14

I'm having trouble connecting via ssh from ruby using the 'net-ssh' gem, getting Net::SSH::AuthenticationFailed. The code is below

require 'net/ssh'
keys = ["path_to_private_key"]
Net::SSH.start('host', 'user',:keys => keys, :verbose => :debug) do |ssh|
  #ssh code

end

Using ssh directly from the command line works:

ssh -i <path_to_private_key> user@host

Do I have the the ssh API wrong? I have tried both 'user@host' and just 'user' as the username with the same result.

Here is the debugging output:

D, [2011-07-26T19:42:00.135148 #3511] DEBUG -- net.ssh.transport.session[140b040]: establishing connection to host:22
D, [2011-07-26T19:42:00.164190 #3511] DEBUG -- net.ssh.transport.session[140b040]: connection established
I, [2011-07-26T19:42:00.164344 #3511]  INFO -- net.ssh.transport.server_version[140a3fc]: negotiating protocol version
D, [2011-07-26T19:42:00.192092 #3511] DEBUG -- net.ssh.transport.server_version[140a3fc]: remote is `SSH-2.0-OpenSSH_5.3p1 Debian-3ubuntu3'
D, [2011-07-26T19:42:00.192177 #3511] DEBUG -- net.ssh.transport.server_version[140a3fc]: local is `SSH-2.0-Ruby/Net::SSH_2.1.4 x86_64-linux'
D, [2011-07-26T19:42:00.212348 #3511] DEBUG -- tcpsocket[140aaf0]: read 784 bytes
D, [2011-07-26T19:42:00.212461 #3511] DEBUG -- tcpsocket[140aaf0]: received packet nr 0 type 20 len 780
I, [2011-07-26T19:42:00.212515 #3511]  INFO -- net.ssh.transport.algorithms[13e9058]: got KEXINIT from server
I, [2011-07-26T19:42:00.212604 #3511]  INFO -- net.ssh.transport.algorithms[13e9058]: sending KEXINIT
D, [2011-07-26T19:42:00.212698 #3511] DEBUG -- tcpsocket[140aaf0]: queueing packet nr 0 type 20 len 556
D, [2011-07-26T19:42:00.212741 #3511] DEBUG -- tcpsocket[140aaf0]: sent 560 bytes
I, [2011-07-26T19:42:00.212771 #3511]  INFO -- net.ssh.transport.algorithms[13e9058]: negotiating algorithms
D, [2011-07-26T19:42:00.212859 #3511] DEBUG -- net.ssh.transport.algorithms[13e9058]: negotiated:
* kex: diffie-hellman-group-exchange-sha1
* host_key: ssh-rsa
* encryption_server: aes128-cbc
* encryption_client: aes128-cbc
* hmac_client: hmac-sha1
* hmac_server: hmac-sha1
* compression_client: none
* compression_server: none
* language_client: 
* language_server: 
D, [2011-07-26T19:42:00.212889 #3511] DEBUG -- net.ssh.transport.algorithms[13e9058]: exchanging keys
D, [2011-07-26T19:42:00.212998 #3511] DEBUG -- tcpsocket[140aaf0]: queueing packet nr 1 type 34 len 20
D, [2011-07-26T19:42:00.213033 #3511] DEBUG -- tcpsocket[140aaf0]: sent 24 bytes
D, [2011-07-26T19:42:00.292238 #3511] DEBUG -- tcpsocket[140aaf0]: read 152 bytes
D, [2011-07-26T19:42:00.292389 #3511] DEBUG -- tcpsocket[140aaf0]: received packet nr 1 type 31 len 148
D, [2011-07-26T19:42:00.297526 #3511] DEBUG -- tcpsocket[140aaf0]: queueing packet nr 2 type 32 len 140
D, [2011-07-26T19:42:00.297627 #3511] DEBUG -- tcpsocket[140aaf0]: sent 144 bytes
D, [2011-07-26T19:42:00.321754 #3511] DEBUG -- tcpsocket[140aaf0]: read 720 bytes
D, [2011-07-26T19:42:00.321909 #3511] DEBUG -- tcpsocket[140aaf0]: received packet nr 2 type 33 len 700
D, [2011-07-26T19:42:00.326688 #3511] DEBUG -- tcpsocket[140aaf0]: queueing packet nr 3 type 21 len 20
D, [2011-07-26T19:42:00.326793 #3511] DEBUG -- tcpsocket[140aaf0]: sent 24 bytes
D, [2011-07-26T19:42:00.326927 #3511] DEBUG -- tcpsocket[140aaf0]: received packet nr 3 type 21 len 12
D, [2011-07-26T19:42:00.327325 #3511] DEBUG -- net.ssh.authentication.session[1475c10]: beginning authentication of `user@host'
D, [2011-07-26T19:42:00.327519 #3511] DEBUG -- tcpsocket[140aaf0]: queueing packet nr 4 type 5 len 28
D, [2011-07-26T19:42:00.327604 #3511] DEBUG -- tcpsocket[140aaf0]: sent 52 bytes
D, [2011-07-26T19:42:00.461124 #3511] DEBUG -- tcpsocket[140aaf0]: read 52 bytes
D, [2011-07-26T19:42:00.461199 #3511] DEBUG -- tcpsocket[140aaf0]: received packet nr 4 type 6 len 28
D, [2011-07-26T19:42:00.461260 #3511] DEBUG -- net.ssh.authentication.session[1475c10]: trying publickey
D, [2011-07-26T19:42:00.461370 #3511] DEBUG -- net.ssh.authentication.agent[1470800]: connecting to ssh-agent
E, [2011-07-26T19:42:00.461423 #3511] ERROR -- net.ssh.authentication.agent[1470800]: could not connect to ssh-agent
D, [2011-07-26T19:42:00.461521 #3511] DEBUG -- net.ssh.authentication.methods.publickey[1470bfc]: trying publickey (d7:62:48:07:23:1d:c0:de:80:0d:27:a3:ab:92:72:be)
D, [2011-07-26T19:42:00.461610 #3511] DEBUG -- tcpsocket[140aaf0]: queueing packet nr 5 type 50 len 364
D, [2011-07-26T19:42:00.461648 #3511] DEBUG -- tcpsocket[140aaf0]: sent 388 bytes
D, [2011-07-26T19:42:00.486881 #3511] DEBUG -- tcpsocket[140aaf0]: read 68 bytes
D, [2011-07-26T19:42:00.487057 #3511] DEBUG -- tcpsocket[140aaf0]: received packet nr 5 type 51 len 44
D, [2011-07-26T19:42:00.487186 #3511] DEBUG -- net.ssh.authentication.session[1475c10]: allowed methods: publickey,password
D, [2011-07-26T19:42:00.487261 #3511] DEBUG -- net.ssh.authentication.session[1475c10]: trying password
E, [2011-07-26T19:42:00.487346 #3511] ERROR -- net.ssh.authentication.session[1475c10]: all authorization methods failed (tried publickey, password)

