1. Forum
  2. Usenet
  3. LINUX.DEBIAN.USER.ITALIAN

  • Non riesco a connettermi ad un server ssh da un particolare client

    From Leandro Noferini@21:1/5 to All on Thu Jul 20 12:00:01 2023
    Ciao a tutti,

    ho un server ssh al quale mi connetto regolarmente da molti client ma non riesco
    da uno in particolare e non capisco perché. Il server accetta esclusivamente autenticazione via chiave.

    Se provo a collegarmi al server dal client problematico ho questo log (anonimizzato, ovviamente) nel quale non riesco a trovare errori:

       ~  ssh -v dominio.org
    OpenSSH_9.3p1, OpenSSL 3.1.1 30 May 2023
    debug1: Reading configuration data /home/utente/.ssh/config
    debug1: Reading configuration data /etc/ssh/ssh_config
    debug1: Connecting to dominio.org [IP.IP.IP.IP] port 22.
    debug1: Connection established.
    debug1: identity file /home/utente/.ssh/id_rsa type 0
    debug1: identity file /home/utente/.ssh/id_rsa-cert type -1
    debug1: identity file /home/utente/.ssh/id_ecdsa type -1
    debug1: identity file /home/utente/.ssh/id_ecdsa-cert type -1
    debug1: identity file /home/utente/.ssh/id_ecdsa_sk type -1
    debug1: identity file /home/utente/.ssh/id_ecdsa_sk-cert type -1
    debug1: identity file /home/utente/.ssh/id_ed25519 type 3
    debug1: identity file /home/utente/.ssh/id_ed25519-cert type -1
    debug1: identity file /home/utente/.ssh/id_ed25519_sk type -1
    debug1: identity file /home/utente/.ssh/id_ed25519_sk-cert type -1
    debug1: identity file /home/utente/.ssh/id_xmss type -1
    debug1: identity file /home/utente/.ssh/id_xmss-cert type -1
    debug1: identity file /home/utente/.ssh/id_dsa type -1
    debug1: identity file /home/utente/.ssh/id_dsa-cert type -1
    debug1: Local version string SSH-2.0-OpenSSH_9.3
    debug1: Remote protocol version 2.0, remote software version OpenSSH_8.4p1
    Debian-5+deb11u1
    debug1: compat_banner: match: OpenSSH_8.4p1 Debian-5+deb11u1 pat OpenSSH*
    compat 0x04000000
    debug1: Authenticating to dominio.org:22 as 'utente'
    debug1: load_hostkeys: fopen /home/utente/.ssh/known_hosts2: No such file or
    directory
    debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or
    directory
    debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or
    directory
    debug1: SSH2_MSG_KEXINIT sent
    debug1: SSH2_MSG_KEXINIT received
    debug1: kex: algorithm: curve25519-sha256
    debug1: kex: host key algorithm: ssh-ed25519
    debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC:
    <implicit> compression: none
    debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC:
    <implicit> compression: none
    debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
    debug1: SSH2_MSG_KEX_ECDH_REPLY received
    debug1: Server host key: ssh-ed25519
    SHA256:/6jSA7Pc5b3+/ashKdTnDbiF0VF8VE4rxaKTzl6e+Z8
    debug1: load_hostkeys: fopen /home/utente/.ssh/known_hosts2: No such file or
    directory
    debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or
    directory
    debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or
    directory
    debug1: Host 'dominio.org' is known and matches the ED25519 host key.
    debug1: Found key in /home/utente/.ssh/known_hosts:343
    debug1: rekey out after 134217728 blocks
    debug1: SSH2_MSG_NEWKEYS sent
    debug1: expecting SSH2_MSG_NEWKEYS
    debug1: SSH2_MSG_NEWKEYS received
    debug1: rekey in after 134217728 blocks
    debug1: get_agent_identities: bound agent to hostkey
    debug1: get_agent_identities: agent returned 2 keys
    debug1: Will attempt key: /home/utente/.ssh/id_ed25519 ED25519
    SHA256:ID_DELLA_CHIAVE_ED25519 agent
    debug1: Will attempt key: /home/utente/.ssh/id_rsa RSA
    SHA256:ID_DELLA_CHIAVE_RSA agent
    debug1: Will attempt key: /home/utente/.ssh/id_ecdsa
    debug1: Will attempt key: /home/utente/.ssh/id_ecdsa_sk
    debug1: Will attempt key: /home/utente/.ssh/id_ed25519_sk
    debug1: Will attempt key: /home/utente/.ssh/id_xmss
    debug1: Will attempt key: /home/utente/.ssh/id_dsa
    debug1: SSH2_MSG_EXT_INFO received
    debug1: kex_input_ext_info:
    server-sig-algs=<ssh-ed25519,sk-ssh-ed25519@openssh.com,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ecdsa-sha2-nistp256@openssh.com,webauthn-sk-ecdsa-sha2-nistp256@openssh.com>
    debug1: SSH2_MSG_SERVICE_ACCEPT received
    debug1: Authentications that can continue: publickey
    debug1: Next authentication method: publickey
    debug1: Offering public key: /home/utente/.ssh/id_ed25519 ED25519
    SHA256:ID_DELLA_CHIAVE_ED25519 agent
    debug1: Authentications that can continue: publickey
    debug1: Offering public key: /home/utente/.ssh/id_rsa RSA
    SHA256:ID_DELLA_CHIAVE_RSA agent
    debug1: Authentications that can continue: publickey
    debug1: Trying private key: /home/utente/.ssh/id_ecdsa
    debug1: Trying private key: /home/utente/.ssh/id_ecdsa_sk
    debug1: Trying private key: /home/utente/.ssh/id_ed25519_sk
    debug1: Trying private key: /home/utente/.ssh/id_xmss
    debug1: Trying private key: /home/utente/.ssh/id_dsa
    debug1: No more authentication methods to try.
    utente@dominio.org: Permission denied (publickey).

