.ssh/config

[nabz0r Veteran]

Hey guys,

 

Having some weird problem with my .ssh/config file. Anyway, long story short, when I try to ssh to a machine that I have different username than my local machine it takes my local username and ssh with it, even though I have already specified the username (as below) but when I ssh to a machine that has the same username as my local machine it works without any problem. All others use secureCRT but I want to do it my way  

 

Host fw1
   HostName 1.1.1.1
   User wwk (this works as my tacacs username is the same my local machine)

Host rtr1
   Hostname 2.2.2.2
   User x1wwk (customer device which I have x1 at the front and doesn't work when I use ssh with out specifying username)

Host lnx-jump 
   Hostname 3.3.3.3
   User companywwk (this doesn't work either as I have to specify the username)

All input are welcome.

[+BudMan MVC]

take it this from a windows box since you mention securecrt that others are using.

 

You sure its reading your config file?  Do your ssh with -v so you get debug info..

 

Example, I have a host entry in my .ssh/config file and you can see that it read it and the path and finds my ubuntu entry

 

host ubuntu
hostname ubuntu.local.lan
user user

 

When I connect using it

 

[nabz0r Veteran]

I already tried with -v and I say my local username. Yesterday I changed permission to 600 in my config file and I just tried and it seems to be working from my Arch and Mac. 

I need to try this from my Ubuntu work laptop (I use linux full-time now) and see if it works when I change permission.

[+BudMan MVC]

yeah you specific perms set on the config file or it will not use it.

[nabz0r Veteran]

As I expected, it doesn't work on my Ubuntu. These have two different username x1wwk and balr0g but it still takes my local username.

The config file permission 600 just like my Arch and Mac.

OpenSSH_7.2p2 Ubuntu-4ubuntu2.2, OpenSSL 1.0.2g  1 Mar 2016
debug1: Reading configuration data /home/wwk/.ssh/config
debug1: /home/wwk2/.ssh/config line 668: Applying options for hawkeye
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Authenticating to 192.x.x.x:xx as 'wwk'
debug1: Next authentication method: password
wwk@192.x.x.x's password:

ssh -v wwk-fw1 
debug1: /home/wwk/.ssh/config line 388: Applying options for wwk-fw1
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to 10.x.x.x [10.x.x.x] port xx.
debug1: Connection established.
debug1: Authenticating to 10.x.x.x:xx as 'wwk'
debug1: Host '10.x.x.x' is known and matches the RSA host key.
debug1: Found key in /home/wwk/.ssh/known_hosts:4
debug1: Next authentication method: password
wwk@10.x.x.x's password: 

 

Edited July 24, 2017 by Walid W.

[nabz0r Veteran]

Any other suggestions? Still not working as expected and it's getting a little annoying.

[+BudMan MVC]

debug1: /etc/ssh/ssh_config line 19: Applying options for *

 

That is a problem unless you obscured it on purpose?

 

There doesn't seem to be any options for

debug1: /home/wwk/.ssh/config line 388: Applying options for wwk-fw1

 

line 388 and 668 how fing big is your config??

[nabz0r Veteran]

No I haven't anything in purpose except IP addresses. Anyway this is what it is in my line 19:

It's very big 740 lines.

 

I have the same config file in my Arch and it works fine but Ubuntu just keeps ignoring my User in the config file.

18 ##############################################
 19 # XXX XXX DC1
 20 ##############################################
 21 Host somthing.net
 22     HostName 1x.x.x.x
 23     User wwk
 24 
 25 Host something.net
 26     HostName 1x.x.x.x
 27     User wwk

388 ##############################################
389 # XXX XXX DC5
390 ##############################################

688     User wwk

 

[GrayW]

5 minutes ago, nabz0r said:

It's very big 740 lines.

 

Holy s*** :D!

 

I'd always defer to @BudMan's knowledge over mine but is this something to look at?

 

debug1: Reading configuration data /home/wwk/.ssh/config

debug1: /home/wwk2/.ssh/config line 668: Applying options for hawkeye

debug1: Reading configuration data /etc/ssh/ssh_config

debug1: /etc/ssh/ssh_config line 19: Applying options for *

 

It starts off grabbing your config data from .ssh/config and then also applies config from /ssh/ssh_config for *  (* being a generic host configuration, usually applied after specifics I think?)

