Date: Sun, 11 Feb 2001 22:14:57 -0700 (MST) From: Aaron Mildenstein <aaronm@orem.verio.net> To: Sergey Akifiev <sergey@road.omskelecom.ru> Cc: <freebsd-stable@FreeBSD.ORG> Subject: Re: sshd in 4.2-STABLE Message-ID: <Pine.BSF.4.31.0102112212490.55276-100000@mx.dmz.orem.verio.net> In-Reply-To: <1843641235.20010212104321@road.omskelecom.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
I had the same problem. And do you know what I found was the problem? /etc/pam.conf was missing the following lines: sshd auth sufficient pam_skey.so sshd auth required pam_unix.so try_first_pass sshd session required pam_permit.so And that was all it took to get sshd to work right. Somewhere in there sshd started requiring pam. Go figure. Aaron Mildenstein On Mon, 12 Feb 2001, Sergey Akifiev wrote: > Hello freebsd-stable, > > sshd stops working after cvsup'ing up to 4.2-STABLE. But on > 4.1-RELEASE it works fine! > Here is result of 'sshd -d': > > debug1: sshd version OpenSSH_2.3.0 > debug1: read DSA private key done > debug1: Forcing server key to 1152 bits to make it differ from host key. > debug1: Bind to port 22 on 0.0.0.0. > Server listening on 0.0.0.0 port 22. > Generating 1152 bit RSA key. > RSA key generation complete. > debug1: Server will not fork when running in debugging mode. > Connection from sergey.gibdd.uvd-omsk.su port 1179 > Connection from 94.1.0.85 port 1179 > debug1: Client protocol version 2.1; client software version > OpenSSH_3.26.00_Telneat > debug1: no match: OpenSSH_3.26.00_Telneat > Enabling compatibility mode for protocol 2.0 > debug1: Local version string SSH-1.99-OpenSSH_2.3.0 > debug1: send KEXINIT > debug1: done > debug1: wait KEXINIT > debug1: got kexinit: diffie-hellman-group1-sha1 > debug1: got kexinit: ssh-dss > debug1: got kexinit: 3des-cbc,blowfish-cbc,arcfour,cast128-cbc > debug1: got kexinit: 3des-cbc,blowfish-cbc,arcfour,cast128-cbc > debug1: got kexinit: hmac-sha1,hmac-md5,hmac-ripemd160@openssh.com > debug1: got kexinit: hmac-sha1,hmac-md5,hmac-ripemd160@openssh.com > debug1: got kexinit: none > debug1: got kexinit: none > debug1: got kexinit: > debug1: got kexinit: > debug1: first kex follow: 0 > debug1: reserved: 0 > debug1: done > debug1: kex: client->server 3des-cbc hmac-sha1 none > debug1: kex: server->client 3des-cbc hmac-sha1 none > debug1: Wait SSH2_MSG_KEXDH_INIT. > debug1: bits set: 495/1024 > debug1: bits set: 515/1024 > debug1: sig size 20 20 > debug1: send SSH2_MSG_NEWKEYS. > debug1: done: send SSH2_MSG_NEWKEYS. > debug1: Wait SSH2_MSG_NEWKEYS. > debug1: GOT SSH2_MSG_NEWKEYS. > debug1: done: KEX2. > debug1: userauth-request for user sergey service ssh-connection method > publickey > debug1: attempt #1 > debug1: Starting up PAM with username "sergey" > debug1: matching key found: file /home/sergey/.ssh/authorized_keys2, line 1 > debug1: len 55 datafellows 0 > debug1: dsa_verify: signature incorrect > Failed publickey for sergey from 94.1.0.85 port 1179 ssh2 > fatal: Read from socket failed: Connection reset by peer > debug1: Calling cleanup 0x8058150(0x0) > debug1: Calling cleanup 0x805e480(0x0) > > PS > > -- > Best regards, > Sergey mailto:sergey@road.omskelecom.ru > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-stable" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.31.0102112212490.55276-100000>