 root root 1.7K Jan 17 06:18 id_rsa
-rw-r--r-- 1 root root 414 Jan 17 06:18 id_rsa.pub
-rw-r--r-- 1 root root 4.0K Jan 17 07:37 known_hosts
I copied the contents of id_rsa.pub to machine2 into the file authorized_keys in /root/.ssh created by myself as a root.
permissions of .ssh directory on machine2 are as follows
drwxr-xr-x 2 root root 28 Jan 17 06:32 .
dr-xr-x---. 6 root root 4.0K Jan 17 03:28 ..
-rw-r--r-- 1 root root 414 Jan 17 06:32 authorized_keys
Now I tried to ssh (with verbose) from machine1 to machine2 using the following command. But it still asks for the password to connect. I am expecting the connection should be established without asking for password.
I tried changing the permissions of .ssh and authorized_keys to 700 and 600 on machine2 as suggested by
SSH asks for password, even with public key installed
But the problem persists.
I have given the debug output of ssh command. It works as expected till the server accepts the public key. After that I notice
debug1: key_parse_private2: missing begin marker
might be causing this issue. Can any one suggest me a way out of this problem?
[root@machine1 ~]# ssh -v machine2
OpenSSH_6.6.1, OpenSSL 1.0.1e-fips 11 Feb 2013
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 56: Applying options for *
debug1: Connecting to machine2 [x.x.x.x] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: identity file /root/.ssh/id_rsa type 1
debug1: identity file /root/.ssh/id_rsa-cert type -1
debug1: identity file /root/.ssh/id_dsa type -1
debug1: identity file /root/.ssh/id_dsa-cert type -1
debug1: identity file /root/.ssh/id_ecdsa type -1
debug1: identity file /root/.ssh/id_ecdsa-cert type -1
debug1: identity file /root/.ssh/id_ed25519 type -1
debug1: identity file /root/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.6.1
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6.1
debug1: match: OpenSSH_6.6.1 pat OpenSSH_6.6.1* compat 0x04000000
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5-etm@openssh.com none
debug1: kex: client->server aes128-ctr hmac-md5-etm@openssh.com none
debug1: kex: curve25519-sha256@libssh.org need=16 dh_need=16
debug1: kex: curve25519-sha256@libssh.org need=16 dh_need=16
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: RSA X:X:X:X:....
debug1: Host 'machine2' is known and matches the RSA host key.
debug1: Found key in /root/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
========================================================
| The system is to be used only by authorized users. |
| |
| By continuing to use the system, the user represents |
| that he/she is an authorized user. |
| |
| Use of the system constitutes consent to monitoring |
| and review. |
| |
| I have received, read and understand the Company's |
| Acceptable Use Policy and agree to abide by the |
| policy and its terms and conditions. |
| |
========================================================
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /root/.ssh/id_rsa
debug1: Server accepts key: pkalg ssh-rsa blen 279
debug1: key_parse_private2: missing begin marker
debug1: read PEM private key done: type RSA
debug1: Authentications that can continue: publickey,password
debug1: Trying private key: /root/.ssh/id_dsa
debug1: Trying private key: /root/.ssh/id_ecdsa
debug1: Trying private key: /root/.ssh/id_ed25519
debug1: Next authentication method: password
root@machine2's password:
linux ssh passwords openssh rsa
edited Mar 20 '17 at 10:17
Community♦
1
asked Jan 18 '17 at 9:34
Ravi Chandra
10613
I have two Redhat 7.3 machines. I want password-less ssh access to the machine2 from machine1. Here is what I have done.
On machine1, I sudo (sudo su -) as a root and generated the rsa public and private keys using ssh-keygen command with all default settings.
These are present in /root/.ssh/ directory with names id_rsa, id_rsa.pub
The permissions for .ssh are as follows
drwx------ 2 root root 54 Jan 17 05:08 .
drwxr-x---. 7 root root 4.0K Jan 17 04:08 ..
-rw------- 1 root root 1.7K Jan 17 06:18 id_rsa
-rw-r--r-- 1 root root 414 Jan 17 06:18 id_rsa.pub
-rw-r--r-- 1 root root 4.0K Jan 17 07:37 known_hosts
I copied the contents of id_rsa.pub to machine2 into the file authorized_keys in /root/.ssh created by myself as a root.
permissions of .ssh directory on machine2 are as follows
drwxr-xr-x 2 root root 28 Jan 17 06:32 .
dr-xr-x---. 6 root root 4.0K Jan 17 03:28 ..
