Hi, We want to use Hostbased Authentication in OpenSSH 3.4p1 completely based on rhosts or shosts. Don't want to have any keys exchange between server and client. Created /etc/ssh/sshd_config on OpenSSH server with: RhostsAuthentication yes IgnoreRhosts no HostbasedAuthentication yes Created /etc/ssh/ssh_config on client with: Host * HostbasedAuthentication yes Created /etc/rhosts.equiv, /etc/shosts.equiv, /etc/ssh/shosts.equiv on server with: <client hostname> Hostbased authentication is failing giving the following message on client side: debug1: authentications that can continue: publickey,password,keyboard-interactive,hostbased debug1: next auth method to try is hostbased get_socket_ipaddr: getnameinfo 8 failed userauth_hostbased: cannot get local ipaddr/name debug1: next auth method to try is password root at server01's password: What special settings are to be done to make it work? Please help. thanks and regards, Sreedhar. ************************************************************************** This email (including any attachments) is intended for the sole use of the intended recipient/s and may contain material that is CONFIDENTIAL AND PRIVATE COMPANY INFORMATION. Any review or reliance by others or copying or distribution or forwarding of any or all of the contents in this message is STRICTLY PROHIBITED. If you are not the intended recipient, please contact the sender by email and delete all copies; your cooperation in this regard is appreciated. ************************************************************************** -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20030227/305b1db1/attachment.html
On Thu, 27 Feb 2003, Sreedhar_Baddigam wrote:> Hi, > > We want to use Hostbased Authentication in OpenSSH 3.4p1 completely based on > rhosts or shosts. Don't want to have any keys exchange between server and > client.[snip] You will need to populate ssh_known_hosts with the other server's public keys for Hostbased Authentication to work. For further discussion check the archives around Jul 2002 with Subject: Re: OpenSSH 3.4p1 hostbased auth - howto? -- Tim Rice Multitalents (707) 887-1469 tim at multitalents.net
Hi Tim, Thanks for the information. I have gone through few posts in the archive as per your suggestion. I understand from them that populating ssh_known_hosts file with public key of client pcs comes under RhostsRSAAuthentication. We are looking to have openssh remote authentication work just with rhosts or shosts entries. Is it not possible to do that for any reason? Please correct me if I understood the concept of openssh communication wrong. best regards, Sreedhar.> ---------- > From: Tim Rice[SMTP:tim at multitalents.net] > Sent: Thursday, February 27, 2003 03:39 > To: Sreedhar_Baddigam > Cc: openssh-unix-dev at mindrot.org > Subject: Re: OpenSSH 3.4p1 hostbased authentication > > On Thu, 27 Feb 2003, Sreedhar_Baddigam wrote: > > > Hi, > > > > We want to use Hostbased Authentication in OpenSSH 3.4p1 completely > based on > > rhosts or shosts. Don't want to have any keys exchange between server > and > > client. > [snip] > > You will need to populate ssh_known_hosts with the other server's > public keys for Hostbased Authentication to work. > > For further discussion check the archives around Jul 2002 > with Subject: Re: OpenSSH 3.4p1 hostbased auth - howto? > > -- > Tim Rice Multitalents (707) 887-1469 > tim at multitalents.net >************************************************************************** This email (including any attachments) is intended for the sole use of the intended recipient/s and may contain material that is CONFIDENTIAL AND PRIVATE COMPANY INFORMATION. Any review or reliance by others or copying or distribution or forwarding of any or all of the contents in this message is STRICTLY PROHIBITED. If you are not the intended recipient, please contact the sender by email and delete all copies; your cooperation in this regard is appreciated. ************************************************************************** -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20030227/f6686929/attachment.html
Reasonably Related Threads
- OpenSSH 3.4p1 hostbased auth - howto?
- OpenSSH_6.7p1 hostbased authentication failing on linux->linux connection. what's wrong with my config?
- OpenSSH_6.7p1 hostbased authentication failing on linux->linux connection. what's wrong with my config?
- hostbased authentication and the root account
- @cert-authority for hostbased auth - sans shosts?