Our lab's compute cluster has a two-interface 'gateway' machine which we use to access the cluster nodes. Call this gateway1.publicdomain.com. Normally I access this machine from my laptop, laptop.anydomain.com like this:
ssh joe@gateway1.publicdomain.com
I have set up a public key in .ssh/id_rsa.pub on laptop, and copied that to .ssh/authorized_keys on gateway1. Ordinarily this works fine.
Today I am using a public access point rather than my usual work connection. When I do
ssh joe@gateway1.publicdomain.com
I get the response:
Permission denied (publickey,gssapi-with-mic).
Apparently it won't accept my id_rsa credentials (Problem 1) and I am not prompted for a password (Problem 2) even though ordinarily when I log in from a previously unknown host I am prompted for a password.
I am still able to ssh to gateway1 from another machine (call it otherhost.otherdomain.com) without problem, either with password or (after setting up the relevant id_rsa* files) with publickey authentication. I can also log into otherhost itself using publickey credentials from laptop, so I know there's nothing fundamentally broken about laptop's ssh setup.
Finally, even when I delete my public key form .ssh/authorized_keys on gateway1, I still get the same "Permission denied" message and no password prompt.
So I guess my question is, what can cause gateway1 to reject my publickey credentials from my laptop, and prevent password login, but not from another host? I have confirmed that the id_rsa.pub on laptop and authorized_keys on gateway1 are in sync.
EDIT: I haven't been able to duplicate the problem since I originally posted, because it only happened when I was connected to a particular wireless access point (not belonging to me or to my lab). I still don't know how this could occur.
No comments:
Post a Comment