1

we have BoKS authentication where public key is placed in BoKS db and private key is mapped in putty and pushing it through pageant.

issue:

working for some servers and for some not (observation: working for servers which are not logged in earlier)

upon taking dumps between two observed that, non-working scenario doesn't have publickey coming as incoming packet.

working:

Incoming Packet #0x5, type 51 / 0x33 (SSH2_MSG_USERAUTH_FAILURE)
  00000000  00 00 00 1e 70 75 62 6c 69 63 6b 65 79 2c 6b 65   ....publickkey,ke
  00000010  79 62 6f 61 72 64 2d 69 6e 74 65 72 61 63 74 69   yboard-interacti
  00000020  76 65 00

Non-working:

Incoming packet #0x5 type 51 / 0x33 (SSH2_MSG_USERAUTH_FAILURE)
  00000000  00 00 00 14 6b 65 79 62 6f 61 72 64 2d 69 6e 74   ....keyboard-int
  00000010  65 72 61 63 74 69 76 65 00                        eractive.

Any clues/suggestions?

Thanks in Advance.

hariram manohar
  • 11
  • 1
  • The non-working clients seem to not be configured with the right key, so this option is missing and only the interactive password option is left. The server is probably configured with "PasswordAuthentication no", so authentication fails. I suggest to reinstall the key on these clients. I don't know BoKS, so cannot advise here. – harrymc Dec 28 '20 at 10:36
  • BoKS means clients no need to configure with public key. it will fetch from db which is one across enterprise, servers configuration also i have checked as per articles on internet i didnt find difference much. – hariram manohar Dec 29 '20 at 03:28
  • if any specific configuration is mentioned, i can cross check – hariram manohar Dec 29 '20 at 03:29
  • can someone guide ? where can i check. – hariram manohar Dec 31 '20 at 03:17

1 Answers1

0

issue is resolved. non-working servers are on different BoKS domain altogether, pushed keys to the other domain. now its working.

Thanks.

hariram manohar
  • 11
  • 1