Odd little thing about SSH Logins
Friday, August 31st, 2007This afternoon I was doing a little work in Coda and wanted to try the SSH Terminal access built into it. I checked my login password and tried. No good - invalid password. Now I should have known what the problem was, but I was not thinking about how SSH authenticates if you have key files on the remote end, I was thinking "login, password" - easy. Well... not really.
I tried a few more times, convinced that I had forgotten my password - something I've never done - but this was telling me that there's a first time for everything. I was sure I had it right, but the login failures were telling me that I was wrong. Also, the fact that I use ssh-agent and key files makes it so that I didn't need to login after getting the key files over. So now I was getting desperate.
I started writing a ticket to the HostMonster support and then thought - Hey... why not get to another machine without ssh-agent running and then try to ssh into the box? Of course, when I did this, it asked me for my pass-phrase, and I typed it in. Then I thought: I wonder if it's using the pass-phrase as the password? Bingo.
I had been thinking that the SSH protocol passed the real password even if the key files existed, but it doesn't. If the key files are there, it doesn't care about the password - it cares only about the pass-phrase in the key files. When I went back and tried that in Coda it worked like a champ.
I was so convinced that I had forgotten my password, but I hadn't - I had forgotten how SSH works in the presence of key files. Wow... glad that's cleared up. I won't forget it.