Problème Clé SSH

Résolu/Fermé
AmneziaInc
Messages postés
4
Date d'inscription
mercredi 6 juin 2018
Statut
Membre
Dernière intervention
8 juin 2018
- Modifié le 6 juin 2018 à 14:17
Incorporated
Messages postés
547
Date d'inscription
jeudi 31 mai 2018
Statut
Membre
Dernière intervention
28 août 2018
- 8 juin 2018 à 15:08
Bonjour à tous !

Voici mon soucis, j’ai mon serveur Centreon (37.71.212.163) et mon poller (37.71.212.162) qui sont censé échanger des informations.

Ceux-ci sont naté depuis les adresses IP publique indiqué ci-dessus. Mon soucis est le suivant, j’accède bien en ssh d’une machine à l’autre mais mon but est de faire un accès ssh sans mot de passe donc par clé.

Je crée ma clé et je l’envoie :

[centreon@SRV-CENTREON ~]$ ssh-copy-id -i .ssh/id_rsa.pub centreon@37.71.212.162
centreon@37.71.212.162's password:
Now try logging into the machine, with "ssh 'centreon@37.71.212.162'", and check in:

.ssh/authorized_keys

to make sure we haven't added extra keys that you weren't expecting.



Cette même clé je la retrouve dans mon répertoire /var/lib/centreon/.ssh/authorized_keys, avec les droit adéquat pour y accéder.

J’ai vérifié mes fichier de conf (ssh_config et sshd_config) des deux machine et j’ai autorisé l’accès par clé publique par root (au cas où). Mais malgré cela il me demande le mot de passe à la connexion ssh :

[centreon@SRV-CENTREON ~]$ ssh centreon@37.71.212.162
centreon@37.71.212.162's password:
Linux raspberrypi 4.14.44-v7+ #1117 SMP Thu May 31 16:57:56 BST 2018 armv7l

The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
Last login: Tue Jun 5 15:23:21 2018 from 37.71.212.163
centreon@raspberrypi:~ $


Mais je ne comprends pas … Si cela peut vous aider voici mon retour de la commande ssh –vvv :

