What does identity file type mean in SSH debug messags?

Clash Royale CLAN TAG#URR8PPP

up vote
1
down vote

favorite

I've been debugging a SSH connection using the following command:

ssh -vT user@mysite.com

And I got the following messages:

debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 48: Applying options for *
debug2: ssh_connect_direct: needpriv 0
debug1: Connecting to smilescooter.com port 22.
debug1: Connection established.
debug1: identity file /Users/jerry/.ssh/id_rsa type 0
debug1: key_load_public: No such file or directory
debug1: identity file /Users/jerry/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/jerry/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/jerry/.ssh/id_dsa-cert type -1
debug1: identity file /Users/jerry/.ssh/id_ecdsa type 2
debug1: key_load_public: No such file or directory
debug1: identity file /Users/jerry/.ssh/id_ecdsa-cert type -1
...
debug3: hostkeys_foreach: reading file "/Users/jerry/.ssh/known_hosts"
debug3: record_hostkey: found key type ECDSA in file /Users/jerry/.ssh/known_hosts:19
debug3: load_hostkeys: loaded 1 keys from smilescooter.com
debug3: order_hostkeyalgs: prefer hostkeyalgs: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
debug3: send packet: type 20
debug1: SSH2_MSG_KEXINIT sent
debug3: receive packet: type 20
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal

Luckily, the problem was fixed, but I am interested as what the "identity file file_route type n" mean, n here could be -1,0,1,2...

And what does the number(1/2/3..) after debug mean in the beginning of each debugging line?

I wouldn't ask it here if I had found results googling about this. There are a lot of results in google concerning SSH problem debugging, but no one seems to be talking about the two I've asked here.

Thank you so much in advance.

ssh security

share|improve this question

asked 2 hours ago

xczzhh

79341217

add a comment | 

up vote
1
down vote

favorite

I've been debugging a SSH connection using the following command:

ssh -vT user@mysite.com

And I got the following messages:

debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 48: Applying options for *
debug2: ssh_connect_direct: needpriv 0
debug1: Connecting to smilescooter.com port 22.
debug1: Connection established.
debug1: identity file /Users/jerry/.ssh/id_rsa type 0
debug1: key_load_public: No such file or directory
debug1: identity file /Users/jerry/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/jerry/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/jerry/.ssh/id_dsa-cert type -1
debug1: identity file /Users/jerry/.ssh/id_ecdsa type 2
debug1: key_load_public: No such file or directory
debug1: identity file /Users/jerry/.ssh/id_ecdsa-cert type -1
...
debug3: hostkeys_foreach: reading file "/Users/jerry/.ssh/known_hosts"
debug3: record_hostkey: found key type ECDSA in file /Users/jerry/.ssh/known_hosts:19
debug3: load_hostkeys: loaded 1 keys from smilescooter.com
debug3: order_hostkeyalgs: prefer hostkeyalgs: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
debug3: send packet: type 20
debug1: SSH2_MSG_KEXINIT sent
debug3: receive packet: type 20
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal

Luckily, the problem was fixed, but I am interested as what the "identity file file_route type n" mean, n here could be -1,0,1,2...

And what does the number(1/2/3..) after debug mean in the beginning of each debugging line?

I wouldn't ask it here if I had found results googling about this. There are a lot of results in google concerning SSH problem debugging, but no one seems to be talking about the two I've asked here.

