Hello, We tested OpenSSH 3.9 in Hp-UX platforms for Passwordauthentication under PAM modules. We started the SSH Daemon with following settings: Usepam yes ChallengeResponseAuthentication yes passwordauthentication yes The client is invoked with ssh -o'Passwordauthentication yes' localhost -vvv. The debug traces shows that the authentication suceed as keyboard-interactive. However the expected output should be "password" . Is it so? Debug traces: sshd: debug2: load_server_config: filename /opt/ssh/etc/sshd_config debug2: load_server_config: done config len = 331 debug2: parse_server_config: config /opt/ssh/etc/sshd_config len 331 ssh: debug2: input_userauth_info_req debug2: input_userauth_info_req: num_prompts 0 debug3: packet_send2: adding 48 (len 10 padlen 6 extra_pad 64) debug1: Authentication succeeded (keyboard-interactive). debug1: channel 0: new [client-session] debug3: ssh_session2_open: channel_new: 0 -- Michael
Michael selvesteen wrote:> We tested OpenSSH 3.9 in Hp-UX platforms for Passwordauthentication > under PAM modules. We started the SSH Daemon with following settings: > > Usepam yes > ChallengeResponseAuthentication yes > passwordauthentication yes > > The client is invoked with ssh -o'Passwordauthentication yes' localhost > -vvv. The debug traces shows that the authentication suceed as > keyboard-interactive. > > However the expected output should be "password" . Is it so?For SSHv2 connections, you need to set PreferredAuthentications rather than PasswordAuthentication. By default, PreferredAuthentications will try keyboard-interactive before password. -- Darren Tucker (dtucker at zip.com.au) GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.