-rw-r--r-- 1 root root 414 Jan 17 06:32 authorized_keys
Now I tried to ssh (with verbose) from machine1 to machine2 using the following command. But it still asks for the password to connect. I am expecting the connection should be established without asking for password.
I tried changing the permissions of .ssh and authorized_keys to 700 and 600 on machine2 as suggested by
SSH asks for password, even with public key installed
But the problem persists.
I have given the debug output of ssh command. It works as expected till the server accepts the public key. After that I notice
debug1: key_parse_private2: missing begin marker
might be causing this issue. Can any one suggest me a way out of this problem?
[root@machine1 ~]# ssh -v machine2
OpenSSH_6.6.1, OpenSSL 1.0.1e-fips 11 Feb 2013
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 56: Applying options for *
debug1: Connecting to machine2 [x.x.x.x] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: identity file /root/.ssh/id_rsa type 1
debug1: identity file /root/.ssh/id_rsa-cert type -1
debug1: identity file /root/.ssh/id_dsa type -1
debug1: identity file /root/.ssh/id_dsa-cert type -1
debug1: identity file /root/.ssh/id_ecdsa type -1
debug1: identity file /root/.ssh/id_ecdsa-cert type -1
debug1: identity file /root/.ssh/id_ed25519 type -1
debug1: identity file /root/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.6.1
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6.1
debug1: match: OpenSSH_6.6.1 pat OpenSSH_6.6.1* compat 0x04000000
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5-etm@openssh.com none
debug1: kex: client->server aes128-ctr hmac-md5-etm@openssh.com none
debug1: kex: curve25519-sha256@libssh.org need=16 dh_need=16
debug1: kex: curve25519-sha256@libssh.org need=16 dh_need=16
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: RSA X:X:X:X:....
debug1: Host 'machine2' is known and matches the RSA host key.
debug1: Found key in /root/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
========================================================
| The system is to be used only by authorized users. |
| |
| By continuing to use the system, the user represents |
| that he/she is an authorized user. |
| |
| Use of the system constitutes consent to monitoring |
| and review. |
| |
| I have received, read and understand the Company's |
| Acceptable Use Policy and agree to abide by the |
| policy and its terms and conditions. |
| |
========================================================
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /root/.ssh/id_rsa
debug1: Server accepts key: pkalg ssh-rsa blen 279
debug1: key_parse_private2: missing begin marker
debug1: read PEM private key done: type RSA
debug1: Authentications that can continue: publickey,password
debug1: Trying private key: /root/.ssh/id_dsa
debug1: Trying private key: /root/.ssh/id_ecdsa
debug1: Trying private key: /root/.ssh/id_ed25519
debug1: Next authentication method: password
root@machine2's password:
linux ssh passwords openssh rsa
linux ssh passwords openssh rsa
edited Mar 20 '17 at 10:17
Community♦
1
asked Jan 18 '17 at 9:34
Ravi Chandra
10613
edited Mar 20 '17 at 10:17
Community♦
1
asked Jan 18 '17 at 9:34
Ravi Chandra
10613
edited Mar 20 '17 at 10:17
Community♦
1
edited Mar 20 '17 at 10:17
Community♦
1
edited Mar 20 '17 at 10:17
Community♦
1
1
asked Jan 18 '17 at 9:34
Ravi Chandra
10613
asked Jan 18 '17 at 9:34
Ravi Chandra
10613
asked Jan 18 '17 at 9:34
Ravi Chandra
10613
10613
Try to change permission on machine2, directory /root/.ssh to be 700
– Romeo Ninov
Jan 18 '17 at 9:38
@Romeo Ninov, I have already tried that and mentioned in this post too... It did not solve the problem.
– Ravi Chandra
Jan 18 '17 at 9:39
Can you provide few lines from begin of id_rsa and the content of authorized_keys and id_rsa.pub. And check for empty lines in authorized_keys
– Romeo Ninov
Jan 18 '17 at 9:42
id_rsa: -----BEGIN RSA PRIVATE KEY----- MKIEpAIBdAKCAQEjtVQ5Zh1inry2g8XYzmUk5Dcg9n9++jRY+enwh+9qWJVx7UGX YR6H0SJT7dFCe7ZGJGwgJrxRLrcOh3ujOJ3+tSS1iBoHBUpfucExsDD8JRE8DduA id_rsa.pub: ssh-rsa AXBAB3NzaC1yf2EAAAADAQABAAXBAQ
– Ravi Chandra
Jan 18 '17 at 9:45
There is no empty line authorized_keys and the id_rsa.pub and authorized_keys are the same
– Ravi Chandra
Jan 18 '17 at 9:47
add a comment |
Try to change permission on machine2, directory /root/.ssh to be 700
– Romeo Ninov
Jan 18 '17 at 9:38
@Romeo Ninov, I have already tried that and mentioned in this post too... It did not solve the problem.