[centreon@SRV-CENTREON ~]$ ssh -vvv centreon@37.71.212.162
OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to 37.71.212.162 [37.71.212.162] port 9696.
debug1: Connection established.
debug1: identity file /var/spool/centreon/.ssh/identity type -1
debug1: identity file /var/spool/centreon/.ssh/identity-cert type -1
debug3: Not a RSA1 key file /var/spool/centreon/.ssh/id_rsa.
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug3: key_read: missing keytype
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug2: key_type_from_name: unknown key type '-----END'
debug3: key_read: missing keytype
debug1: identity file /var/spool/centreon/.ssh/id_rsa type 1
debug1: identity file /var/spool/centreon/.ssh/id_rsa-cert type -1
debug1: identity file /var/spool/centreon/.ssh/id_dsa type -1
debug1: identity file /var/spool/centreon/.ssh/id_dsa-cert type -1
debug1: identity file /var/spool/centreon/.ssh/id_ecdsa type -1
debug1: identity file /var/spool/centreon/.ssh/id_ecdsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.4p1 Raspbian-10+deb9u3
debug1: match: OpenSSH_7.4p1 Raspbian-10+deb9u3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.3
debug2: fd 3 setting O_NONBLOCK
debug1: SSH2_MSG_KEXINIT sent
debug3: Wrote 864 bytes for a total of 885
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa-cert-v01@openssh.com,ssh-dss-cert-v01@openssh.com,ssh-rsa-cert-v00@openssh.com,ssh-dss-cert-v00@openssh.com,ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96
debug2: kex_parse_kexinit: hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1
debug2: kex_parse_kexinit: ssh-rsa,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519
debug2: kex_parse_kexinit: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: kex_parse_kexinit: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: kex_parse_kexinit: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: kex_parse_kexinit: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: kex_parse_kexinit: none,zlib@openssh.com
debug2: kex_parse_kexinit: none,zlib@openssh.com
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_setup: found hmac-sha1
debug1: kex: server->client aes128-ctr hmac-sha1 none
debug2: mac_setup: found hmac-sha1
debug1: kex: client->server aes128-ctr hmac-sha1 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<2048<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug3: Wrote 24 bytes for a total of 909
debug2: dh_gen_key: priv key bits set: 170/320
debug2: bits set: 1049/2048
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug3: Wrote 272 bytes for a total of 1181
debug3: put_host_port: [37.71.212.162]:9696
debug3: put_host_port: [37.71.212.162]:9696
debug3: check_host_in_hostfile: host [37.71.212.162]:9696 filename /var/spool/centreon/.ssh/known_hosts
debug3: check_host_in_hostfile: host [37.71.212.162]:9696 filename /var/spool/centreon/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 2
debug3: check_host_in_hostfile: host [37.71.212.162]:9696 filename /var/spool/centreon/.ssh/known_hosts
debug3: check_host_in_hostfile: host [37.71.212.162]:9696 filename /var/spool/centreon/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 2
debug1: Host '[37.71.212.162]:9696' is known and matches the RSA host key.
debug1: Found key in /var/spool/centreon/.ssh/known_hosts:2
debug2: bits set: 1044/2048
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug3: Wrote 16 bytes for a total of 1197
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug3: Wrote 52 bytes for a total of 1249
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /var/spool/centreon/.ssh/identity ((nil))
debug2: key: /var/spool/centreon/.ssh/id_rsa (0x7fc0857439e0)
debug2: key: /var/spool/centreon/.ssh/id_dsa ((nil))
debug2: key: /var/spool/centreon/.ssh/id_ecdsa ((nil))
debug3: Wrote 68 bytes for a total of 1317
debug1: Authentications that can continue: publickey,password
debug3: start over, passed a different list publickey,password
debug3: preferred gssapi-keyex,gssapi-with-mic,publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /var/spool/centreon/.ssh/identity
debug3: no such identity: /var/spool/centreon/.ssh/identity
debug1: Offering public key: /var/spool/centreon/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug3: Wrote 372 bytes for a total of 1689
debug1: Authentications that can continue: publickey,password
debug1: Trying private key: /var/spool/centreon/.ssh/id_dsa
debug3: no such identity: /var/spool/centreon/.ssh/id_dsa
debug1: Trying private key: /var/spool/centreon/.ssh/id_ecdsa
debug3: no such identity: /var/spool/centreon/.ssh/id_ecdsa
debug2: we did not send a packet, disable method
debug3: authmethod_lookup password
debug3: remaining preferred: ,password
debug3: authmethod_is_enabled password
debug1: Next authentication method: password
centreon@37.71.212.162's password:


Je suis vraiment à cour d’idée de la provenance de cela…

Merci d’avance.

3 réponses

Incorporated
Messages postés
547
Date d'inscription
jeudi 31 mai 2018
Statut
Membre
Dernière intervention
28 août 2018
396
6 juin 2018 à 14:38
Bonjour,

Ceci pourra peut-être vous donner de nouvelles pistes :

https://www.generation-linux.fr/index.php?post%2F2008%2F02%2F26%2F79-se-connecter-en-ssh-sans-demande-de-mot-de-passe=
0
AmneziaInc
Messages postés
4
Date d'inscription
mercredi 6 juin 2018
Statut
Membre
Dernière intervention
8 juin 2018

6 juin 2018 à 16:09
Bonjour,

Je vais jeter un oeil à cela, merci pour ton retour je te tiens au courant.
0
AmneziaInc
Messages postés
4
Date d'inscription
mercredi 6 juin 2018
Statut
Membre
Dernière intervention
8 juin 2018

8 juin 2018 à 11:12
Petit up svp
0
Incorporated
Messages postés
547
Date d'inscription
jeudi 31 mai 2018
Statut
Membre
Dernière intervention
28 août 2018
396
8 juin 2018 à 13:33
Je suppose que ça n'a rien donné ?
0
AmneziaInc
Messages postés
4
Date d'inscription
mercredi 6 juin 2018
Statut
Membre
Dernière intervention
8 juin 2018

8 juin 2018 à 14:02
J'ai trouvé la solution, tout d'abord merci incorporated pour ton aide.

Voici la solution :
https://unix.stackexchange.com/questions/36540/why-am-i-still-getting-a-password-prompt-with-ssh-with-public-key-authentication

Je me sent un peux idiot vu que au final cela proviens juste des droit sur mes fichiers de conf...
Désolé du dérangement et bonne continuation.
0
Incorporated
Messages postés
547
Date d'inscription
jeudi 31 mai 2018
Statut
Membre
Dernière intervention
28 août 2018
396
8 juin 2018 à 15:08
Merci pour ton retour !
0