From owner-freebsd-questions@FreeBSD.ORG Wed Feb 14 08:39:38 2007 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 295A916A406 for ; Wed, 14 Feb 2007 08:39:38 +0000 (UTC) (envelope-from o.greve@axis.nl) Received: from yggdrasil.interstroom.nl (yggdrasil.interstroom.nl [80.85.129.11]) by mx1.freebsd.org (Postfix) with ESMTP id B6FEF13C471 for ; Wed, 14 Feb 2007 08:39:37 +0000 (UTC) (envelope-from o.greve@axis.nl) Received: from ip127-180.introweb.nl ([80.65.127.180] helo=[192.168.1.42]) by yggdrasil.interstroom.nl with asmtp (Exim 3.35 #1 (Debian)) id 1HHFfm-0006Ji-00; Wed, 14 Feb 2007 09:39:30 +0100 Message-ID: <45D2CABF.4070106@axis.nl> Date: Wed, 14 Feb 2007 09:39:27 +0100 From: Olaf Greve User-Agent: Thunderbird 1.5.0.9 (X11/20061222) MIME-Version: 1.0 To: freebsd-questions@freebsd.org References: <45D07D5A.2040307@axis.nl> <8930024.post@talk.nabble.com> <45D1BDCA.8050709@axis.nl> <20070213090410.c1aa29bc.wmoran@collaborativefusion.com> <45D1DBA8.5040400@axis.nl> <20070213115641.48516b37.wmoran@collaborativefusion.com> In-Reply-To: <20070213115641.48516b37.wmoran@collaborativefusion.com> Content-Type: text/plain; charset=US-ASCII; format=flowed Content-Transfer-Encoding: 7bit X-MailScanner-Information: Interstroom virusscan, please e-mail helpdesk@interstroom.nl for more information X-MailScanner-SpamCheck: Cc: xfb52@dial.pipex.com, Bill Moran Subject: Re: [SOLVED] Help please: how to enable SSH password authentication under FreeBSD 6.2? Solved - but not in an expected way X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 14 Feb 2007 08:39:38 -0000 Hi again, Well as mentioned yesterday, I couldn't let this one go by without at least trying to figure out the real reason, so I experimented somewhat further. > The issue of ssh1 vs. ssh2 appears to already be clarified, so I won't > go into it again. Yes, indeed. I myself yesterday came to realise that I had incorrectly used the term SSH1 for password authentication, whereas it's basically just a different handshake and encryption protocol. My bad. :p Then: > It shouldn't. That's odd, as there's no reason to use SSH1 with FreeBSD > 5.4 -- SSH2 worked just fine in 5.X. I'd investigate your puTTY installation/ > config, as it sounds to be corrupt. Well, I did indeed run the daemon in debug mode, and from the traces I gather that the handshaking doesn't work properly. Towards the end of the traces, we find: debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: client->server 3des-cbc hmac-sha1 none debug1: kex: server->client 3des-cbc hmac-sha1 none debug1: expecting SSH2_MSG_KEXDH_INIT debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS Connection closed by 192.168.1.103 debug1: do_cleanup debug1: do_cleanup And it never (or well, hardly ever) seems to get past that point. I then checked if perhaps I could configure anything in PuTTY regarding the handshaking or so, and found very few options there (all yielding no better luck in connecting). Then, I checked the PuTTY version, and found that it was "release-0.50", whereas I read you used versions 0.58 and 0.59. D/L-ed version 0.59 and that works fine! Sooo, indeed the PuTTY installation I had was flaky. For some reason it did work fine with my FreeBSD 5.4 installation, dunno why ?!? Good, glad this one is solved and that it turned out to be such a trivial thing! Tnx for your help, and cheers! Olafo