    Ovviamente le chiavi rsa e ed25519 sembrerebbero al loro posto sul server.

    --
    ciao
    leandro

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Giancarlo Martini@21:1/5 to All on Thu Jul 20 13:40:01 2023
    Sembra che non trovi /home/utente/.ssh/know_host...
    forse sarà per quello. Puoi provare ad aggiungere un altra chiave?

    Il gio 20 lug 2023, 11:57 Leandro Noferini <lnoferin@cybervalley.org> ha scritto:

    Ciao a tutti,

    ho un server ssh al quale mi connetto regolarmente da molti client ma non riesco
    da uno in particolare e non capisco perché. Il server accetta
    esclusivamente
    autenticazione via chiave.

    Se provo a collegarmi al server dal client problematico ho questo log (anonimizzato, ovviamente) nel quale non riesco a trovare errori:

       ~  ssh -v dominio.org
    OpenSSH_9.3p1, OpenSSL 3.1.1 30 May 2023
    debug1: Reading configuration data /home/utente/.ssh/config
    debug1: Reading configuration data /etc/ssh/ssh_config
    debug1: Connecting to dominio.org [IP.IP.IP.IP] port 22.
    debug1: Connection established.
    debug1: identity file /home/utente/.ssh/id_rsa type 0
    debug1: identity file /home/utente/.ssh/id_rsa-cert type -1
    debug1: identity file /home/utente/.ssh/id_ecdsa type -1
    debug1: identity file /home/utente/.ssh/id_ecdsa-cert type -1
    debug1: identity file /home/utente/.ssh/id_ecdsa_sk type -1
    debug1: identity file /home/utente/.ssh/id_ecdsa_sk-cert type -1
    debug1: identity file /home/utente/.ssh/id_ed25519 type 3
    debug1: identity file /home/utente/.ssh/id_ed25519-cert type -1
    debug1: identity file /home/utente/.ssh/id_ed25519_sk type -1
    debug1: identity file /home/utente/.ssh/id_ed25519_sk-cert type -1
    debug1: identity file /home/utente/.ssh/id_xmss type -1
    debug1: identity file /home/utente/.ssh/id_xmss-cert type -1
    debug1: identity file /home/utente/.ssh/id_dsa type -1
    debug1: identity file /home/utente/.ssh/id_dsa-cert type -1
    debug1: Local version string SSH-2.0-OpenSSH_9.3
    debug1: Remote protocol version 2.0, remote software version OpenSSH_8.4p1
    Debian-5+deb11u1
    debug1: compat_banner: match: OpenSSH_8.4p1 Debian-5+deb11u1 pat OpenSSH*
    compat 0x04000000
    debug1: Authenticating to dominio.org:22 as 'utente'
    debug1: load_hostkeys: fopen /home/utente/.ssh/known_hosts2: No such file
    or
    directory
    debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or
    directory
    debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or
    directory
    debug1: SSH2_MSG_KEXINIT sent
    debug1: SSH2_MSG_KEXINIT received
    debug1: kex: algorithm: curve25519-sha256
    debug1: kex: host key algorithm: ssh-ed25519
    debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC:
    <implicit> compression: none
    debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC:
    <implicit> compression: none
    debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
    debug1: SSH2_MSG_KEX_ECDH_REPLY received
    debug1: Server host key: ssh-ed25519
    SHA256:/6jSA7Pc5b3+/ashKdTnDbiF0VF8VE4rxaKTzl6e+Z8
    debug1: load_hostkeys: fopen /home/utente/.ssh/known_hosts2: No such file
    or
    directory
    debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or
    directory
    debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or
    directory
    debug1: Host 'dominio.org' is known and matches the ED25519 host key.
    debug1: Found key in /home/utente/.ssh/known_hosts:343
    debug1: rekey out after 134217728 blocks
    debug1: SSH2_MSG_NEWKEYS sent
    debug1: expecting SSH2_MSG_NEWKEYS
    debug1: SSH2_MSG_NEWKEYS received
    debug1: rekey in after 134217728 blocks
    debug1: get_agent_identities: bound agent to hostkey
    debug1: get_agent_identities: agent returned 2 keys
    debug1: Will attempt key: /home/utente/.ssh/id_ed25519 ED25519
    SHA256:ID_DELLA_CHIAVE_ED25519 agent
    debug1: Will attempt key: /home/utente/.ssh/id_rsa RSA
    SHA256:ID_DELLA_CHIAVE_RSA agent
    debug1: Will attempt key: /home/utente/.ssh/id_ecdsa
    debug1: Will attempt key: /home/utente/.ssh/id_ecdsa_sk
    debug1: Will attempt key: /home/utente/.ssh/id_ed25519_sk
    debug1: Will attempt key: /home/utente/.ssh/id_xmss
    debug1: Will attempt key: /home/utente/.ssh/id_dsa
    debug1: SSH2_MSG_EXT_INFO received
    debug1: kex_input_ext_info:
    server-sig-algs=<ssh-ed25519,sk-ssh-ed25519@openssh.com ,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
    sk-ecdsa-sha2-nistp256@openssh.com, webauthn-sk-ecdsa-sha2-nistp256@openssh.com>
    debug1: SSH2_MSG_SERVICE_ACCEPT received
    debug1: Authentications that can continue: publickey
    debug1: Next authentication method: publickey
    debug1: Offering public key: /home/utente/.ssh/id_ed25519 ED25519
    SHA256:ID_DELLA_CHIAVE_ED25519 agent
    debug1: Authentications that can continue: publickey
    debug1: Offering public key: /home/utente/.ssh/id_rsa RSA
    SHA256:ID_DELLA_CHIAVE_RSA agent
    debug1: Authentications that can continue: publickey
    debug1: Trying private key: /home/utente/.ssh/id_ecdsa
    debug1: Trying private key: /home/utente/.ssh/id_ecdsa_sk
    debug1: Trying private key: /home/utente/.ssh/id_ed25519_sk
    debug1: Trying private key: /home/utente/.ssh/id_xmss
    debug1: Trying private key: /home/utente/.ssh/id_dsa
    debug1: No more authentication methods to try.
    utente@dominio.org: Permission denied (publickey).

