[Peter Yao]

I an trying to test the coneection from my own laptop to the bastion.

Here is what I tried:

1. Generate a key pair from the fabric protal
2. download the public private key and fix the permission on the private key to 600
3. I did the bastion host login test using that key

The screenshot attached showed that the key permission is correct and the mD5 sum of the key matches what is shown on the portal and that I am using the correct bastion user name. Yet I get a permission denied error.

I am also sharing the verbose ssh output below:

(base) root@peter:~/.ssh# ssh -i ./fabric_bastion_key -C2T -D 14000 -M -N yao_peter_0000204996@bastion.fabric-testbed.net -v
OpenSSH_8.9p1 Ubuntu-3ubuntu0.10, OpenSSL 3.0.2 15 Mar 2022
debug1: Reading configuration data /root/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: include /etc/ssh/ssh_config.d/*.conf matched no files
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug1: Connecting to bastion.fabric-testbed.net [128.163.180.149] port 22.
debug1: Connection established.
debug1: identity file ./fabric_bastion_key type 2
debug1: identity file ./fabric_bastion_key-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_8.9p1 Ubuntu-3ubuntu0.10
debug1: Remote protocol version 2.0, remote software version OpenSSH_8.0
debug1: compat_banner: match: OpenSSH_8.0 pat OpenSSH* compat 0x04000000
debug1: Authenticating to bastion.fabric-testbed.net:22 as 'yao_peter_0000204996'
debug1: load_hostkeys: fopen /root/.ssh/known_hosts2: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256@libssh.org
debug1: kex: host key algorithm: ssh-ed25519
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: zlib@openssh.com
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: zlib@openssh.com
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: SSH2_MSG_KEX_ECDH_REPLY received
debug1: Server host key: ssh-ed25519 SHA256:8ZrrCmYlgVJciScTwz3sDTsV3MV0kvcwtTgSOGYGwzg
debug1: load_hostkeys: fopen /root/.ssh/known_hosts2: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory
debug1: Host 'bastion.fabric-testbed.net' is known and matches the ED25519 host key.
debug1: Found key in /root/.ssh/known_hosts:37
debug1: ssh_packet_send2_wrapped: resetting send seqnr 3
debug1: rekey out after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: ssh_packet_read_poll2: resetting read seqnr 3
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey in after 134217728 blocks
debug1: Will attempt key: ./fabric_bastion_key ECDSA SHA256:+GCNKCQJR/hXBrJx79dAZh7AmmTeGGPVZtM7IHT8N5Y explicit
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic
debug1: Next authentication method: gssapi-with-mic
debug1: No credentials were supplied, or the credentials were unavailable or inaccessible
No Kerberos credentials available (default cache: FILE:/tmp/krb5cc_0)


debug1: No credentials were supplied, or the credentials were unavailable or inaccessible
No Kerberos credentials available (default cache: FILE:/tmp/krb5cc_0)


debug1: Next authentication method: publickey
debug1: Offering public key: ./fabric_bastion_key ECDSA SHA256:+GCNKCQJR/hXBrJx79dAZh7AmmTeGGPVZtM7IHT8N5Y explicit
debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic
debug1: No more authentication methods to try.
yao_peter_0000204996@bastion.fabric-testbed.net: Permission denied (publickey,gssapi-keyex,gssapi-with-mic).

Please give me some advice, many thanks.

[Author]

Posts