Unable to authenticate to the remote server

Question

Unable to authenticate to the remote server

VishalGujela opened this issue 4 months ago · 4 comments

Hi,
I have been using netopeer2 version 2.2.28 with libnetconf 3.3.3.
Whenever im trying to connect with netopeer2 server im facing this authentication issue.
As i have read the previous similar issues and gone through them but not been able to setup the ssh connection between client and server.
Server Logs:

[INF]: SR: Session 105 (user "root", CID 25) created.
[INF]: SR: Triggering "ietf-netconf-server" "done" event on enabled data.
[INF]: LN: Listening on 0.0.0.0:830 for SSH connections.
[INF]: SR: Triggering "ietf-keystore" "done" event on enabled data.
[INF]: SR: Triggering "ietf-truststore" "done" event on enabled data.
[INF]: SR: Triggering "ietf-netconf-acm" "done" event on enabled data.
[INF]: SR: Triggering "ietf-netconf-acm" "done" event on enabled data.
[INF]: SR: Triggering "ietf-netconf-acm" "done" event on enabled data.
[INF]: SR: Triggering "ietf-netconf-acm" "done" event on enabled data.
[INF]: LN: Accepted a connection on 0.0.0.0:830 from 127.0.0.1:46702.
[INF]: LN: Received an SSH message "request-service" of subtype "ssh-userauth".
[INF]: LN: Received an SSH message "request-auth" of subtype "none".
[ERR]: LN: User "root" not known by the server.
[ERR]: LN: Communication SSH socket unexpectedly closed.

Client Logs:

connect --ssh --host localhost --port 830 --login amantya
nc ERROR: Unable to authenticate to the remote server (no supported authentication methods detected).

I have checked the xml ietf-netconf-server

<netconf-server xmlns="urn:ietf:params:xml:ns:yang:ietf-netconf-server">
  <listen>
    <endpoints>
      <endpoint>
        <name>default-ssh</name>
        <ssh>
          <tcp-server-parameters>
            <local-address>0.0.0.0</local-address>
          </tcp-server-parameters>
          <ssh-server-parameters>
            <server-identity>
              <host-key>
                <name>default-key</name>
                <public-key>
                  <central-keystore-reference>genkey</central-keystore-reference>
                </public-key>
              </host-key>
            </server-identity>
            <client-authentication>
              <users>
                <user>
                  <name>amantya</name>
                  <public-keys>
                    <use-system-keys xmlns="urn:cesnet:libnetconf2-netconf-server"/>
                  </public-keys>
                </user>
              </users>
            </client-authentication>
          </ssh-server-parameters>
        </ssh>
      </endpoint>
    </endpoints>
  </listen>
</netconf-server>

Please let me know if there's anything im missing.
Thanks

Answer 1 · 2024-09-16T10:09:00.000Z

This does not make sense, if you are trying to log as amantya, the server cannot print authentication problems of root. I do not think I can help you with this, are you sure it is the correct output and the actual command you have used?

Answer 2 · 2024-09-16T10:12:40.000Z

My bad i have copied the wrong logs

Here is the updated logs with time
Client Logs:
Mon 16 Sep 2024 10:11:34 AM UTC
amantya@vm88-04:/netopeer2-2.2.28$ cd build/
amantya@vm88-04:/netopeer2-2.2.28/build$ sudo ./netopeer2-cli
[sudo] password for amantya:
rootSorry, try again.
[sudo] password for amantya:

connect --ssh --host localhost --port 830 --login amantya
The authenticity of the host 'localhost' cannot be established.
ssh-rsa key fingerprint is 7b:68:91:06:00:83:7f:fa:7a:c8:a3:66:11:d3:61:0f:dc:47:25:7e.
Are you sure you want to continue connecting (yes/no)? yes
nc ERROR: Unable to authenticate to the remote server (no supported authentication methods detected).
cmd_connect: Connecting to the localhost:830 as user "amantya" failed.

Server Logs
sudo ./netopeer2-server -d -v3
[INF]: SR: Connection 30 created.
[INF]: SR: Session 137 (user "root", CID 30) created.
[INF]: SR: Triggering "ietf-netconf-server" "done" event on enabled data.
[INF]: LN: Listening on 0.0.0.0:830 for SSH connections.
[INF]: SR: Triggering "ietf-keystore" "done" event on enabled data.
[INF]: SR: Triggering "ietf-truststore" "done" event on enabled data.
[INF]: SR: Triggering "ietf-netconf-acm" "done" event on enabled data.
[INF]: SR: Triggering "ietf-netconf-acm" "done" event on enabled data.
[INF]: SR: Triggering "ietf-netconf-acm" "done" event on enabled data.
[INF]: SR: Triggering "ietf-netconf-acm" "done" event on enabled data.
[INF]: LN: Accepted a connection on 0.0.0.0:830 from 127.0.0.1:43492.
[INF]: LN: Received an SSH message "request-service" of subtype "ssh-userauth".
[INF]: LN: Received an SSH message "request-auth" of subtype "none".
[ERR]: LN: Communication SSH socket unexpectedly closed.

Answer 3 · 2024-09-16T10:18:43.000Z

This is a different output. But firstly, please do not run netopeer2-cli as root, there is no reason to. So, based on the server configuration, you can only use public keys to authenticate. Have you set up any in the client? You can check using auth keys. Use just auth to see how to add SSH keys, for example.

Answer 4 · 2024-09-16T10:27:54.000Z

Thanks @michalvasko
After adding auth key the ssh connection established.