    Ovviamente le chiavi rsa e ed25519 sembrerebbero al loro posto sul server.

    --
    ciao
    leandro



    <div dir="auto"><div data-smartmail="gmail_signature">Sembra che non trovi /home/utente/.ssh/know_host... </div><div data-smartmail="gmail_signature" dir="auto">forse sarà per quello. Puoi provare ad aggiungere un altra chiave? </div></div><br><div
    class="gmail_quote"><div dir="ltr" class="gmail_attr">Il gio 20 lug 2023, 11:57 Leandro Noferini &lt;<a href="mailto:lnoferin@cybervalley.org" target="_blank" rel="noreferrer">lnoferin@cybervalley.org</a>&gt; ha scritto:<br></div><blockquote class="gmail_
    quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Ciao a tutti,<br>

    ho un server ssh al quale mi connetto regolarmente da molti client ma non riesco<br>
    da uno in particolare e non capisco perché. Il server accetta esclusivamente<br>
    autenticazione via chiave.<br>

    Se provo a collegarmi al server dal client problematico ho questo log<br> (anonimizzato, ovviamente) nel quale non riesco a trovare errori:<br>

        ~  ssh -v <a href="http://dominio.org" rel="noreferrer noreferrer noreferrer" target="_blank">dominio.org</a><br>
     OpenSSH_9.3p1, OpenSSL 3.1.1 30 May 2023<br>
     debug1: Reading configuration data /home/utente/.ssh/config<br>
     debug1: Reading configuration data /etc/ssh/ssh_config<br>
     debug1: Connecting to <a href="http://dominio.org" rel="noreferrer noreferrer noreferrer" target="_blank">dominio.org</a> [IP.IP.IP.IP] port 22.<br>
     debug1: Connection established.<br>
     debug1: identity file /home/utente/.ssh/id_rsa type 0<br>
     debug1: identity file /home/utente/.ssh/id_rsa-cert type -1<br>
     debug1: identity file /home/utente/.ssh/id_ecdsa type -1<br>
     debug1: identity file /home/utente/.ssh/id_ecdsa-cert type -1<br>
     debug1: identity file /home/utente/.ssh/id_ecdsa_sk type -1<br>
     debug1: identity file /home/utente/.ssh/id_ecdsa_sk-cert type -1<br>  debug1: identity file /home/utente/.ssh/id_ed25519 type 3<br>
     debug1: identity file /home/utente/.ssh/id_ed25519-cert type -1<br>
     debug1: identity file /home/utente/.ssh/id_ed25519_sk type -1<br>
     debug1: identity file /home/utente/.ssh/id_ed25519_sk-cert type -1<br>  debug1: identity file /home/utente/.ssh/id_xmss type -1<br>
     debug1: identity file /home/utente/.ssh/id_xmss-cert type -1<br>
     debug1: identity file /home/utente/.ssh/id_dsa type -1<br>
     debug1: identity file /home/utente/.ssh/id_dsa-cert type -1<br>
     debug1: Local version string SSH-2.0-OpenSSH_9.3<br>
     debug1: Remote protocol version 2.0, remote software version OpenSSH_8.4p1<br>
     Debian-5+deb11u1<br>
     debug1: compat_banner: match: OpenSSH_8.4p1 Debian-5+deb11u1 pat OpenSSH*<br>  compat 0x04000000<br>
     debug1: Authenticating to <a href="http://dominio.org:22" rel="noreferrer noreferrer noreferrer" target="_blank">dominio.org:22</a> as &#39;utente&#39;<br>
     debug1: load_hostkeys: fopen /home/utente/.ssh/known_hosts2: No such file or<br>
     directory<br>
     debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or<br>  directory<br>
     debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or<br>  directory<br>
     debug1: SSH2_MSG_KEXINIT sent<br>
     debug1: SSH2_MSG_KEXINIT received<br>
     debug1: kex: algorithm: curve25519-sha256<br>
     debug1: kex: host key algorithm: ssh-ed25519<br>
     debug1: kex: server-&gt;client cipher: <a href="mailto:chacha20-poly1305@openssh.com" rel="noreferrer noreferrer" target="_blank">chacha20-poly1305@openssh.com</a> MAC:<br>
