1

This is a strange issue I'm having with SSH from my Macbook Pro to a Linux (Ubuntu 11.10) server. I have a DSA key setup on the remote Linux server under my home directory like this:

/home/me/.ssh/authorzied_keys

I also have the same DSA key setup for a few other accounts on the machine named "foo" and "bar". I can log into all of the accounts fine without any password. Therefore, the DSA keys are all setup correctly.

The strange behavior I'm seeing is when debugging the SSH connection. During the connection, the SSH debug is outputting this:

debug2: key: /Users/me/.ssh/id_dsa (0x7f91a1424220)
debug2: key: /home/foo/.ssh/id_dsa (0x7f91a1425620)
debug2: key: /home/bar/.ssh/id_rsa (0x7f91a1425c60)
debug2: key: /Users/me/.ssh/id_rsa (0x0)
  • This is strange for so many reasons, but essentially, why is SSH listing out keys on the server (/home/foo/.ssh/id_dsa and /home/bar/.ssh/id_rsa)?
  • These files don't even exist on the server, so why are they listed?
  • I'm not logging into the "foo" or "bar" accounts, so why is SSH even listing those?
  • On my Macbook Pro, I only have a DSA key, but SSH is listing out an RSA key, what's that all about?
  • Another user on the server doesn't get any of these messages when they log in and they have the exact same setup for their DSA key and the exact same Macbook Pro setup as mine?

Does anyone know what these messages are and why SSH is outputting them?

asked Nov 11, 2011 at 15:39
0

2 Answers 2

1

Daniel is correct, what does your ssh-agent have loaded?

ssh-add -l

You can clear everything out of your ssh-agent with

ssh-add -D

Also note that the ssh-agent on Mac OS X (10.5+) is usually not running until needed. So SSH_AGENT_PID is unset and SSH_AUTH_SOCK is setup so that launchd will only create the ssh-agent process when the socket is first used.

answered Nov 13, 2011 at 23:26
0
3

Look into OpenSSH source code, static void pubkey_prepare(Authctxt *authctxt) in sshconnect2.c:

It gathers (and afterwards lists) keys from the following sources, in that order:

/*
 * try keys in the following order:
 * 1. agent keys that are found in the config file
 * 2. other agent keys
 * 3. keys that are only listed in the config file
 */

config file and options.identity_files in the code refer to the IdentityFile directive in ssh_config whose data type is defined in readconf.h.

Judging from the order of output, with the unknown keys sandwiched between id_dsa and id_rsa, check your SSH agent.

answered Nov 12, 2011 at 7:33

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.