 

Do you have some competing configuration options perhaps?

 

[+BudMan MVC]

yeah the * is odd like its not seeing what you have in your user config and is maybe using the one in /etc/?

 

What is in that config?  The one in /etc/ssh/ssh_config?  On line 19?

[nabz0r Veteran]

No the username is correct it is wwk not wwk2. Typo surely.

Yes, it is very weird it starts with .ssh/config then takes something from ssh/ssh_config.

No I don't have any other config file excpet the default /etc/ssh/ssh_config file which is the below code, nothing unusual. 

4 hours ago, GrayW said:

Holy s*** :D!

 

I'd always defer to @BudMan's knowledge over mine but is this something to look at?

 

debug1: Reading configuration data /home/wwk/.ssh/config

debug1: /home/wwk2/.ssh/config line 668: Applying options for hawkeye

debug1: Reading configuration data /etc/ssh/ssh_config

debug1: /etc/ssh/ssh_config line 19: Applying options for *

 

It starts off grabbing your config data from .ssh/config and then also applies config from /ssh/ssh_config for *  (* being a generic host configuration, usually applied after specifics I think?)

 

Do you have some competing configuration options perhaps?

 

The line 19 in my ssh/_ssh_config is the default ssh config file.

I have already tried to uncomment Host * the same resault but this time it didn't apply anything from /etc/ssh/ssh_config

  2 # This is the ssh client system-wide configuration file.  See
  3 # ssh_config(5) for more information.  This file provides defaults for
  4 # users, and the values can be changed in per-user configuration files
  5 # or on the command line.
  6 
  7 # Configuration data is parsed as follows:
  8 #  1. command line options
  9 #  2. user-specific file
 10 #  3. system-wide file
 11 # Any configuration value is only changed the first time it is set.
 12 # Thus, host-specific definitions should be at the beginning of the
 13 # configuration file, and defaults at the end.
 14 
 15 # Site-wide defaults for some commonly used options.  For a comprehensive
 16 # list of available options, their meanings and defaults, please see the
 17 # ssh_config(5) man page.
 18 
 19 Host *
 20 #   ForwardAgent no

 

[nabz0r Veteran]

I just removed ssh and all its file but it's the same issue after I installed it. It still tries with the defualt username.

Anyway, after installing I don't see the /etc/ssh/ssh_config file anymore, I only have /etc/ssh/sshd_config this time. VERY strange.

 

I guess there is something spooky about Ubuntu, it works fine in my Arch. I guess I am going to re-install Arch my work machine, perhaps it's better to fix .1x cert for my Arch then working with this crap!

[+BudMan MVC]

That file is standard, and the host * is there on my ubuntu system.. But I can also create my own config and put in host and works just fine.

 

From my ubuntu system.

 

user@ubuntu:~/.ssh$ lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description:    Ubuntu 14.04.5 LTS
Release:        14.04
Codename:       trusty
user@ubuntu:~/.ssh$ ls -la
total 24
drwxrwxr-x 2 user user 4096 Jul 25 21:16 .
drwxr-xr-x 7 user user 4096 Mar 25 08:10 ..
-rw-rw-r-- 1 user user   84 Jun 16  2016 authorized_keys
-rw-r--r-- 1 user user   47 Jul 25 21:21 config
-rw------- 1 user user 1679 Apr 12  2016 id_rsa
-rw-r--r-- 1 user user 1776 Jul 25 21:20 known_hosts
user@ubuntu:~/.ssh$ cat config
host pi
hostname pi.local.lan
user testconfig
user@ubuntu:~/.ssh$ ssh pi
testconfig@pi.local.lan's password:

user@ubuntu:~/.ssh$ ssh -v pi
OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014
debug1: Reading configuration data /home/user/.ssh/config
debug1: /home/user/.ssh/config line 1: Applying options for pi
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Hostname has changed; re-reading configuration
debug1: Reading configuration data /home/user/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to pi.local.lan [192.168.3.31] port 22.
debug1: Connection established.
debug1: identity file /home/user/.ssh/id_rsa type -1
debug1: identity file /home/user/.ssh/id_rsa-cert type -1
debug1: identity file /home/user/.ssh/id_dsa type -1
debug1: identity file /home/user/.ssh/id_dsa-cert type -1
debug1: identity file /home/user/.ssh/id_ecdsa type -1
debug1: identity file /home/user/.ssh/id_ecdsa-cert type -1
debug1: identity file /home/user/.ssh/id_ed25519 type -1
debug1: identity file /home/user/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.6.1p1 Ubuntu-2ubuntu2.8
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.7p1 Raspbian-5+deb8u3
debug1: match: OpenSSH_6.7p1 Raspbian-5+deb8u3 pat OpenSSH* compat 0x04000000
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-sha1-etm@openssh.com none
debug1: kex: client->server aes128-ctr hmac-sha1-etm@openssh.com none
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ECDSA a0:cd:24:8c:b9:4d:a8:c4:06:42:86:a2:c6:a7:46:27
debug1: Host 'pi.local.lan' is known and matches the ECDSA host key.
debug1: Found key in /home/user/.ssh/known_hosts:7
debug1: ssh_ecdsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Trying private key: /home/user/.ssh/id_rsa
debug1: key_parse_private2: missing begin marker
debug1: read PEM private key done: type RSA
debug1: Authentications that can continue: publickey,password
debug1: Trying private key: /home/user/.ssh/id_dsa
debug1: Trying private key: /home/user/.ssh/id_ecdsa
debug1: Trying private key: /home/user/.ssh/id_ed25519
debug1: Next authentication method: password
testconfig@pi.local.lan's password:

user@ubuntu:~/.ssh$

 

You can see what version of ubuntu I am running you can see that I am user on the box, I put in entry in my config file for user testconfig and just hit ssh pi, and that is the user account it uses, you can see from -v that its reading my config and the default config with the host * in there.. But there is no config in that /etc/ssh/config for for host *

 

You sure you have the same config?

21 Host somthing.net

22     HostName 1x.x.x.x

23     User wwk

 

You have fqdn there with something.net  for your host, if you don't call that name then it won't use that config.

[nabz0r Veteran]

[walwar@arch .ssh]$ ls -la
total 28
drwx------  2 walwar walwar  4096 26 jul 00.45 .
drwx------ 20 walwar walwar  4096 26 jul 10.00 ..
-rw-------  1 walwar walwar 13171 26 jul 00.28 config
-rw-r--r--  1 walwar walwar  1185 26 jul 10.01 known_hosts

Host wwk-sw1
    Hostname 10.2.2.250
    User balr0g

[walwar@arch .ssh]$ ping wwk-sw1 
PING wwk-sw1 (10.2.2.250) 56(84) bytes of data.
64 bytes from wwk-sw1 (10.2.2.250): icmp_seq=1 ttl=255 time=7.15 ms
64 bytes from wwk-sw1 (10.2.2.250): icmp_seq=2 ttl=255 time=6.20 ms

[walwar@arch .ssh]$ ssh -v wwk-sw1 
OpenSSH_7.5p1, OpenSSL 1.1.0f  25 May 2017
debug1: Reading configuration data /home/walwar/.ssh/config
debug1: /home/walwar/.ssh/config line 425: Applying options for wwk-sw1
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Connecting to 10.2.2.250 [10.2.2.250] port 22.
debug1: Connection established.
debug1: key_load_public: No such file or directory
debug1: identity file /home/walwar/.ssh/id_rsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/walwar/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/walwar/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/walwar/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/walwar/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/walwar/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/walwar/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/walwar/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.5
debug1: Remote protocol version 2.0, remote software version Cisco-1.25
debug1: match: Cisco-1.25 pat Cisco-1.* compat 0x60000000
debug1: Authenticating to 10.2.2.250:22 as 'walwar'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: diffie-hellman-group-exchange-sha1
debug1: kex: host key algorithm: ssh-rsa
debug1: kex: server->client cipher: aes128-ctr MAC: hmac-sha1 compression: none
debug1: kex: client->server cipher: aes128-ctr MAC: hmac-sha1 compression: none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(2048<4096<8192) sent
debug1: got SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: got SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: ssh-rsa SHA256:SDFeefasdfuk4jsadi4419s/KIJGreru88324m
debug1: Host '10.2.2.250' is known and matches the RSA host key.
debug1: Found key in /home/walwar/.ssh/known_hosts:3
debug1: rekey after 4294967296 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey after 4294967296 blocks
debug1: SSH2_MSG_SERVICE_ACCEPT received

