Date: Sun, 6 Sep 2015 18:56:40 -0400 From: Jaime Kikpole <jkikpole@cairodurham.org> To: Matthew Seaman <matthew@freebsd.org> Cc: "freebsd-questions@freebsd.org" <freebsd-questions@freebsd.org> Subject: Re: Strange SFTP and PAM failure Message-ID: <CA%2Bsg5RSZDTdL2BuY9pNewZ-Kk0ZV_R-RFOrvQa6XDGveUZJtqg@mail.gmail.com> In-Reply-To: <55DC0D95.80202@FreeBSD.org> References: <CA%2Bsg5RQ-yMgsbq5VA-SNDDkUaYcVJUEPAe-iqfDLR1EFuVyCTg@mail.gmail.com> <55D6466F.9070200@FreeBSD.org> <CA%2Bsg5RQK9OYVtUw9O7TJFqpFrHUX4GsWTyPE5HEm=je-KypjeA@mail.gmail.com> <55DC0D95.80202@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
I think I have an answer, but I don't know if it is a good idea or not. When I asked, they eventually told me they're using Java 1.8 Update 51. After weeks of wasted time, they escalated it to engineering. (And I do mean "wasted." It took three days for them to "pull the logs" (their words) so that someone could review them. Not 3 days to review them. Just to "pull the logs.") Meanwhile, I've been tinkering and trying until I found that changing "PasswordAuthentication" in /etc/sshd_config from the default of "no" to "yes" will allow the PowerSchool system to make an SFTP connection and successfully push the text file over the link. So my question now becomes: Is this a good idea? The man page seems to say that I should set ChallengeResponseAuthentication to "no" if PasswordAuthentication is set to "yes". Should I make that change? Should I just disable PAM within sshd? I also freely admit that I don't have a deep understanding of PAM and usually leave it on the default settings. Perhaps I just have a silly setting in PAM. Any advice would be appreciated. Thanks in advance! -- Jaime Kikpole Network Administrator Cairo-Durham Central School District Technical Support: help@cairodurham.org go.cairodurham.org/techtips -- This electronic message and any attachment(s) may contain confidential or legally privileged information protected by law from further disclosure and is intended only for the individual or entity identified above as the addressee. If you are not the addressee (or the employee or agency responsible to deliver it to the addressee), or if this message has been addressed to you in error, you are hereby notified that you may not copy, forward, disclose or use any part of this message or any attachment(s). Please notify the sender immediately by return email or telephone and permanently delete this message and attachment(s) from your system.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CA%2Bsg5RSZDTdL2BuY9pNewZ-Kk0ZV_R-RFOrvQa6XDGveUZJtqg>