     &lt;implicit&gt; compression: none<br>
     debug1: kex: client-&gt;server cipher: <a href="mailto:chacha20-poly1305@openssh.com" rel="noreferrer noreferrer" target="_blank">chacha20-poly1305@openssh.com</a> MAC:<br>
     &lt;implicit&gt; compression: none<br>
     debug1: expecting SSH2_MSG_KEX_ECDH_REPLY<br>
     debug1: SSH2_MSG_KEX_ECDH_REPLY received<br>
     debug1: Server host key: ssh-ed25519<br>  SHA256:/6jSA7Pc5b3+/ashKdTnDbiF0VF8VE4rxaKTzl6e+Z8<br>
     debug1: load_hostkeys: fopen /home/utente/.ssh/known_hosts2: No such file or<br>
     directory<br>
     debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or<br>  directory<br>
     debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or<br>  directory<br>
     debug1: Host &#39;<a href="http://dominio.org" rel="noreferrer noreferrer noreferrer" target="_blank">dominio.org</a>&#39; is known and matches the ED25519 host key.<br>
     debug1: Found key in /home/utente/.ssh/known_hosts:343<br>
     debug1: rekey out after 134217728 blocks<br>
     debug1: SSH2_MSG_NEWKEYS sent<br>
     debug1: expecting SSH2_MSG_NEWKEYS<br>
     debug1: SSH2_MSG_NEWKEYS received<br>
     debug1: rekey in after 134217728 blocks<br>
     debug1: get_agent_identities: bound agent to hostkey<br>
     debug1: get_agent_identities: agent returned 2 keys<br>
     debug1: Will attempt key: /home/utente/.ssh/id_ed25519 ED25519<br>  SHA256:ID_DELLA_CHIAVE_ED25519 agent<br>
     debug1: Will attempt key: /home/utente/.ssh/id_rsa RSA<br>  SHA256:ID_DELLA_CHIAVE_RSA agent<br>
     debug1: Will attempt key: /home/utente/.ssh/id_ecdsa <br>
     debug1: Will attempt key: /home/utente/.ssh/id_ecdsa_sk <br>
     debug1: Will attempt key: /home/utente/.ssh/id_ed25519_sk <br>
     debug1: Will attempt key: /home/utente/.ssh/id_xmss <br>
     debug1: Will attempt key: /home/utente/.ssh/id_dsa <br>
     debug1: SSH2_MSG_EXT_INFO received<br>
     debug1: kex_input_ext_info:<br>
     server-sig-algs=&lt;ssh-ed25519,<a href="mailto:sk-ssh-ed25519@openssh.com" rel="noreferrer noreferrer" target="_blank">sk-ssh-ed25519@openssh.com</a>,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,
    <a href="mailto:sk-ecdsa-sha2-nistp256@openssh.com" rel="noreferrer noreferrer" target="_blank">sk-ecdsa-sha2-nistp256@openssh.com</a>,<a href="mailto:webauthn-sk-ecdsa-sha2-nistp256@openssh.com" rel="noreferrer noreferrer" target="_blank">webauthn-sk-
    ecdsa-sha2-nistp256@openssh.com</a>&gt;<br>
     debug1: SSH2_MSG_SERVICE_ACCEPT received<br>
     debug1: Authentications that can continue: publickey<br>
     debug1: Next authentication method: publickey<br>
     debug1: Offering public key: /home/utente/.ssh/id_ed25519 ED25519<br>  SHA256:ID_DELLA_CHIAVE_ED25519 agent<br>
     debug1: Authentications that can continue: publickey<br>
     debug1: Offering public key: /home/utente/.ssh/id_rsa RSA<br>  SHA256:ID_DELLA_CHIAVE_RSA agent<br>
     debug1: Authentications that can continue: publickey<br>
     debug1: Trying private key: /home/utente/.ssh/id_ecdsa<br>
     debug1: Trying private key: /home/utente/.ssh/id_ecdsa_sk<br>
     debug1: Trying private key: /home/utente/.ssh/id_ed25519_sk<br>
     debug1: Trying private key: /home/utente/.ssh/id_xmss<br>
     debug1: Trying private key: /home/utente/.ssh/id_dsa<br>
     debug1: No more authentication methods to try.<br>
     <a href="mailto:utente@dominio.org" rel="noreferrer noreferrer" target="_blank">utente@dominio.org</a>: Permission denied (publickey).<br>

