Menu

Problème Clé SSH [Résolu]

AmneziaInc 4 Messages postés mercredi 6 juin 2018Date d'inscription 8 juin 2018 Dernière intervention - 6 juin 2018 à 14:15 - Dernière réponse : Incorporated 547 Messages postés jeudi 31 mai 2018Date d'inscription 28 août 2018 Dernière intervention
- 8 juin 2018 à 15:08
Bonjour à tous !

Voici mon soucis, j’ai mon serveur Centreon (37.71.212.163) et mon poller (37.71.212.162) qui sont censé échanger des informations.

Ceux-ci sont naté depuis les adresses IP publique indiqué ci-dessus. Mon soucis est le suivant, j’accède bien en ssh d’une machine à l’autre mais mon but est de faire un accès ssh sans mot de passe donc par clé.

Je crée ma clé et je l’envoie :

[centreon@SRV-CENTREON ~]$ ssh-copy-id -i .ssh/id_rsa.pub centreon@37.71.212.162
centreon@37.71.212.162's password:
Now try logging into the machine, with "ssh 'centreon@37.71.212.162'", and check in:

.ssh/authorized_keys

to make sure we haven't added extra keys that you weren't expecting.



Cette même clé je la retrouve dans mon répertoire /var/lib/centreon/.ssh/authorized_keys, avec les droit adéquat pour y accéder.

J’ai vérifié mes fichier de conf (ssh_config et sshd_config) des deux machine et j’ai autorisé l’accès par clé publique par root (au cas où). Mais malgré cela il me demande le mot de passe à la connexion ssh :

[centreon@SRV-CENTREON ~]$ ssh centreon@37.71.212.162
centreon@37.71.212.162's password:
Linux raspberrypi 4.14.44-v7+ #1117 SMP Thu May 31 16:57:56 BST 2018 armv7l

The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
Last login: Tue Jun 5 15:23:21 2018 from 37.71.212.163
centreon@raspberrypi:~ $


Mais je ne comprends pas … Si cela peut vous aider voici mon retour de la commande ssh –vvv :