Thank you so much in advance.

ssh security

share|improve this question

asked 2 hours ago

xczzhh

79341217

add a comment | 

up vote
1
down vote

favorite

up vote
1
down vote

favorite

I've been debugging a SSH connection using the following command:

ssh -vT user@mysite.com

And I got the following messages:

debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 48: Applying options for *
debug2: ssh_connect_direct: needpriv 0
debug1: Connecting to smilescooter.com port 22.
debug1: Connection established.
debug1: identity file /Users/jerry/.ssh/id_rsa type 0
debug1: key_load_public: No such file or directory
debug1: identity file /Users/jerry/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/jerry/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/jerry/.ssh/id_dsa-cert type -1
debug1: identity file /Users/jerry/.ssh/id_ecdsa type 2
debug1: key_load_public: No such file or directory
debug1: identity file /Users/jerry/.ssh/id_ecdsa-cert type -1
...
debug3: hostkeys_foreach: reading file "/Users/jerry/.ssh/known_hosts"
debug3: record_hostkey: found key type ECDSA in file /Users/jerry/.ssh/known_hosts:19
debug3: load_hostkeys: loaded 1 keys from smilescooter.com
debug3: order_hostkeyalgs: prefer hostkeyalgs: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
debug3: send packet: type 20
debug1: SSH2_MSG_KEXINIT sent
debug3: receive packet: type 20
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal

Luckily, the problem was fixed, but I am interested as what the "identity file file_route type n" mean, n here could be -1,0,1,2...

And what does the number(1/2/3..) after debug mean in the beginning of each debugging line?

I wouldn't ask it here if I had found results googling about this. There are a lot of results in google concerning SSH problem debugging, but no one seems to be talking about the two I've asked here.

Thank you so much in advance.

ssh security

share|improve this question

asked 2 hours ago

xczzhh

79341217

I've been debugging a SSH connection using the following command:

ssh -vT user@mysite.com

And I got the following messages:

debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 48: Applying options for *
debug2: ssh_connect_direct: needpriv 0
debug1: Connecting to smilescooter.com port 22.
debug1: Connection established.
debug1: identity file /Users/jerry/.ssh/id_rsa type 0
debug1: key_load_public: No such file or directory
debug1: identity file /Users/jerry/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/jerry/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /Users/jerry/.ssh/id_dsa-cert type -1
debug1: identity file /Users/jerry/.ssh/id_ecdsa type 2
debug1: key_load_public: No such file or directory
debug1: identity file /Users/jerry/.ssh/id_ecdsa-cert type -1
...
debug3: hostkeys_foreach: reading file "/Users/jerry/.ssh/known_hosts"
debug3: record_hostkey: found key type ECDSA in file /Users/jerry/.ssh/known_hosts:19
debug3: load_hostkeys: loaded 1 keys from smilescooter.com
debug3: order_hostkeyalgs: prefer hostkeyalgs: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
debug3: send packet: type 20
debug1: SSH2_MSG_KEXINIT sent
debug3: receive packet: type 20
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal

Luckily, the problem was fixed, but I am interested as what the "identity file file_route type n" mean, n here could be -1,0,1,2...

And what does the number(1/2/3..) after debug mean in the beginning of each debugging line?

I wouldn't ask it here if I had found results googling about this. There are a lot of results in google concerning SSH problem debugging, but no one seems to be talking about the two I've asked here.

Thank you so much in advance.

ssh security

ssh security

share|improve this question

asked 2 hours ago

xczzhh

79341217

share|improve this question

asked 2 hours ago

xczzhh

79341217

share|improve this question

share|improve this question

asked 2 hours ago

xczzhh

79341217

asked 2 hours ago

xczzhh

79341217

asked 2 hours ago

xczzhh

79341217

79341217

add a comment | 

add a comment | 

2 Answers
2

active

oldest

votes

up vote
1
down vote

Identity file is simply a private key (or cert), usually by running ssh-keygen. This will by default create an RSA key, but you can change that with the -t option. According to the output, you have an RSA and an ECDSA key.
The id is just the integer value (zero based) of the sshkey_types enum and -1 meaning error (as with most POSIX functions).

The error messages key_load_public: No such file or directory after the identity file... messages is strange, it seems that the corresponding public key files got deleted. They carry the same file name as the private key with an added .pub suffix. This is not tragic, as the public key can be regenerated from the private key (but not vice versa, for obvious reasons) with ssh-keygen -y.

share|improve this answer

edited 28 mins ago

answered 44 mins ago

Jakob

114

New contributor

Jakob is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

add a comment | 

up vote
0
down vote

As the output suggests, "type n" is the internal ID of the key type (RSA, ECDSA, ED25519, etc.). The list can be seen in sshkey.c.

