The authentication via RSA/DES key is somehow broken. Sometimes it works, sometimes it does'nt. For example, I try to login to a remot host and ssh will ask for me pass phrase (even tough I added the key to the ssh-agent, and ssh-add -l shows that it is there) and fail even tough I enter the correct pass phrase. If I press CRL+C and try again, it might work fine (without asking for the pass phrase). It's purely random. Sometimes it doesn't work at all.
WIthout further debugging (ssh -v -v -v, sshd -d -d -d), this is untraceable.
It looks like the problem is on the server: ---------------------------------------------- debug: Trying RSA authentication via agent with 'gerald@soliton' debug: Server refused our key. debug: RSA authentication using agent refused. debug: Trying RSA authentication with key 'gerald@soliton' debug: Received RSA challenge from server. Enter passphrase for RSA key 'gerald@soliton': debug: Sending response to host key RSA challenge. debug: Remote: RSA authentication accepted. debug: RSA authentication accepted by server. debug: Requesting pty. debug: Requesting X11 forwarding with authentication spoofing. debug: Requesting authentication agent forwarding. debug: Requesting shell. debug: Entering interactive session. ----------------------------------------------- If I try again five seconds later it'll work: ----------------------------------------------- debug: Trying RSA authentication via agent with 'gerald@soliton' debug: Received RSA challenge from server. debug: Sending response to RSA challenge. debug: Remote: RSA authentication accepted. debug: RSA authentication accepted by server.
You haven't updated either server or the client OpenSSL to 0.9.6, have you?
I have found that RSAAuthentication just doesn't work using the openssh rpms packaged with 7.1. I got asked for a password every time, 'sshd -d -d' on the server and 'ssh -v -v' on the client don't show any attempt to use RSAAuthentication. I removed the Red Hat Linux 7.1 rpms and replaced them with openssh-2.5.2p2 from openssh.com on the server and still had the same problem. After replacing the Openssh on the client, the problems went away. I built openssh-2.5.2p2 from .src.rpm's with 'rpm -bb openssh.spec' after editing the spec file to disable building of the askpass packages.
Public Key Authentications w/ empty passphrase works for me just fine. Client is RHL71, the server either 2.3.0p1 or RHL62 with RHL7 errata 2.5.2p2 recompiled on RHL62.
The problem is no longer present with the current version (openssh-2.5.2p2-5).