[centreon@SRV-CENTREON ~]$ ssh -vvv centreon@37.71.212.162
OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to 37.71.212.162 [37.71.212.162] port 9696.
debug1: Connection established.
debug1: identity file /var/spool/centreon/.ssh/identity type -1
debug1: identity file /var/spool/centreon/.ssh/identity-cert type -1
debug3: Not a RSA1 key file /var/spool/centreon/.ssh/id_rsa.
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug3: key_read: missing keytype
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug2: key_type_from_name: unknown key type '-----END'
debug3: key_read: missing keytype
debug1: identity file /var/spool/centreon/.ssh/id_rsa type 1
debug1: identity file /var/spool/centreon/.ssh/id_rsa-cert type -1
debug1: identity file /var/spool/centreon/.ssh/id_dsa type -1
debug1: identity file /var/spool/centreon/.ssh/id_dsa-cert type -1
debug1: identity file /var/spool/centreon/.ssh/id_ecdsa type -1
debug1: identity file /var/spool/centreon/.ssh/id_ecdsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.4p1 Raspbian-10+deb9u3
debug1: match: OpenSSH_7.4p1 Raspbian-10+deb9u3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.3
debug2: fd 3 setting O_NONBLOCK
debug1: SSH2_MSG_KEXINIT sent
debug3: Wrote 864 bytes for a total of 885
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa-cert-v01@openssh.com,ssh-dss-cert-v01@openssh.com,ssh-rsa-cert-v00@openssh.com,ssh-dss-cert-v00@openssh.com,ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96
debug2: kex_parse_kexinit: hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1
debug2: kex_parse_kexinit: ssh-rsa,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519
debug2: kex_parse_kexinit: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: kex_parse_kexinit: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: kex_parse_kexinit: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: kex_parse_kexinit: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: kex_parse_kexinit: none,zlib@openssh.com
debug2: kex_parse_kexinit: none,zlib@openssh.com
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_setup: found hmac-sha1
debug1: kex: server->client aes128-ctr hmac-sha1 none
debug2: mac_setup: found hmac-sha1
debug1: kex: client->server aes128-ctr hmac-sha1 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<2048<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug3: Wrote 24 bytes for a total of 909
debug2: dh_gen_key: priv key bits set: 170/320
debug2: bits set: 1049/2048
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug3: Wrote 272 bytes for a total of 1181
debug3: put_host_port: [37.71.212.162]:9696
debug3: put_host_port: [37.71.212.162]:9696
debug3: check_host_in_hostfile: host [37.71.212.162]:9696 filename /var/spool/centreon/.ssh/known_hosts
debug3: check_host_in_hostfile: host [37.71.212.162]:9696 filename /var/spool/centreon/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 2
debug3: check_host_in_hostfile: host [37.71.212.162]:9696 filename /var/spool/centreon/.ssh/known_hosts
debug3: check_host_in_hostfile: host [37.71.212.162]:9696 filename /var/spool/centreon/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 2
debug1: Host '[37.71.212.162]:9696' is known and matches the RSA host key.
debug1: Found key in /var/spool/centreon/.ssh/known_hosts:2
debug2: bits set: 1044/2048
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug3: Wrote 16 bytes for a total of 1197
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug3: Wrote 52 bytes for a total of 1249
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /var/spool/centreon/.ssh/identity ((nil))
debug2: key: /var/spool/centreon/.ssh/id_rsa (0x7fc0857439e0)
debug2: key: /var/spool/centreon/.ssh/id_dsa ((nil))
debug2: key: /var/spool/centreon/.ssh/id_ecdsa ((nil))
debug3: Wrote 68 bytes for a total of 1317
debug1: Authentications that can continue: publickey,password
debug3: start over, passed a different list publickey,password
debug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /var/spool/centreon/.ssh/identity
debug3: no such identity: /var/spool/centreon/.ssh/identity
debug1: Offering public key: /var/spool/centreon/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug3: Wrote 372 bytes for a total of 1689
debug1: Authentications that can continue: publickey,password
debug1: Trying private key: /var/spool/centreon/.ssh/id_dsa
debug3: no such identity: /var/spool/centreon/.ssh/id_dsa
debug1: Trying private key: /var/spool/centreon/.ssh/id_ecdsa
debug3: no such identity: /var/spool/centreon/.ssh/id_ecdsa
debug2: we did not send a packet, disable method
debug3: authmethod_lookup password
debug3: remaining preferred: ,password
debug3: authmethod_is_enabled password
debug1: Next authentication method: password
centreon@37.71.212.162's password:


Je suis vraiment à cour d’idée de la provenance de cela…

Merci d’avance.
Afficher la suite 

Votre réponse

6 réponses

Incorporated 547 Messages postés jeudi 31 mai 2018Date d'inscription 28 août 2018 Dernière intervention - 6 juin 2018 à 14:38
AmneziaInc 4 Messages postés mercredi 6 juin 2018Date d'inscription 8 juin 2018 Dernière intervention - 6 juin 2018 à 16:09
Bonjour,

Je vais jeter un oeil à cela, merci pour ton retour je te tiens au courant.
Commenter la réponse de Incorporated
AmneziaInc 4 Messages postés mercredi 6 juin 2018Date d'inscription 8 juin 2018 Dernière intervention - 8 juin 2018 à 11:12
0
Merci
Petit up svp
Incorporated 547 Messages postés jeudi 31 mai 2018Date d'inscription 28 août 2018 Dernière intervention - 8 juin 2018 à 13:33
Je suppose que ça n'a rien donné ?
Commenter la réponse de AmneziaInc
AmneziaInc 4 Messages postés mercredi 6 juin 2018Date d'inscription 8 juin 2018 Dernière intervention - 8 juin 2018 à 14:02
0
Merci
J'ai trouvé la solution, tout d'abord merci incorporated pour ton aide.

Voici la solution :
https://unix.stackexchange.com/questions/36540/why-am-i-still-getting-a-password-prompt-with-ssh-with-public-key-authentication

Je me sent un peux idiot vu que au final cela proviens juste des droit sur mes fichiers de conf...
Désolé du dérangement et bonne continuation.
Incorporated 547 Messages postés jeudi 31 mai 2018Date d'inscription 28 août 2018 Dernière intervention - 8 juin 2018 à 15:08
Merci pour ton retour !
Commenter la réponse de AmneziaInc