What is this?

This knowledgebase contains questions and answers about PRTG Network Monitor and network monitoring in general.

Learn more

PRTG Network Monitor

Intuitive to Use. Easy to manage.
More than 500,000 users rely on Paessler PRTG every day. Find out how you can reduce cost, increase QoS and ease planning, as well.

Free Download

Top Tags


View all Tags

ssh login failure: ssh_userauth_publickey failed

Votes:

0

This problem has been posted a couple of times, but no solution helps me. We have multiple linux systems with Suse Linux Enterprise Server 11 FixPack 4. On these systems, the ssh probes (e.g. ssh disk space) functions well. Authentication is done by private key / public key. But after upgrading to SLES 12.3, the authentication fails.

default ssh engine

Message of the probe: Failed to connect. Please check the SSH log of the target device or try the Compatibility Mode of the sensor's SSH engine and consider updating the target system's operating system. Reason: ssh_userauth_publickey failed (-1)Socket error: disconnected

Message in target log: fatal: Access denied for user prtg by PAM account configuration [preauth]

Compatibility Mode ssh engine

Message of the probe: The negotiation of encryption algorithm is failed

Message in target log: no matching cipher found. Their offer: blowfish-cbc,cast128-cbc,aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc [preauth]

"ssh -Q cipher" on the target

3des-cbc blowfish-cbc cast128-cbc arcfour arcfour128 arcfour256 aes128-cbc aes192-cbc aes256-cbc [email protected] aes128-ctr aes192-ctr aes256-ctr [email protected] [email protected] [email protected]

What may be the next step to get deeper?

authentication prtg ssh

Created on Sep 24, 2018 2:39:37 PM



7 Replies

Votes:

0

Hi there,

Maybe something is wrong with the private key after the update. Could you please try to regenerate the key for the system and add it to PRTG anew?

Please let me know if this helped.

Thank you!

Andreas Günther
Tech Support, Paessler AG

Created on Sep 26, 2018 12:22:20 PM by Andreas Günther [Paessler Support]



Votes:

0

Hi,

the private key is located on our prtg machine. This one has not been updated and there are ssh sensors that functions. The problem occurs when the prtg user of the prtg machine is connecting to a monitored machine, that has been upgraded. I removed and re-added the prtg user on the monitored machine with no effect. I don't want to regenerate the private key because then I have to sync it to all monitored machines.

Any further hints?

Created on Sep 27, 2018 5:58:01 AM



Votes:

0

Hi there,

I understand.

Please test if you're able to manual connect to the target with the private key, for example with putty. Is it working?

Please also check the auth.log on the target machine.

Thank you!

Andreas Günther
Tech Support, Paessler AG

Created on Sep 27, 2018 8:37:04 AM by Andreas Günther [Paessler Support]

Last change on Sep 27, 2018 8:37:17 AM by Andreas Günther [Paessler Support]



Votes:

0

Is there a way to get the private key out of the prtg installation? Cause we have it only in the prtg system and (of course) in the prtg configuration backup. After that I will gladly test the authentication with putty.

Created on Sep 27, 2018 9:25:26 AM



Votes:

0

Hi there,

I'm afraid due to security reasons it's not possible to extract the private key out of PRTG.

Were you able to check the auth.log on the target machine?

Andreas Günther
Tech Support, Paessler AG

Created on Sep 27, 2018 12:46:50 PM by Andreas Günther [Paessler Support]



Votes:

0

Good news: I managed to "solve" this issue by giving the prtg user a password on the target machine. Before that, only key based authentication was supported. I added a password because I wanted to test the key based authentication for the prtg user (I needed the password for ssh-copy-id). I'm not investigating further.

Created on Sep 27, 2018 2:02:59 PM



Votes:

0

Hey,

Great you've found a solution, and also thank you for letting me know! :)

Andreas Günther
Tech Support, Paessler AG

Created on Sep 27, 2018 7:45:30 PM by Andreas Günther [Paessler Support]




Disclaimer: The information in the Paessler Knowledge Base comes without warranty of any kind. Use at your own risk. Before applying any instructions please exercise proper system administrator housekeeping. You must make sure that a proper backup of all your data is available.