From owner-freebsd-stable Sun Feb 11 21:15: 7 2001 Delivered-To: freebsd-stable@freebsd.org Received: from gatekeeper.orem.verio.net (gatekeeper.orem.verio.net [192.41.0.8]) by hub.freebsd.org (Postfix) with ESMTP id 7D78E37B491 for ; Sun, 11 Feb 2001 21:14:59 -0800 (PST) Received: from mx.dmz.orem.verio.net (mx.dmz.orem.verio.net [10.1.1.10]) by gatekeeper.orem.verio.net (Postfix) with ESMTP id 16CA03BF116 for ; Sun, 11 Feb 2001 22:14:59 -0700 (MST) Received: from localhost (aaronm@localhost) by mx.dmz.orem.verio.net (8.11.1/8.11.1) with ESMTP id f1C5EvD72746; Sun, 11 Feb 2001 22:14:57 -0700 (MST) (envelope-from aaronm@mx.dmz.orem.verio.net) Date: Sun, 11 Feb 2001 22:14:57 -0700 (MST) From: Aaron Mildenstein To: Sergey Akifiev Cc: Subject: Re: sshd in 4.2-STABLE In-Reply-To: <1843641235.20010212104321@road.omskelecom.ru> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG I had the same problem. And do you know what I found was the problem? /etc/pam.conf was missing the following lines: sshd auth sufficient pam_skey.so sshd auth required pam_unix.so try_first_pass sshd session required pam_permit.so And that was all it took to get sshd to work right. Somewhere in there sshd started requiring pam. Go figure. Aaron Mildenstein On Mon, 12 Feb 2001, Sergey Akifiev wrote: > Hello freebsd-stable, > > sshd stops working after cvsup'ing up to 4.2-STABLE. But on > 4.1-RELEASE it works fine! > Here is result of 'sshd -d': > > debug1: sshd version OpenSSH_2.3.0 > debug1: read DSA private key done > debug1: Forcing server key to 1152 bits to make it differ from host key. > debug1: Bind to port 22 on 0.0.0.0. > Server listening on 0.0.0.0 port 22. > Generating 1152 bit RSA key. > RSA key generation complete. > debug1: Server will not fork when running in debugging mode. > Connection from sergey.gibdd.uvd-omsk.su port 1179 > Connection from 94.1.0.85 port 1179 > debug1: Client protocol version 2.1; client software version > OpenSSH_3.26.00_Telneat > debug1: no match: OpenSSH_3.26.00_Telneat > Enabling compatibility mode for protocol 2.0 > debug1: Local version string SSH-1.99-OpenSSH_2.3.0 > debug1: send KEXINIT > debug1: done > debug1: wait KEXINIT > debug1: got kexinit: diffie-hellman-group1-sha1 > debug1: got kexinit: ssh-dss > debug1: got kexinit: 3des-cbc,blowfish-cbc,arcfour,cast128-cbc > debug1: got kexinit: 3des-cbc,blowfish-cbc,arcfour,cast128-cbc > debug1: got kexinit: hmac-sha1,hmac-md5,hmac-ripemd160@openssh.com > debug1: got kexinit: hmac-sha1,hmac-md5,hmac-ripemd160@openssh.com > debug1: got kexinit: none > debug1: got kexinit: none > debug1: got kexinit: > debug1: got kexinit: > debug1: first kex follow: 0 > debug1: reserved: 0 > debug1: done > debug1: kex: client->server 3des-cbc hmac-sha1 none > debug1: kex: server->client 3des-cbc hmac-sha1 none > debug1: Wait SSH2_MSG_KEXDH_INIT. > debug1: bits set: 495/1024 > debug1: bits set: 515/1024 > debug1: sig size 20 20 > debug1: send SSH2_MSG_NEWKEYS. > debug1: done: send SSH2_MSG_NEWKEYS. > debug1: Wait SSH2_MSG_NEWKEYS. > debug1: GOT SSH2_MSG_NEWKEYS. > debug1: done: KEX2. > debug1: userauth-request for user sergey service ssh-connection method > publickey > debug1: attempt #1 > debug1: Starting up PAM with username "sergey" > debug1: matching key found: file /home/sergey/.ssh/authorized_keys2, line 1 > debug1: len 55 datafellows 0 > debug1: dsa_verify: signature incorrect > Failed publickey for sergey from 94.1.0.85 port 1179 ssh2 > fatal: Read from socket failed: Connection reset by peer > debug1: Calling cleanup 0x8058150(0x0) > debug1: Calling cleanup 0x805e480(0x0) > > PS > > -- > Best regards, > Sergey mailto:sergey@road.omskelecom.ru > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-stable" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message