    Ovviamente le chiavi rsa e ed25519 sembrerebbero al loro posto sul server.<br>

    -- <br>
    ciao<br>
    leandro<br>

    </blockquote></div>

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Federico Di Gregorio@21:1/5 to Leandro Noferini on Thu Jul 20 14:30:01 2023
    Vedo che stai usando un client nuovo (OpenSSH_9.3p1) per connetterti ad
    un server "vecchio" (OpenSSH_8.4p1). Dalla versione 8.8p1 sono stati disattivati alcuni algoritmi considerati poco sicuri. Puoi provare ad abilitarli per quell'host in .ssh/config (sul client):

    Host dominio.org
    HostkeyAlgorithms +ssh-rsa
    PubkeyAcceptedAlgorithms +ssh-rsa

    Ciao,

    federico


    On 20/07/23 11:56, Leandro Noferini wrote:
    Ciao a tutti,

    ho un server ssh al quale mi connetto regolarmente da molti client ma non riesco
    da uno in particolare e non capisco perché. Il server accetta esclusivamente autenticazione via chiave.

    Se provo a collegarmi al server dal client problematico ho questo log (anonimizzato, ovviamente) nel quale non riesco a trovare errori:

       ~  ssh -v dominio.org
    OpenSSH_9.3p1, OpenSSL 3.1.1 30 May 2023
    debug1: Reading configuration data /home/utente/.ssh/config
    debug1: Reading configuration data /etc/ssh/ssh_config
    debug1: Connecting to dominio.org [IP.IP.IP.IP] port 22.
    debug1: Connection established.
    debug1: identity file /home/utente/.ssh/id_rsa type 0
    debug1: identity file /home/utente/.ssh/id_rsa-cert type -1
    debug1: identity file /home/utente/.ssh/id_ecdsa type -1
    debug1: identity file /home/utente/.ssh/id_ecdsa-cert type -1
    debug1: identity file /home/utente/.ssh/id_ecdsa_sk type -1
    debug1: identity file /home/utente/.ssh/id_ecdsa_sk-cert type -1
    debug1: identity file /home/utente/.ssh/id_ed25519 type 3
    debug1: identity file /home/utente/.ssh/id_ed25519-cert type -1
    debug1: identity file /home/utente/.ssh/id_ed25519_sk type -1
    debug1: identity file /home/utente/.ssh/id_ed25519_sk-cert type -1
    debug1: identity file /home/utente/.ssh/id_xmss type -1
    debug1: identity file /home/utente/.ssh/id_xmss-cert type -1
    debug1: identity file /home/utente/.ssh/id_dsa type -1
    debug1: identity file /home/utente/.ssh/id_dsa-cert type -1
    debug1: Local version string SSH-2.0-OpenSSH_9.3
    debug1: Remote protocol version 2.0, remote software version OpenSSH_8.4p1
    Debian-5+deb11u1
    debug1: compat_banner: match: OpenSSH_8.4p1 Debian-5+deb11u1 pat OpenSSH*
    compat 0x04000000
    debug1: Authenticating to dominio.org:22 as 'utente'
    debug1: load_hostkeys: fopen /home/utente/.ssh/known_hosts2: No such file or
    directory
    debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or
    directory
    debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or
    directory
    debug1: SSH2_MSG_KEXINIT sent