– Ravi Chandra
Jan 18 '17 at 9:39
Can you provide few lines from begin of id_rsa and the content of authorized_keys and id_rsa.pub. And check for empty lines in authorized_keys
– Romeo Ninov
Jan 18 '17 at 9:42
id_rsa: -----BEGIN RSA PRIVATE KEY----- MKIEpAIBdAKCAQEjtVQ5Zh1inry2g8XYzmUk5Dcg9n9++jRY+enwh+9qWJVx7UGX YR6H0SJT7dFCe7ZGJGwgJrxRLrcOh3ujOJ3+tSS1iBoHBUpfucExsDD8JRE8DduA id_rsa.pub: ssh-rsa AXBAB3NzaC1yf2EAAAADAQABAAXBAQ
– Ravi Chandra
Jan 18 '17 at 9:45
There is no empty line authorized_keys and the id_rsa.pub and authorized_keys are the same
– Ravi Chandra
Jan 18 '17 at 9:47
Try to change permission on machine2, directory /root/.ssh to be 700
– Romeo Ninov
Jan 18 '17 at 9:38
Try to change permission on machine2, directory /root/.ssh to be 700
– Romeo Ninov
Jan 18 '17 at 9:38
@Romeo Ninov, I have already tried that and mentioned in this post too... It did not solve the problem.
– Ravi Chandra
Jan 18 '17 at 9:39
@Romeo Ninov, I have already tried that and mentioned in this post too... It did not solve the problem.
– Ravi Chandra
Jan 18 '17 at 9:39
Can you provide few lines from begin of id_rsa and the content of authorized_keys and id_rsa.pub. And check for empty lines in authorized_keys
– Romeo Ninov
Jan 18 '17 at 9:42
Can you provide few lines from begin of id_rsa and the content of authorized_keys and id_rsa.pub. And check for empty lines in authorized_keys
– Romeo Ninov
Jan 18 '17 at 9:42
id_rsa: -----BEGIN RSA PRIVATE KEY----- MKIEpAIBdAKCAQEjtVQ5Zh1inry2g8XYzmUk5Dcg9n9++jRY+enwh+9qWJVx7UGX YR6H0SJT7dFCe7ZGJGwgJrxRLrcOh3ujOJ3+tSS1iBoHBUpfucExsDD8JRE8DduA id_rsa.pub: ssh-rsa AXBAB3NzaC1yf2EAAAADAQABAAXBAQ
– Ravi Chandra
Jan 18 '17 at 9:45
id_rsa: -----BEGIN RSA PRIVATE KEY----- MKIEpAIBdAKCAQEjtVQ5Zh1inry2g8XYzmUk5Dcg9n9++jRY+enwh+9qWJVx7UGX YR6H0SJT7dFCe7ZGJGwgJrxRLrcOh3ujOJ3+tSS1iBoHBUpfucExsDD8JRE8DduA id_rsa.pub: ssh-rsa AXBAB3NzaC1yf2EAAAADAQABAAXBAQ
– Ravi Chandra
Jan 18 '17 at 9:45
There is no empty line authorized_keys and the id_rsa.pub and authorized_keys are the same
– Ravi Chandra
Jan 18 '17 at 9:47
There is no empty line authorized_keys and the id_rsa.pub and authorized_keys are the same
– Ravi Chandra
Jan 18 '17 at 9:47
add a comment |
1 Answer
1
active
oldest
votes
up vote
1
down vote
"Missing begin marker" is not really a problem, you get that message with successful passwordless public key logins.
You have a banner, so you probably have done some hardening. Make sure the following options are available to your user. You can add them at the end of your sshd_config file after a "Match User" line:
Match User root,user1
RSAAuthentication yes
PubkeyAuthentication yes
PermitRootLogin yes
PermitEmptyPasswords yes
PermitRootLogin is only required since you use root. I am not sure if PermitEmptyPasswords is required but it works for me.
Another (small) thing, don't sudo su -, do sudo -i.
edited Jul 7 '17 at 17:07
Vylix
1,57421422
answered Jul 7 '17 at 16:02
Pierre Lemay
111
add a comment |
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
1
down vote
"Missing begin marker" is not really a problem, you get that message with successful passwordless public key logins.
