7.3. Introduction to Verbose Mode
Now that we've covered the generalities of command-line options
and configuration files, we're about to launch into an extended
discussion of configuration. Before we begin, let's practice
some defense. As you try these options, occasionally you might see
behavior that's not what you expected. Whenever this occurs,
your first instinct should be: turn on verbose mode with the
-v command-line option to track down the problem:
# SSH1, SSH2, OpenSSH
$ ssh -v server.example.com
In verbose mode, the client prints messages as it proceeds, providing
clues to the problem. New SSH users (and quite a few experienced
ones) frequently forget or neglect to use verbose mode when problems
arise. Don't hesitate! Many questions we've seen in the
Usenet SSH newsgroup,
comp.security.ssh [
Section 12.3, "Other SSH Resources"], could have been answered immediately by
running
ssh -v and examining the output.
Suppose you just installed your public key on
server.example.com and are trying to
authenticate with it. Strangely, you are prompted for your login
password instead of your public-key passphrase:
$ ssh server.example.com
barrett@server.example.com's password:
Don't just sit there scratching your head in wonder. Let
verbose mode come to the rescue:
$ ssh -v server.example.com
SSH Version 1.2.27 [sparc-sun-solaris2.5.1], protocol version 1.5.
client: Connecting to server.example.com [128.9.176.249] port 22.
client: Connection established.
client: Trying RSA authentication with key 'barrett@client'
client: Remote: Bad file modes for /users/barrett/.ssh Uh oh!
client: Server refused our key.
client: Doing password authentication.
barrett@server.example.com's password:
These messages (which are abbreviated for this example) confirm that
the SSH connection is succeeding, but public-key authentication is
failing. The reason is "bad file modes": the remote SSH
directory,
/home/barrett/.ssh, has incorrect
permissions. A quick trip to the server and a well-placed
chmod command later, the problem is solved:
# On the server
$ chmod 700 ~/.ssh
Verbose mode also works for
scp :
$ scp -v myfile server.example.com:
Executing: host belvedere, user (unspecified), command scp -v -t .
SSH Version 1.2.27 [sparc-sun-solaris2.5.1], protocol version 1.5.
...
Verbose mode is your friend. Use it liberally. Now we're ready
to learn those dozens of options.
| | |
7.2. Precedence | | 7.4. Client Configuration in Depth |