Thanks

Improve this question
2
  • Your code should work, are you sure the "path_to_private_key" is correct in your Ruby code? What does the debugging output show? Commented Jul 26, 2011 at 18:58
  • @jeff-dallien I added the output to the question. Commented Jul 26, 2011 at 20:09

2 Answers 2

Reset to default
12 
$ ssh-keygen -t rsa    
$ ssh-copy-id -i ~/.ssh/id_dsa.pub user@machine
$ ssh user@machine

require 'net/ssh'
require 'logger'

Net::SSH.start(
  'host', 'user',
  :host_key => "ssh-rsa",
  :encryption => "blowfish-cbc",
  :keys => [ "~/.ssh/id_rsa.pub" ],
   :compression => "zlib"
 ) do |session|
   ...
end

That must help you!

Improve this answer
Sign up to request clarification or add additional context in comments.

5 Comments

Thanks, but by the time this question was answered I had long moved past the issue, and forgotten even that I asked it:)
Why does this work but not the original post? Does specifying the host_key, encryption, or compression do it, and if so why?
By the way the keys option in the example above implies that it is looking for a public key, it should be a private key.
This solution works but gives too little a reason as to why.
I know this is ancient at this point, however, I found that if you leave out the encryption, keys, and compression parameters, it still works. It appears to be using defaults for each of those. I think it must be using the id_rsa private key in my ~/.ssh directory by default--which would explain why it is working for some even though the public key is what is specified in the answer. That definitely shouldn't work from a crypto standpoint. If my public key is floating around and you can run commands on my servers via ssh using it, that would not be good--or secure.
0

Please see your error message

 E, [2011-07-26T19:42:00.461423 #3511] ERROR -- net.ssh.authentication.agent[1470800]: could not connect to ssh-agent

 could not connect to ssh-agent

Notice the E denoting the error.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.