Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SSH Keys Failing #9

Open
nielsen opened this issue Nov 7, 2010 · 2 comments
Open

SSH Keys Failing #9

nielsen opened this issue Nov 7, 2010 · 2 comments

Comments

@nielsen
Copy link

nielsen commented Nov 7, 2010

My SOCKS proxy stopped working, so I went into terminal to see what was going on; the ssh -ND from SS was running, and Switchy! in Chrome thought I was in a SOCKS setup. I went to Network Pref, and I was in an "Untrusted Location" with the proper settings.

I went into the server I tunnel through, and when in auth.log, I saw:

[sheepsafe checking my login; yes, it's good.]
Nov 6 21:53:43 SERVERHOST sshd[2102]: Accepted publickey for USERNAME from IP.ADD.RESS port 52448 ssh2
[me ssh-ing in to check the log]
Nov 6 21:55:33 SERVERHOST sshd[2106]: Accepted publickey for USERNAME from IP.ADD.RESS port 52454 ssh2
Nov 6 21:55:39 SERVERHOST sudo: USERNAME : TTY=pts/0 ; PWD=/home/USERNAME ; USER=root ; COMMAND=/usr/bin/tail /var/log/auth.log -f
[errors abound...]
Nov 6 22:00:13 SERVERHOST sshd[2141]: Failed password for USERNAME from IP.ADD.RESS port 52550 ssh2
Nov 6 22:00:13 SERVERHOST sshd[2141]: last message repeated 2 times
Nov 6 22:00:13 SERVERHOST sshd[1550]: error: connect_to luiendlfea: unknown host (Name or service not known)
Nov 6 22:00:14 SERVERHOST sshd[1550]: error: connect_to cdpkwpycrw: unknown host (Name or service not known)
Nov 6 22:00:14 SERVERHOST sshd[1550]: error: connect_to jgqrzqxvah: unknown host (Name or service not known)
Nov 6 22:00:15 SERVERHOST sshd[2143]: Failed password for USERNAME from IP.ADD.RESS port 52554 ssh2
Nov 6 22:00:16 SERVERHOST sshd[2143]: last message repeated 2 times
Nov 6 22:00:16 SERVERHOST sshd[2145]: Failed password for USERNAME from IP.ADD.RESS port 52557 ssh2
Nov 6 22:00:18 SERVERHOST sshd[2145]: last message repeated 2 times
Nov 6 22:00:18 SERVERHOST sshd[2147]: Failed password for USERNAME from IP.ADD.RESS port 52558 ssh2
Nov 6 22:00:19 SERVERHOST sshd[2147]: last message repeated 2 times
...continues

  • I know my keys work fine; I can ssh in normally.
  • SS knows my keys are fine, because when it calls them in the installation process (to confirm the viability of the proxy), I'm not prompted for a password.
  • I can execute the ssh -ND PORT user@host -p SpecialSSHPort command normally, and it works.

Perhaps it's a problem with the fork? What about explicitly calling Process.fork on ln 72, controller.rb
loop do pid = Process.fork do exec("ssh -ND #{@config.socks_port} #{@config.ssh_host}") end Process.waitpid(pid, 0) sleep 1 end
or using Net::SSH, which handles a password as a parameter:
`require 'net/ssh'
require 'net/ssh/proxy/socks5'

proxy = Net::SSH::Proxy::SOCKS5.new('localhost', config.port)
Net::SSH.start(config.remote_host, config.user, :password => config.pwd, :proxy => proxy) do |ssh|
...
end
`
but there's always the difficulty of how to store it; keychain, maybe?
@nielsen
Copy link
Author

nielsen commented Nov 7, 2010

The strange thing is sheepsafe proxy up works normally.

@nicksieger
Copy link
Owner

That's pretty weird. I myself use password-less login with the ssh key passphrase stored in the keychain.

We could certainly use keychain from within Sheepsafe if necessary using the security command-line tool.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@nicksieger @nielsen