From owner-freebsd-questions Sat Feb 22 5:37: 9 2003 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5572A37B401 for ; Sat, 22 Feb 2003 05:37:07 -0800 (PST) Received: from apollo.laserfence.net (apollo.laserfence.net [196.44.69.138]) by mx1.FreeBSD.org (Postfix) with ESMTP id 87D0D43F3F for ; Sat, 22 Feb 2003 05:37:04 -0800 (PST) (envelope-from will@unfoldings.net) Received: from localhost ([127.0.0.1]) by apollo.laserfence.net with esmtp (Exim 4.10) id 18mZpm-000Lur-00; Sat, 22 Feb 2003 15:36:54 +0200 Received: from prometheus-p0.datel.laserfence.net ([192.168.255.1] helo=prometheus.home.laserfence.net) by apollo.laserfence.net with esmtp (Exim 4.10) id 18mZpT-000LuY-00; Sat, 22 Feb 2003 15:36:37 +0200 Received: from phoenix.home.laserfence.net ([192.168.0.2]) by prometheus.home.laserfence.net with esmtp (Exim 4.10) id 18mZpQ-000EZg-00; Sat, 22 Feb 2003 15:36:32 +0200 Received: from will by phoenix.home.laserfence.net with local (Exim 4.10) id 18mZpO-0004Bz-00; Sat, 22 Feb 2003 15:36:30 +0200 From: Willie Viljoen To: Cliff Sarginson Subject: Re: ssh(d) problems between FreebSD and Linux Systems Date: Sat, 22 Feb 2003 15:36:30 +0200 User-Agent: KMail/1.5 References: <20030222130105.GA952@raggedclown.net> In-Reply-To: <20030222130105.GA952@raggedclown.net> Cc: freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200302221536.30361.will@unfoldings.net> X-Spam-Score: (/) X-Scanner: exiscan for exim4 (http://duncanthrax.net/exiscan/) *18mZpT-000LuY-00*vdu0xaKtD5k* X-Virus-Scanned: by AMaViS snapshot-20020422 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Saturday 22 February 2003 15:01, Cliff Sarginson wrote: > Hello, > Behind my firewall I am trying to set up password-free ssh between the > various systems. I have come across a curious problem. From a BSD > machine I can set it up so that FreeBSD can ssh into any of the Linux > machines is fine, but the other way around, trying to get into the > FreeBSD machines from Linux, causes sshd on FreebSD to return > > Feb 22 13:46:57 willow sshd[926]: fatal: monitor_read: unsupported > request: 24 > > This happens with 2 different varieties of Linux, so it is not an > artefact of just one system. The configurations look the same at both > ends as far as I can see. > > I have "achieved this by generating an rsa key, and putting the public > one into the authorized_keys2 file as appropriate. > > Any suggestions ? Try and make sure that your Linux systems always use protocol version 2. FreeBSD uses this protocol by default, but most Linux distributions default to version 1 for compatibility reasons. Public key authentication only appeared in version 2, so machines trying to use version 1 will not be able to use it properly. The quickest way to achieve this is to force remote systems to use version 2 by adding this in /etc/ssh/sshd_config on the FreeBSD system (it should already be there for new versions): Protocol 2 Note that a setting of 2,1 will not work as it will still server protocol 1 if clients request it first. Will -- Willie Viljoen Freelance IT Consultant 214 Paul Kruger Avenue, Universitas Bloemfontein 9321 South Africa +27 51 522 15 60 +27 51 522 44 36 (after hours) +27 82 404 03 27 (mobile) will@unfoldings.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message