Hello,

I have two debian Linux computers, server Nimrod and Marcus.

I want to be abe to login from Marcus to Nimrod using ssh with
publickey authentification.
This works fine, I created an key-pair with ssh-keygen, and stored the
public key in $HOME/.ssh/authorized_keys on Nimrod.

With ssh I was able to login from Marcus to Nimrod without giving an
password. As a test, I deleted the key-files in $HOME/.ssh on Marucs.
The expected behaviour is that Nimrod then refuse the login, because
Marcus cannot decrypt the challenge with a correct private key. The
behaviour I got is that I still can login on Nimrod. Also when I
generate a new key-pair, and not update the public key on Nimrod, I
still can login.

The output of ssh on Marcus is below:

OpenSSH_3.8.1p1 Debian-8.sarge.4, OpenSSL 0.9.7e 25 Oct 2004
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Connecting to 192.168.0.32 [192.168.0.32] port 22.
debug1: Connection established.
debug1: identity file /home/rene/.ssh/identity type -1
debug1: identity file /home/rene/.ssh/id_rsa type -1
debug1: identity file /home/rene/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version
OpenSSH_3.8.1p1 Debian-8.sarge.4
debug1: match: OpenSSH_3.8.1p1 Debian-8.sarge.4 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_3.8.1p1 Debian-8.sarge.4
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host '192.168.0.32' is known and matches the RSA host key.
debug1: Found key in /home/rene/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue:
publickey,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Offering public key:
debug1: Server accepts key: pkalg ssh-dss blen 434
debug1: Authentication succeeded (publickey).
debug1: channel 0: new [client-session]
debug1: Entering interactive session.
Linux NIMROD 2.4.27-2-386 #1 Wed Aug 17 09:33:35 UTC 2005 i686
GNU/Linux


The strange thing I see is this:
debug1: Offering public key:

Why is this line empty?