    debug1: SSH2_MSG_KEXINIT received
    debug1: kex: algorithm: curve25519-sha256
    debug1: kex: host key algorithm: ssh-ed25519
    debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC:
    <implicit> compression: none
    debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC:
    <implicit> compression: none
    debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
    debug1: SSH2_MSG_KEX_ECDH_REPLY received
    debug1: Server host key: ssh-ed25519
    SHA256:/6jSA7Pc5b3+/ashKdTnDbiF0VF8VE4rxaKTzl6e+Z8
    debug1: load_hostkeys: fopen /home/utente/.ssh/known_hosts2: No such file or
    directory
    debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or
    directory
    debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or
    directory
    debug1: Host 'dominio.org' is known and matches the ED25519 host key.
    debug1: Found key in /home/utente/.ssh/known_hosts:343
    debug1: rekey out after 134217728 blocks
    debug1: SSH2_MSG_NEWKEYS sent
    debug1: expecting SSH2_MSG_NEWKEYS
    debug1: SSH2_MSG_NEWKEYS received
    debug1: rekey in after 134217728 blocks
    debug1: get_agent_identities: bound agent to hostkey
    debug1: get_agent_identities: agent returned 2 keys
    debug1: Will attempt key: /home/utente/.ssh/id_ed25519 ED25519
    SHA256:ID_DELLA_CHIAVE_ED25519 agent
    debug1: Will attempt key: /home/utente/.ssh/id_rsa RSA
    SHA256:ID_DELLA_CHIAVE_RSA agent
    debug1: Will attempt key: /home/utente/.ssh/id_ecdsa
    debug1: Will attempt key: /home/utente/.ssh/id_ecdsa_sk
    debug1: Will attempt key: /home/utente/.ssh/id_ed25519_sk
    debug1: Will attempt key: /home/utente/.ssh/id_xmss
    debug1: Will attempt key: /home/utente/.ssh/id_dsa
    debug1: SSH2_MSG_EXT_INFO received
    debug1: kex_input_ext_info:
    server-sig-algs=<ssh-ed25519,sk-ssh-ed25519@openssh.com,ssh-rsa,rsa-sha2-256,rsa-sha2-512,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ecdsa-sha2-nistp256@openssh.com,webauthn-sk-ecdsa-sha2-nistp256@openssh.com>
    debug1: SSH2_MSG_SERVICE_ACCEPT received
    debug1: Authentications that can continue: publickey
    debug1: Next authentication method: publickey
    debug1: Offering public key: /home/utente/.ssh/id_ed25519 ED25519
    SHA256:ID_DELLA_CHIAVE_ED25519 agent
    debug1: Authentications that can continue: publickey
    debug1: Offering public key: /home/utente/.ssh/id_rsa RSA
    SHA256:ID_DELLA_CHIAVE_RSA agent
    debug1: Authentications that can continue: publickey
    debug1: Trying private key: /home/utente/.ssh/id_ecdsa
    debug1: Trying private key: /home/utente/.ssh/id_ecdsa_sk
    debug1: Trying private key: /home/utente/.ssh/id_ed25519_sk
    debug1: Trying private key: /home/utente/.ssh/id_xmss
    debug1: Trying private key: /home/utente/.ssh/id_dsa
    debug1: No more authentication methods to try.
    utente@dominio.org: Permission denied (publickey).

