I'm experiencing some problems with SSHD on my server.
I'm trying to set up passwordless (pub/pv keys) authentication. It worked for my other servers, but not for this one. The SSHD agent adds my public key in "authorized keys" but still asks for password.
I tried to disable totally password authentication (in /etc/ssh/sshd_conf) to see what happens, and I get "bad pub key".
The pub key is sent by the client (ssh -vvv) :
----
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /home/me/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,password
debug1: Trying private key: /home/me/.ssh/id_dsa
----
## Next key (rsa was the good one)
I checked "sshd_config" and ".ssh" permissions
Now I just want to be able to see what happens on the server side.
I checked my "/var/log/auth" and "/var/log/secure", but no file here.
In the config, I configured logs as follows :
SyslogFacility AUTH
LogLevel DEBUG
How can I debug my situation without using deep network sniffing ? Is it possible to redirect Sshd output to a logfile or std ?
Thank you
Best Answer
The way to see what is going on on the server is to start the sshd daemon with these options:
The two options are (from the Man page):
This should be plenty. For the past, it depends on your distro. I get messages in /var/log/auth.log, but you can search for messages relating to ssh in the same directory by means of
which will output the names of all files containing the expression
ssh
. You will then have to check their content.