What can I determine about my public key on host server?
The administrators at sftp.foobar.com have done the following:
- Acknowledged receipt of my public key. (id_rsa.pub)
- Given me a hostname of their server (sftp.foobar.com)
- Given me a userid for an ssh/sftp connection (foo_user1)
Here’s my .ssh/config entry
Host foobar identityfile id_rsa hostname sftp.foobar.com user foo_user1 port 22 # I've also tried 2222 $sftp -vvv foobar OpenSSH_7.4p1, OpenSSL 1.0.2k-fips 26 Jan 2017 debug1: Reading configuration data /home/foo_client/.ssh/config debug1: /home/foo_client/.ssh/config line 332: Applying options for foobar debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 58: Applying options for * debug2: resolving "sftp.foobar.com" port 2222 debug2: ssh_connect_direct: needpriv 0 debug1: Connecting to sftp.foobar.com [21.01.148.55] port 2222. #The session hangs and I CTRL-C to terminate command. $ssh 21.01.148.55 # I get no response # I get neither userid nor password prompt.
Question: What Can I conclude about my public key on host server?
Do I have sufficient information to conclude the foobar admins have not installed my public key?
If they have installed public key but it is corrupted, would I get additional information from -vvv output?
You cannot determine anything about the public key. Your connection is blocked by a firewall.
SSH’s debugging output won’t help you diagnose firewall issues: they happen at a level below TCP. It could be a problem on your machine, on your local network, (unlikely) somewhere in between, on the server’s local network or on the server itself.
tcptraceroute might help.
Here is some sample output with some relevant messages that you’d see on a successful connection:
… debug1: Connecting to sftp.foobar.com [21.01.148.55] port 2222. debug1: Connection established. debug1: identity file /home/foo_client/.ssh/id_rsa type -1 … debug1: Remote protocol version 2.0, remote software version OpenSSH_8.9p1 Ubuntu-3ubuntu0.4 … debug1: Will attempt key: /home/from_client/.ssh/id_rsa … debug1: Next authentication method: publickey … debug1: Offering public key: … … Authenticated to sftp.foobar.com (21.01.148.55:2222) using "publickey". …
(I’ve slightly edited the messages and may have gotten the exact formatting of hostnames and such wrong.)
debug1: Connectingis when the client has started the TCP connection.
debug1: Connection established.means the TCP connection is established. Your connection failed to reach this point.
debug1: Remote protocol version …is the first indication that a server has replied using the SSH protocol.
debug1: Will attempt key:indicates the keys that your client has found.
debug1: Next authentication method: publickeyindicates that after negotiating with the server, your client has decided to try public-key authentication.
debug1: Offering public key: …indicates that your client is now trying to authenticate using this key.
Authenticated to sftp.foobar.com (21.01.148.55:2222) using "publickey".indicates that the server has accepted the last offered key.