Skip site navigation (1)Skip section navigation (2)
Date:      Sat, 28 Dec 2002 11:57:44 +0100 (CET)
From:      Andrew Prewett <andrew@kronos.HomeUnix.com>
To:        freebsd-questions@FreeBSD.ORG
Subject:   RE: sshd and passwordauthentication
Message-ID:  <20021228114240.N18941@slave.east.ath.cx>
In-Reply-To: <000201c2adcd$76a76ce0$952b6e94@lucifer>
References:  <000201c2adcd$76a76ce0$952b6e94@lucifer>

next in thread | previous in thread | raw e-mail | index | archive | help
On Dec 27 Didier Wiroth wrote:

> I'm using a windows client, putty where I didn't find that kind of option,
> here is the output of "ssh -v" from linux test machine:
>
> OpenSSH_2.9.9p2, SSH protocols 1.5/2.0, OpenSSL 0x0090601f
> debug1: Reading configuration data /etc/ssh/ssh_config
> debug1: Applying options for *
> debug1: Seeding random number generator
> debug1: Rhosts Authentication disabled, originating port will not be
> trusted.
> debug1: restore_uid
> debug1: ssh_connect: getuid 500 geteuid 500 anon 1
> debug1: Connecting to sshd.somewhere.com [sshd.somewhere.com] port 22.
> debug1: temporarily_use_uid: 500/100 (e=500)
> debug1: restore_uid
> debug1: temporarily_use_uid: 500/100 (e=500)
> debug1: restore_uid
> debug1: Connection established.
> debug1: identity file /home/user_test/.ssh/identity type -1
> debug1: identity file /home/user_test/.ssh/id_rsa type -1
> debug1: identity file /home/user_test/.ssh/id_dsa type -1

id_rsa and/or id_dsa exists?

> debug1: Remote protocol version 1.99, remote software version OpenSSH_3.4p1
> FreeBSD-20020702
> debug1: match: OpenSSH_3.4p1 FreeBSD-20020702 pat ^OpenSSH
> debug1: Local version string SSH-1.5-OpenSSH_2.9.9p2
> debug1: Waiting for server public key.
> debug1: Received server public key (768 bits) and host key (1024 bits).
> debug1: Host 'sshd.somewhere.com' is known and matches the RSA1 host key.
> debug1: Found key in /home/user_test/.ssh/known_hosts:2
> debug1: Encryption type: 3des
> debug1: Sent encrypted session key.
> debug1: Installing crc compensation attack detector.
> debug1: Received encrypted confirmation.
> debug1: Doing challenge reponse authentication.
> Password:
> Response:
>
> Does that help?
>
[...]
> > On Fri, Dec 27, 2002 at 04:02:52PM +0100, Didier Wiroth wrote:
> > > These are the only activated options:
> > > Protocol 2,1
> > > ListenAddress x.y.z.x
> > > LoginGraceTime 40
> > > PermitRootLogin no
> > > PasswordAuthentication no
> > > PermitEmptyPasswords no
> > > Subsystem       sftp    /usr/libexec/sftp-server

Few options to experiment:

RhostsRSAAuthentication yes
HostbasedAuthentication yes
IgnoreUserKnownHosts no
UseLogin no

	-andrew

> > >
> > > All other options are commented with a '#'!
> > > Any clues?
> > > There is no warning in /var/log/messages!
> >
> > Hmmm... This looks OK to me.  What output do you get if you log in to
> > the box using `ssh -v my.host'?  It should print details of protocol
> > negotiation, authentication steps, etc.
> >
> > Dan
> >

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021228114240.N18941>