Re: [Savannah-hackers] Trouble using ssh

[Sylvain Beucler]

I just created a test account, followed your steps, and could 
successfully connect to savannah.gnu.org via ssh after an hour.
I also have OpenSSH_3.1p1 under GNU/Linux (RedHat 7.3).

Your log points out that the key is not recognised by savannah.gnu.org.
I think you already checked it, but to confirm, could you check it 
again (and that there is no linebreak inside it)?

Otherwise, I suggest you remove and reupload it 
(https://savannah.gnu.org/account/editsshkeys.php), waiting an hour 
(the cron delay) each time.


Actually, I assumed your tried each experiment with the same SSH key. 
Am I wrong?

--
Sylvain


Daniel Lemire wrote :
> Good day,
>
> I've tried just about everything I could think of, and I still cannot
> connect
> to savannah using ssh.
>
> Please help me.
>
>
>
> Ok, so what I did was to follow the instruction on
> https://savannah.gnu.org/faq/?group_id=5802&question=How_do_I_configure_my_SSH_access.txt
>
> To be sure, I tried several machines I have access to.
>
> On one machine, I use OpenSSH_3.7.1p2 under FreeBSD on the other, I
> use
> OpenSSH_3.1p1 under Linux.
>
> On both machines, I do
>
> echo "Protocol 2" > ~/.ssh/config
>
> first.
>
> Then I do
> "ssh-keygen -t dsa"
>
> This will general, in .ssh, the following files... (I used the default
> names)
>  id_dsa          id_dsa.pub
>
> I've then uploaded "id_dsa.pub" to the server.
>
> Then I've waited many days.
>
> Then I get asked for a password whichis my doom... of course...
>
> ssh address@hidden
> (much deleted here)
> debug1: Host 'savannah.nongnu.org' is known and matches the RSA host
> key.
> debug1: Found key in /home/lemire/.ssh/known_hosts:15
> debug1: bits set: 1616/3191
> debug1: ssh_rsa_verify: signature correct
> debug1: kex_derive_keys
> debug1: newkeys: mode 1
> debug1: SSH2_MSG_NEWKEYS sent
> debug1: waiting for SSH2_MSG_NEWKEYS
> debug1: newkeys: mode 0
> debug1: SSH2_MSG_NEWKEYS received
> debug1: done: ssh_kex2.
> debug1: send SSH2_MSG_SERVICE_REQUEST
> debug1: service_accept: ssh-userauth
> debug1: got SSH2_MSG_SERVICE_ACCEPT
> debug1: authentications that can continue:
> publickey,password,keyboard-interactive
> debug1: next auth method to try is publickey
> debug1: try privkey: /home/lemire/.ssh/id_rsa
> debug1: try pubkey: /home/lemire/.ssh/id_dsa
> debug1: authentications that can continue:
> publickey,password,keyboard-interactive
> debug1: next auth method to try is keyboard-interactive
> debug1: authentications that can continue:
> publickey,password,keyboard-interactive
> debug1: next auth method to try is password
> address@hidden's password:
>
>
> and it goes downhill from here...
>
> I've actually repeated the experiment with 4 different machines, not
> only 2,
> but you get my point. I also did this before and after savannah got
> hacked. I
> seem to be getting exactly the same result...
>
> Underlying my plea for help is a "why does this need to be so complex
> when
> sourceforge has a much simpler approach and they don't seem to get
> hacked so
> much..." but I'll leave that for another day.
>
> Thanks!