From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 2280F139083 for ; Wed, 6 Dec 2017 10:51:55 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 3B052E1138; Wed, 6 Dec 2017 10:51:49 +0000 (UTC) Received: from icp-osb-irony-out9.external.iinet.net.au (icp-osb-irony-out9.external.iinet.net.au [203.59.1.226]) by pigeon.gentoo.org (Postfix) with ESMTP id 34DEBE10CD for ; Wed, 6 Dec 2017 10:51:47 +0000 (UTC) X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: =?us-ascii?q?A2B2FwCLyida/x+mO8tdGwEBAQEDAQEBC?= =?us-ascii?q?QEBAYM9aTY1hCmaciaXGYIBCoU7AoVQQxQBAQEBAQEBAQFrKIUjAQUjZgsNCwI?= =?us-ascii?q?CEQMSAgJXEwgBAYoeqgGCJyECii8BMYEPhh2CEguCd4FJAYMSL1UNAoJHgmMFi?= =?us-ascii?q?j6IXV+PA5UZjAwXhziWU4E4AjYigU5MHxmCZIJdggQ0iDaCIwEBAQ?= X-IPAS-Result: =?us-ascii?q?A2B2FwCLyida/x+mO8tdGwEBAQEDAQEBCQEBAYM9aTY1hCm?= =?us-ascii?q?aciaXGYIBCoU7AoVQQxQBAQEBAQEBAQFrKIUjAQUjZgsNCwICEQMSAgJXEwgBA?= =?us-ascii?q?YoeqgGCJyECii8BMYEPhh2CEguCd4FJAYMSL1UNAoJHgmMFij6IXV+PA5UZjAw?= =?us-ascii?q?XhziWU4E4AjYigU5MHxmCZIJdggQ0iDaCIwEBAQ?= X-IronPort-AV: E=Sophos;i="5.45,367,1508774400"; d="scan'208";a="31607669" Received: from unknown (HELO mail.vm.localdomain) ([203.59.166.31]) by icp-osb-irony-out9.iinet.net.au with ESMTP; 06 Dec 2017 18:51:31 +0800 Received: from localhost (localhost [127.0.0.1]) by mail.vm.localdomain (Postfix) with ESMTP id 93DE16C5F6 for ; Wed, 6 Dec 2017 18:51:31 +0800 (AWST) X-Virus-Scanned: amavisd-new at localdomain Received: from mail.vm.localdomain ([127.0.0.1]) by localhost (mail.vm.localdomain [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ia19JOvB0-Ul for ; Wed, 6 Dec 2017 18:51:25 +0800 (AWST) Received: from [192.168.44.7] (rattus.lan.localdomain [192.168.44.7]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: wdk) by mail.vm.localdomain (Postfix) with ESMTPSA id 0244B6C5F2 for ; Wed, 6 Dec 2017 18:51:24 +0800 (AWST) Subject: Re: [gentoo-user] Re: git wants a password to portage sync To: gentoo-user@lists.gentoo.org References: <970cdea8-836b-02a8-0ab7-e578693cb1cf@iinet.net.au> <3f822d43-9804-38ba-a7f9-0cdfa760d61e@iinet.net.au> <20171205223536.zt2dcyywxagmriq6@matica.foolinux.mooo.com> <92c56489-aebb-20c9-a098-cb315a023d71@gmail.com> From: Bill Kenworthy Message-ID: <3f6a4da3-565c-14ca-7882-f479e0ef8d7f@iinet.net.au> Date: Wed, 6 Dec 2017 18:51:24 +0800 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.4.0 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 In-Reply-To: <92c56489-aebb-20c9-a098-cb315a023d71@gmail.com> Content-Type: text/plain; charset=utf-8 Content-Language: en-AU Content-Transfer-Encoding: 7bit X-Archives-Salt: b527c858-89e6-4ad5-8962-91a1fc86615e X-Archives-Hash: 27b29f56ddcbb326d49589dbdc131b1b On 06/12/17 06:43, Alan McKinnon wrote: > On 06/12/2017 00:35, Ian Zimmerman wrote: >> On 2017-12-06 05:53, Bill Kenworthy wrote: >> >>> No, all machines are set up as keyless ssh - git has never needed it >>> there. In frustration I created keys and set portage up as a keyless >>> ssh account as well, no change. >> >> ssh messages are sometimes misleading. For instance, ssh would say >> something like "pubkey authentication failed" when in fact I prohibited >> root logins on the server. >> >> I'd try connecting with bare ssh as the user in question, with maximum >> verbosity turned on (-vvv). >> > > > The error messages from the ssh client are, by design, intentionally > vague. They amount to a teeny bit more detail than just "something went > wrong", plus the available auth methods listed in parenthesis. > > This is because the sshd server avoids information leakage that > attackers could use. > > To find out why ssh does not work, start by looking at the server logs, > then examine the client is nothing obvious stands out. > Got it! Needed ssh keys for portage@remote from root@local. Its working but no idea why its only this machine that required it. Thanks, BillK