You have a banner, so you probably have done some hardening. Make sure the following options are available to your user. You can add them at the end of your sshd_config file after a "Match User" line:
Match User root,user1
RSAAuthentication yes
PubkeyAuthentication yes
PermitRootLogin yes
PermitEmptyPasswords yes
PermitRootLogin is only required since you use root. I am not sure if PermitEmptyPasswords is required but it works for me.
Another (small) thing, don't sudo su -, do sudo -i.
edited Jul 7 '17 at 17:07
Vylix
1,57421422
answered Jul 7 '17 at 16:02
Pierre Lemay
111
add a comment |
up vote
1
down vote
"Missing begin marker" is not really a problem, you get that message with successful passwordless public key logins.
You have a banner, so you probably have done some hardening. Make sure the following options are available to your user. You can add them at the end of your sshd_config file after a "Match User" line:
Match User root,user1
RSAAuthentication yes
PubkeyAuthentication yes
PermitRootLogin yes
PermitEmptyPasswords yes
PermitRootLogin is only required since you use root. I am not sure if PermitEmptyPasswords is required but it works for me.
Another (small) thing, don't sudo su -, do sudo -i.
edited Jul 7 '17 at 17:07
Vylix
1,57421422
answered Jul 7 '17 at 16:02
Pierre Lemay
111
add a comment |
up vote
1
down vote
up vote
1
down vote
"Missing begin marker" is not really a problem, you get that message with successful passwordless public key logins.
You have a banner, so you probably have done some hardening. Make sure the following options are available to your user. You can add them at the end of your sshd_config file after a "Match User" line:
Match User root,user1
RSAAuthentication yes
PubkeyAuthentication yes
PermitRootLogin yes
PermitEmptyPasswords yes
PermitRootLogin is only required since you use root. I am not sure if PermitEmptyPasswords is required but it works for me.
Another (small) thing, don't sudo su -, do sudo -i.
edited Jul 7 '17 at 17:07
Vylix
1,57421422
answered Jul 7 '17 at 16:02
Pierre Lemay
111
"Missing begin marker" is not really a problem, you get that message with successful passwordless public key logins.
You have a banner, so you probably have done some hardening. Make sure the following options are available to your user. You can add them at the end of your sshd_config file after a "Match User" line:
Match User root,user1
RSAAuthentication yes
PubkeyAuthentication yes
PermitRootLogin yes
PermitEmptyPasswords yes
PermitRootLogin is only required since you use root. I am not sure if PermitEmptyPasswords is required but it works for me.
Another (small) thing, don't sudo su -, do sudo -i.
edited Jul 7 '17 at 17:07
Vylix
1,57421422
answered Jul 7 '17 at 16:02
Pierre Lemay
111
edited Jul 7 '17 at 17:07
Vylix
1,57421422
edited Jul 7 '17 at 17:07
Vylix
1,57421422
edited Jul 7 '17 at 17:07
Vylix
1,57421422
1,57421422
answered Jul 7 '17 at 16:02
Pierre Lemay
111
answered Jul 7 '17 at 16:02
Pierre Lemay
111
answered Jul 7 '17 at 16:02
Pierre Lemay
111
111
add a comment |
add a comment |
Thanks for contributing an answer to Super User!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Some of your past answers have not been well-received, and you're in danger of being blocked from answering.
Please pay close attention to the following guidance:
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1168710%2fmissing-begin-marker-error-with-public-key-ssh-login%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Try to change permission on machine2, directory /root/.ssh to be 700
– Romeo Ninov
Jan 18 '17 at 9:38
@Romeo Ninov, I have already tried that and mentioned in this post too... It did not solve the problem.
– Ravi Chandra
Jan 18 '17 at 9:39
Can you provide few lines from begin of id_rsa and the content of authorized_keys and id_rsa.pub. And check for empty lines in authorized_keys
– Romeo Ninov
Jan 18 '17 at 9:42
id_rsa: -----BEGIN RSA PRIVATE KEY----- MKIEpAIBdAKCAQEjtVQ5Zh1inry2g8XYzmUk5Dcg9n9++jRY+enwh+9qWJVx7UGX YR6H0SJT7dFCe7ZGJGwgJrxRLrcOh3ujOJ3+tSS1iBoHBUpfucExsDD8JRE8DduA id_rsa.pub: ssh-rsa AXBAB3NzaC1yf2EAAAADAQABAAXBAQ
– Ravi Chandra
Jan 18 '17 at 9:45
There is no empty line authorized_keys and the id_rsa.pub and authorized_keys are the same
– Ravi Chandra
Jan 18 '17 at 9:47