Similarly, the n after debug is the debug level. The output you have shown is for -vvv, or debug logging up to level 3 (the maximum), hence debug1, debug2 and debug3.

The full details of both would generally be of use only to OpenSSH developers (primarily, OpenBSD developers), so I wouldn't expect this to be commonly discussed.

share|improve this answer

answered 1 hour ago

muru

132k19279477

add a comment | 

Your Answer

StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "89"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);

else
createEditor();

);

function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
convertImagesToLinks: true,
noModals: false,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);



);

 

draft saved

draft discarded

Sign up or log in

StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);

Sign up using Google

Sign up using Facebook

Sign up using Email and Password

Post as a guest

Name Email

StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1088184%2fwhat-does-identity-file-type-mean-in-ssh-debug-messags%23new-answer', 'question_page');

);

Post as a guest

Name Email

2 Answers
2

active

oldest

votes

2 Answers
2

active

oldest

votes

active

oldest

votes

active

oldest

votes

up vote
1
down vote

Identity file is simply a private key (or cert), usually by running ssh-keygen. This will by default create an RSA key, but you can change that with the -t option. According to the output, you have an RSA and an ECDSA key.
The id is just the integer value (zero based) of the sshkey_types enum and -1 meaning error (as with most POSIX functions).

The error messages key_load_public: No such file or directory after the identity file... messages is strange, it seems that the corresponding public key files got deleted. They carry the same file name as the private key with an added .pub suffix. This is not tragic, as the public key can be regenerated from the private key (but not vice versa, for obvious reasons) with ssh-keygen -y.

share|improve this answer

edited 28 mins ago

answered 44 mins ago

Jakob

114

New contributor

Jakob is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

add a comment | 

up vote
1
down vote

Identity file is simply a private key (or cert), usually by running ssh-keygen. This will by default create an RSA key, but you can change that with the -t option. According to the output, you have an RSA and an ECDSA key.
The id is just the integer value (zero based) of the sshkey_types enum and -1 meaning error (as with most POSIX functions).

The error messages key_load_public: No such file or directory after the identity file... messages is strange, it seems that the corresponding public key files got deleted. They carry the same file name as the private key with an added .pub suffix. This is not tragic, as the public key can be regenerated from the private key (but not vice versa, for obvious reasons) with ssh-keygen -y.

share|improve this answer

edited 28 mins ago

answered 44 mins ago

Jakob

114

New contributor

Jakob is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

add a comment | 

up vote
1
down vote

up vote
1
down vote

Identity file is simply a private key (or cert), usually by running ssh-keygen. This will by default create an RSA key, but you can change that with the -t option. According to the output, you have an RSA and an ECDSA key.
The id is just the integer value (zero based) of the sshkey_types enum and -1 meaning error (as with most POSIX functions).

The error messages key_load_public: No such file or directory after the identity file... messages is strange, it seems that the corresponding public key files got deleted. They carry the same file name as the private key with an added .pub suffix. This is not tragic, as the public key can be regenerated from the private key (but not vice versa, for obvious reasons) with ssh-keygen -y.

share|improve this answer

edited 28 mins ago

answered 44 mins ago

Jakob

114

New contributor

Jakob is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

Identity file is simply a private key (or cert), usually by running ssh-keygen. This will by default create an RSA key, but you can change that with the -t option. According to the output, you have an RSA and an ECDSA key.
The id is just the integer value (zero based) of the sshkey_types enum and -1 meaning error (as with most POSIX functions).

