Appologise if this did make it to the list but I just subscribed and didn't see it come back... I am attmepting to install ssh/sshd on my RH6.1 Intel Box. Everything seems to be working (not quite smooth sailing - I had to resort to precompiled RPM for OpenSSL). I did however get it "working." I generated a host key as root and then changed back to joe-user. I created a key for joe-user. I then ssh'd to my own host. I got a prompt for a password and was very excited... except I typed in my password and got rejected. Any ideas? I am using PAM and I believe my passwords are shadowed... I would like to better understand the "To disable tunneled clear text password, change to no here" comment... Is this "clear text" passwords which are then encrypted int he tunnel? and what is an SKey? #syslog Apr 8 22:03:27 fuzzball sshd[27946]: Failed password for joe-user from 192.168.1.3 port 753 Apr 8 22:03:29 fuzzball sshd[27946]: Connection closed by 192.168.1.3 Apr 8 22:03:29 fuzzball sshd[27946]: Cannot close PAM session: System error Apr 8 22:03:29 fuzzball sshd[27946]: Cannot delete credentials: Authentication # This is ssh server systemwide configuration file. Port 22 ListenAddress 0.0.0.0 #ListenAddress :: HostKey /usr/local/etc/ssh_host_key ServerKeyBits 768 LoginGraceTime 600 KeyRegenerationInterval 3600 PermitRootLogin yes # # Don't read ~/.rhosts and ~/.shosts files IgnoreRhosts yes # Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication #IgnoreUserKnownHosts yes StrictModes yes X11Forwarding no X11DisplayOffset 10 PrintMotd yes KeepAlive yes # Logging SyslogFacility AUTH LogLevel INFO #obsoletes QuietMode and FascistLogging RhostsAuthentication no # # For this to work you will also need host keys in /etc/ssh_known_hosts RhostsRSAAuthentication no # RSAAuthentication yes # To disable tunneled clear text passwords, change to no here! PasswordAuthentication yes PermitEmptyPasswords no # Uncomment to disable s/key passwords #SkeyAuthentication no # To change Kerberos options #KerberosAuthentication no #KerberosOrLocalPasswd yes #AFSTokenPassing no #KerberosTicketCleanup no # Kerberos TGT Passing does only work with the AFS kaserver #KerberosTgtPassing yes CheckMail no UseLogin no
P? 2000-Apr-09 klokka 03:12:31 -0400 skrivet Keith Baker: : I am attmepting to install ssh/sshd on my RH6.1 Intel Box. Everything : seems to be working (not quite smooth sailing - I had to resort to : precompiled RPM for OpenSSL). I did however get it "working." I : generated a host key as root and then changed back to joe-user. I created : a key for joe-user. I then ssh'd to my own host. I got a prompt for a : password and was very excited... except I typed in my password and got : rejected. Any ideas? I am using PAM and I believe my passwords are : shadowed... Did you build with support for TCP wrappers? (You may have done so inadvertently even if you didn't specify --with-tcp-wrappers.) Try allowing access to sshd via /etc/hosts.allow. For example: sshd: ALL: ALLOW Also, try running sshd in 'debug' mode: /path/to/sshd -d -p 4022 and ssh as well: ssh -v -p 4022 remote.example.net Finally, make sure that your ~/.ssh/ directory has mode 0700 (drwx------), since you have StrictModes set in sshd_config. : I would like to better understand the "To disable tunneled clear text : password, change to no here" comment... Is this "clear text" passwords : which are then encrypted int he tunnel? Exactly. : and what is an SKey? http://lheawww.gsfc.nasa.gov/~srr/skey_info.html -- jim knoble jmknoble at pobox.com
Naturally, the simplest thing would be for you to install the rpms amde by opennsh's Linux port maintainer. Mate On Sun, Apr 09, 2000 at 03:12:31AM -0400, Keith Baker wrote:> Appologise if this did make it to the list but I just subscribed and > didn't see it come back... > > I am attmepting to install ssh/sshd on my RH6.1 Intel Box. Everything > seems to be working (not quite smooth sailing - I had to resort to > precompiled RPM for OpenSSL). I did however get it "working." I > generated a host key as root and then changed back to joe-user. I created > a key for joe-user. I then ssh'd to my own host. I got a prompt for a > password and was very excited... except I typed in my password and got > rejected. Any ideas? I am using PAM and I believe my passwords are > shadowed... > > I would like to better understand the "To disable tunneled clear text > password, change to no here" comment... Is this "clear text" passwords > which are then encrypted int he tunnel? and what is an SKey? > > #syslog > > Apr 8 22:03:27 fuzzball sshd[27946]: Failed password for joe-user from 192.168.1.3 port 753 > Apr 8 22:03:29 fuzzball sshd[27946]: Connection closed by 192.168.1.3 > Apr 8 22:03:29 fuzzball sshd[27946]: Cannot close PAM session: System error > Apr 8 22:03:29 fuzzball sshd[27946]: Cannot delete credentials: Authentication > > # This is ssh server systemwide configuration file. > > Port 22 > ListenAddress 0.0.0.0 > #ListenAddress :: > HostKey /usr/local/etc/ssh_host_key > ServerKeyBits 768 > LoginGraceTime 600 > KeyRegenerationInterval 3600 > PermitRootLogin yes > # > # Don't read ~/.rhosts and ~/.shosts files > IgnoreRhosts yes > # Uncomment if you don't trust ~/.ssh/known_hosts for > RhostsRSAAuthentication > #IgnoreUserKnownHosts yes > StrictModes yes > X11Forwarding no > X11DisplayOffset 10 > PrintMotd yes > KeepAlive yes > > # Logging > SyslogFacility AUTH > LogLevel INFO > #obsoletes QuietMode and FascistLogging > > RhostsAuthentication no > # > # For this to work you will also need host keys in /etc/ssh_known_hosts > RhostsRSAAuthentication no > # > RSAAuthentication yes > > # To disable tunneled clear text passwords, change to no here! > PasswordAuthentication yes > PermitEmptyPasswords no > # Uncomment to disable s/key passwords > #SkeyAuthentication no > > # To change Kerberos options > #KerberosAuthentication no > #KerberosOrLocalPasswd yes > #AFSTokenPassing no > #KerberosTicketCleanup no > > # Kerberos TGT Passing does only work with the AFS kaserver > #KerberosTgtPassing yes > > CheckMail no > UseLogin no > > > > >-- --- Mate Wierdl | Dept. of Math. Sciences | University of Memphis