=========================================================================================
wwk-sw1.wardak.local
=========================================================================================
motd
=========================================================================================
debug1: Authentications that can continue: publickey,keyboard-interactive,password
debug1: Next authentication method: publickey
debug1: Trying private key: /home/walwar/.ssh/id_rsa
debug1: Trying private key: /home/walwar/.ssh/id_dsa
debug1: Trying private key: /home/walwar/.ssh/id_ecdsa
debug1: Trying private key: /home/walwar/.ssh/id_ed25519
debug1: Next authentication method: keyboard-interactive

 I ended up installing Arch last night, and when I tested it last night it worked just fine and I was happy.

Today at it defaults to my local username as you can se. I haven't done anything weird except converted som certs and fixed my 802.1x to be able to surf nothing else.

 

 

[+BudMan MVC]

very odd indeed..  Your most likely going to have to get on a openssh board..

 

Says its reading and apply the correct settting, but then it goes and authenticates with wrong user name.

[nabz0r Veteran]

There is always something with Linux that makes me wonder why on earth I am making my life complicated but on the other hand I can do whatever I want to when I use Linux.

I am full time Linux-user both att home and work now since a year or so but I always had some kind of problem issue. There is no Visio, Pulse Secure didn't have any application to run on Linux, now they have it only for RedHat and Debian based distros.

 

Anyhow, thanks guys for troubleshooting the issue with me, always fun to troubleshoot with a fellow networker.

 

[+BudMan MVC]

Maybe there is a limit to the size of your config?  LONG shot.. or maybe there is something wrong with it?  Can you just put in your one entry or a few of them?  I can not duplicate your problem, and I use the config files all the time both on linux and windows.. openssh on windows makes it actually usable for my job.. Don't get me wrong securecrt and putty fine tools..   But securecrt is so far behind in the security aspect.. I have to use a closed private beta to get chacha20 support

 

Hit the mailing list or forums for openssh if anyone else has seen something like this.. I have tried to duplicate it and can not, and like I said have never seen such and issue and I use the config for this exact thing - but I only ever have a handful of entries in it for host.  Not some 600 lines

[nabz0r Veteran]

I don't think there is a limit as I have tried with only one host but it didn't work. I haven even changed the username of a working entry. Removed the file, recreated it but still the same problem.

Yeah, both securecrt and putty are fine, though I don't like securecrt personally. I can't be bothered to report this tbh, but we'll see.

[+BudMan MVC]

Really really odd.. if you google for ssh user not working config - you find very sim issues to yours..  But most seem to be wrong order in the config, or permissions issue on the .ssh folder or config file.  But from your debug it sure seems to be reading and apply the config.

 

debug1: /home/walwar/.ssh/config line 425: Applying options for wwk-sw1

 

is it possible you have some oddness in the file where its not reading User.. Did you try removing the tab/spaces before it and have a return on the end of that line.

 

I would test with simple file with only your entry your testing

 

Host name

Hostname ip_or_FQDN

User username

 

What does it show show you with

 

ssh -v name

 

My understand is if you have duplicates or something set under Host * it will use the one it reads first!!  So if you have

 

Host name

Hostname ip_or_FQDN

User username

 

and then later in the file you have

 

Host name

Hostname ip_or_FQDN

User OtherUserName

 

It will use username and not OtherUserName - so you need to double check that its reading the correct file and the correct line in the file, etc.

 

 

 

[nabz0r Veteran]

I have tried with -vvv but it didn't show much either except that it reads everything from the correct file but when it comes to User it reads the default username.

As far as tabs and space it was first thing I checked and I don't have double entries, I've checked that as well.

 

As I said I removed all entries and kept only one with a different username, it reads the file from .ssh/config but it logs me in with the local username.

I even tried changing permission from 600 with no luck.