The error messages key_load_public: No such file or directory after the identity file... messages is strange, it seems that the corresponding public key files got deleted. They carry the same file name as the private key with an added .pub suffix. This is not tragic, as the public key can be regenerated from the private key (but not vice versa, for obvious reasons) with ssh-keygen -y.

share|improve this answer

edited 28 mins ago

answered 44 mins ago

Jakob

114

New contributor

Jakob is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

share|improve this answer

share|improve this answer

edited 28 mins ago

edited 28 mins ago

edited 28 mins ago

answered 44 mins ago

Jakob

114

New contributor

Jakob is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

answered 44 mins ago

Jakob

114

answered 44 mins ago

Jakob

114

114

New contributor

Jakob is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

New contributor

Jakob is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

Jakob is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.

add a comment | 

add a comment | 

up vote
0
down vote

As the output suggests, "type n" is the internal ID of the key type (RSA, ECDSA, ED25519, etc.). The list can be seen in sshkey.c.

Similarly, the n after debug is the debug level. The output you have shown is for -vvv, or debug logging up to level 3 (the maximum), hence debug1, debug2 and debug3.

The full details of both would generally be of use only to OpenSSH developers (primarily, OpenBSD developers), so I wouldn't expect this to be commonly discussed.

share|improve this answer

answered 1 hour ago

muru

132k19279477

add a comment | 

up vote
0
down vote

As the output suggests, "type n" is the internal ID of the key type (RSA, ECDSA, ED25519, etc.). The list can be seen in sshkey.c.

Similarly, the n after debug is the debug level. The output you have shown is for -vvv, or debug logging up to level 3 (the maximum), hence debug1, debug2 and debug3.

The full details of both would generally be of use only to OpenSSH developers (primarily, OpenBSD developers), so I wouldn't expect this to be commonly discussed.

share|improve this answer

answered 1 hour ago

muru

132k19279477

add a comment | 

up vote
0
down vote

up vote
0
down vote

As the output suggests, "type n" is the internal ID of the key type (RSA, ECDSA, ED25519, etc.). The list can be seen in sshkey.c.

Similarly, the n after debug is the debug level. The output you have shown is for -vvv, or debug logging up to level 3 (the maximum), hence debug1, debug2 and debug3.

The full details of both would generally be of use only to OpenSSH developers (primarily, OpenBSD developers), so I wouldn't expect this to be commonly discussed.

share|improve this answer

answered 1 hour ago

muru

132k19279477

As the output suggests, "type n" is the internal ID of the key type (RSA, ECDSA, ED25519, etc.). The list can be seen in sshkey.c.

Similarly, the n after debug is the debug level. The output you have shown is for -vvv, or debug logging up to level 3 (the maximum), hence debug1, debug2 and debug3.

The full details of both would generally be of use only to OpenSSH developers (primarily, OpenBSD developers), so I wouldn't expect this to be commonly discussed.

share|improve this answer

answered 1 hour ago

muru

132k19279477

share|improve this answer

share|improve this answer

answered 1 hour ago

muru

132k19279477

answered 1 hour ago

muru

132k19279477

answered 1 hour ago

muru

132k19279477

132k19279477

add a comment | 

add a comment | 

 

draft saved

draft discarded

 

draft saved

draft discarded

Sign up or log in

StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);

Sign up using Google

Sign up using Facebook

Sign up using Email and Password

Post as a guest

Name Email

StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2faskubuntu.com%2fquestions%2f1088184%2fwhat-does-identity-file-type-mean-in-ssh-debug-messags%23new-answer', 'question_page');

);

Post as a guest

Name Email

Sign up or log in

StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);

Sign up using Google

Sign up using Facebook

Sign up using Email and Password

Post as a guest

Name Email

Sign up or log in

StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);

Sign up using Google

Sign up using Facebook

Sign up using Email and Password

Post as a guest

Name Email

Sign up or log in

StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);

Sign up using Google

Sign up using Facebook

Sign up using Email and Password

Sign up using Google

Sign up using Facebook

Sign up using Email and Password

Post as a guest

Name Email

Name Email

Name

Email

Name Email

Name

Email