I'm experiencing some problems with SSHD on my server.
I'm trying to set up passwordless (pub/pv keys) authentication. It worked for my other servers, but not for this one. The SSHD agent adds my public key in "authorized keys" but still asks for password.
I tried to disable totally password authentication (in /etc/ssh/sshd_conf) to see what happens, and I get "bad pub key".
The pub key is sent by the client (ssh -vvv) :
----
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /home/me/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,password
debug1: Trying private key: /home/me/.ssh/id_dsa
----
## Next key (rsa was the good one)
I checked "sshd_config" and ".ssh" permissions
Now I just want to be able to see what happens on the server side.
I checked my "/var/log/auth" and "/var/log/secure", but no file here.
In the config, I configured logs as follows :
SyslogFacility AUTH
LogLevel DEBUG
How can I debug my situation without using deep network sniffing ? Is it possible to redirect Sshd output to a logfile or std ?
Thank you
Best Answer
The way to see what is going on on the server is to start the sshd daemon with these options:
The two options are (from the Man page):
This should be plenty. For the past, it depends on your distro. I get messages in /var/log/auth.log, but you can search for messages relating to ssh in the same directory by means of
which will output the names of all files containing the expression
ssh. You will then have to check their content.