    Ovviamente le chiavi rsa e ed25519 sembrerebbero al loro posto sul server.


    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Leandro Noferini@21:1/5 to All on Thu Jul 20 14:20:01 2023
    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Leandro Noferini@21:1/5 to All on Thu Jul 20 17:30:01 2023
    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Leandro Noferini@21:1/5 to Leandro Noferini on Fri Jul 21 10:10:01 2023
    Leandro Noferini <lnoferin@cybervalley.org> writes:

    ho un server ssh al quale mi connetto regolarmente da molti client ma non riesco

    [...]

    Ovviamente le chiavi rsa e ed25519 sembrerebbero al loro posto sul server.

    Ho provato anche a cancellare la directory .ssh del client e rifarne una
    nuova con solo le chiavi pubbliche/private ma il risultato rimane sempre
    lo stesso.

    --
    Ciao
    leandro

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Leandro Noferini@21:1/5 to Federico Di Gregorio on Fri Jul 21 10:30:01 2023
    Federico Di Gregorio <fog@dndg.it> writes:

    Vedo che stai usando un client nuovo (OpenSSH_9.3p1) per connetterti ad un server "vecchio" (OpenSSH_8.4p1). Dalla versione 8.8p1 sono stati disattivati alcuni algoritmi considerati poco sicuri. Puoi provare ad abilitarli per quell'host in .ssh/config (sul client):

    Host dominio.org
    HostkeyAlgorithms +ssh-rsa
    PubkeyAcceptedAlgorithms +ssh-rsa

    Macché, neanche questa cosa ha funzionato.

    --
    Ciao
    leandro

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Federico Di Gregorio@21:1/5 to Leandro Noferini on Fri Jul 21 11:20:02 2023
    On 21/07/23 10:04, Leandro Noferini wrote:
    Federico Di Gregorio <fog@dndg.it> writes:

    Vedo che stai usando un client nuovo (OpenSSH_9.3p1) per connetterti ad un >> server "vecchio" (OpenSSH_8.4p1). Dalla versione 8.8p1 sono stati disattivati
    alcuni algoritmi considerati poco sicuri. Puoi provare ad abilitarli per
    quell'host in .ssh/config (sul client):

    Host dominio.org
    HostkeyAlgorithms +ssh-rsa
    PubkeyAcceptedAlgorithms +ssh-rsa

    Macché, neanche questa cosa ha funzionato.

    Riesci a farci avere il log del server?

    federico

    --
    Federico Di Gregorio federico.digregorio@dndg.it
    DNDG srl http://dndg.it
    Best friends are often failed lovers. -- Me

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Leandro Noferini@21:1/5 to Leandro Noferini on Fri Jul 21 16:50:01 2023
    Leandro Noferini <lnoferin@cybervalley.org> writes:

    Ciao a tutti,

    Ho risolto: era un problema di redirezione delle porte da parte del server di ingresso: come si dice in questi casi, se niente di evidente funziona, cambia prospettiva.

    Grazie a tutti per l'aiuto!

    --
    Ciao
    leandro

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Marco Gaiarin@21:1/5 to All on Fri Jul 21 20:50:01 2023
    Mandi! Federico Di Gregorio
    In chel di` si favelave...

    Riesci a farci avere il log del server?

    Si, a questo punto sono indispensabili.

    Una idea che mi viene in mente è che dall'altra parte la chiave abbia una limitazone (from="") e che magari sia cambiato l'IP da dove cerchi di connetterti...

    --
    Solo una sana e consapevole libidine
    salva il giovane dagli SCOUT e dall'Azione Cattolica!
    (Zucchero, circa O;-)

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)