SSH how-to-guide #6

New Issue

Closed

opened 2021-09-18 07:34:24 +00:00 by j3s · 1 comment

j3s commented

2021-09-18 07:34:24 +00:00

Owner

Add a how-to-guide explaining how to get around common problems with SSH client :

Are you getting this error?

forest@thingpad:~$ ssh -i test_rsa_2 cyberian@69.61.38.207
Received disconnect from 69.61.38.207 port 22:2: Too many
authentication failures
Disconnected from 69.61.38.207 port 22

If so, I think the problem is a combination of three things:

You have a lot of SSH keys in your ssh-agent
ssh client is stupid
the SSH daemon on the capsul is being picky

What I mean by "ssh client is stupid": it does not use the key that
you tell it to use with the -i flag.
Instead it tries ALL OF THE KEYS from the ssh-agent in whatever order
it damn well pleases (plus maybe it will try the one you specified
later).
And in some cases the server does not like that, it just hard-aborts
the connection after the client fails a certain number of times,
giving the "Too many authentication failures" error.

Here is the solution:

https://superuser.com/questions/268776/how-do-i-configure-ssh-so-it-doesnt-try-all-the-identity-files-automatically

Just add this flag to prevent the ssh client from using its stupid
default behaviour: -o IdentitiesOnly=yes

Here is an example:

forest@thingpad:~$ ssh -o IdentitiesOnly=yes -i test_rsa_2 cyberian@69.61.38.207
welcome, cyberian ^(;,;)^
your machine awaits
localhost:~$

Another possibility is that you are not trying to log in as the cyberian user. Your ssh command should look like this:

ssh -i /path/to/my/private_key_file cyberian@123.45.6.78

Add a how-to-guide explaining how to get around common problems with SSH client : Are you getting this error? forest@thingpad:~$ ssh -i test_rsa_2 cyberian@69.61.38.207 Received disconnect from 69.61.38.207 port 22:2: Too many authentication failures Disconnected from 69.61.38.207 port 22 If so, I think the problem is a combination of three things: 1. You have a lot of SSH keys in your ssh-agent 2. ssh client is stupid 3. the SSH daemon on the capsul is being picky What I mean by "ssh client is stupid": it does not use the key that you tell it to use with the `-i` flag. Instead it tries ALL OF THE KEYS from the ssh-agent in whatever order it damn well pleases (plus maybe it will try the one you specified later). And in some cases the server does not like that, it just hard-aborts the connection after the client fails a certain number of times, giving the "Too many authentication failures" error. Here is the solution: https://superuser.com/questions/268776/how-do-i-configure-ssh-so-it-doesnt-try-all-the-identity-files-automatically Just add this flag to prevent the ssh client from using its stupid default behaviour: `-o IdentitiesOnly=yes` Here is an example: forest@thingpad:~$ ssh -o IdentitiesOnly=yes -i test_rsa_2 cyberian@69.61.38.207 welcome, cyberian ^(;,;)^ your machine awaits localhost:~$ Another possibility is that you are not trying to log in as the cyberian user. Your ssh command should look like this: ssh -i /path/to/my/private_key_file cyberian@123.45.6.78