Displaying 20 results from an estimated 31 matches for "sshd_conf".
2001 Jan 02
0
Why add ListenAddress to sshd_conf
?Hola!
[Please keep me in the Cc: list, i amn't subscribed to the list]
(From ftp://ftp.plig.org/pub/OpenBSD/OpenSSH/portable/openssh-2.2.0p1-vs-openbsd.diff.gz)
--- ssh-openbsd-2000090200/sshd_config Tue Aug 8 16:55:05 2000
+++ openssh-2.2.0p1/sshd_config Wed Aug 30 09:40:09 2000
@@ -2,7 +2,7 @@
Port 22
#Protocol 2,1
-#ListenAddress 0.0.0.0
+ListenAddress 0.0.0.0
#ListenAddress ::
HostKey /etc/ssh_host_key
ServerKeyBits 768
----
Why? If there's no ListenAddress ssh listens on all...
2008 Nov 19
1
HELPA
...ub tester at 192.168.0.2:.ssh
[192.168.0.2 $] cat .ssh/id_dsa.pub >> .ssh/authorized_keys
[192.168.0.2 $] chmod 700 .ssh
[192.168.0.2 $] chmod 600 .ssh/authorized_keys
[192.168.0.4 $] ssh id at 192.168.0.2
Permission denied (publickey).
But with password, I can connect to 192.168.0.2.
The sshd_conf is as follows;
192.168.0.4(centos 5.2) sshd_conf:
Protocol 2
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_dsa_key
SyslogFacility AUTHPRIV
#LogLevel INFO
RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys
PasswordAuthentication no
ChallengeResp...
2015 Jul 07
0
Prompt for chrooted users
Well, I seem to have resolved most of this. In the end I had to
create a separate logical link for the chrooted users' home
directories that pointed back to their actual directory. It sounds
confusing because it is.
I first tried this in sshd_conf
ChrootDirectory %h
and in ~/%h I had created the following mount points:
bin dev etc lib lib64 tmp usr
Upon which I had hung mounts to directories containing the chroot
reduced functionality.
mount --bind /path/to/chroot/bin bin
However, that did not work. I next tried this:
ChrootD...
2007 Feb 08
2
Disabling Password authenitication with SSH
....
We have set up sshd (OpenSSH server) on the machine. We have placed ssh
keys into each user's home directory that needs to access the system
(and they work). We want to disable everyone from logging in, using a
password, utilizing ssh keys only to access the system.
I have modified /etc/ssh/sshd_conf to have these settings:
ChallengeResponseAuthentication no
PasswordAuthentication no
UsePAM no
I then restarted the ssh daemon (/etc/init.d/sshd restart), but it still
allows the user to login using their password. What am I missing?
Searching google, only turned up the changes that I...
2009 Jun 01
2
ssh as root with and without private key
...I also want to be able to ssh as root with a required password to
do whatever I like.
So I thought that in addition to root, I'd make a rootback account:
root:x:0:0:root:/root:/bin/bash
rootback:x:0:0:root:/root:/bin/bash
(Entries in /etc/shadow are required for both, turns out.)
In sshd_conf I have this
Match User rootback
PermitRootLogin yes
ForceCommand /root/bin/dobackup
Match User root
PermitRootLogin yes
Match
When I
ssh -l rootback host whatever
it runs the dobackup script.
However, when I run
ssh -l root host date
it logs me in...
2006 Oct 27
2
Telnet and SSH login problems with Red Hat Enterprise ES4
Hello
We have successfully set up Red Hat Enterprise Linux ES4 and we are now
trying to connect remote clients to connect to it.
The problems we are having are as follows:
a) If we set connect with telnet, we get the login prompt. If we
use any valid login name & password combination (including root), we get
the response "Login incorrect" and then the login prompt comes back.
How
2000 Sep 04
1
Hm, dispatch protocol error
I've been getting a few locked sessions (unable to ctrl-c, ctrl-z it) with
the message:
Hm, dispatch protocol error: type 20 plen 136
I've never seen this message before openssh-SNAP-2000082900, and it's only
happened when connected to SSH 2.3.0, from openssh-SNAP-2000082900. Both
machines are mips-sgi-irix6.5.
Anybody care to explain what it means? Is it a known bug?
-jf
2003 Oct 23
1
Help on pam authentication with Openssh3.7.1p2
Hi all:
I have recentely update to openssh3.7.1p2, the my pam authentication
broken. I have followed the advice to modify my configuration file
sshd_conf and set UsePAM yes PasswordAutentication no
ChallengeResponseAuthentication yes
but it still doesn't work.I have modified pam.conf to this.
sshd auth requiste pam_authtok_get.so.1
sshd auth required pam_dhkeys.so.1
sshd auth sufficient...
2007 Oct 31
1
pam_close_session for ssh as root
Hello,
I have a question.
Why do I have pam_close_session with every user but not with root?
Can I configure this in sshd_conf?
Best regards
Karl-Heinz Delzeit
2008 Mar 20
1
ForceCommand and ~/.ssh/rc
Hi,
As I understand the "ForceCommand" in the sshd_confing file is meant to
ignore any command supplied by the client, but if user's home is shared by
server and client machines over network (ex. NFS) then user can still put
something else into ~/.ssh/rc file and overcome this limitation. Is it
possible to disable execution of the ~/.ssh/rc file in...
2010 Jul 14
1
SFTP Chroot
HI:
I tried to deploy a SFTP server with chroot but when i tried to connnect the
client send the next error:
Write failed: Broken pipe
Couldn't read packet: Connection reset by peer
The sshd_conf file is the next:
-------------------------------------------------------------------
# Package generated configuration file
# See the sshd_config(5) manpage for details
# What ports, IPs and protocols we listen for
Port 22
# Use these options to restrict which interfaces/protocols sshd will bind...
2008 Mar 23
1
openssh-unix-dev Digest, Vol 59, Issue 12
...ar 22, 2008, at 3:32 PM, openssh-unix-dev-request at mindrot.org wrote:
> Date: Thu, 20 Mar 2008 18:19:02 -0400
> From: "Mikhail Terekhov" <termim at gmail.com>
> Subject: ForceCommand and ~/.ssh/rc
>
> Hi,
>
> As I understand the "ForceCommand" in the sshd_confing file is
> meant to
> ignore any command supplied by the client, but if user's home is
> shared by
> server and client machines over network (ex. NFS) then user can
> still put
> something else into ~/.ssh/rc file and overcome this limitation. Is it
> possible to di...
2004 Jul 21
1
ssh and root on 4.10 = password discovery (maybe)
Hello. I'm not 100% sure if this is a configuration error on my side or
a 'bad idea' on sshd/FreeBSD sides.
A remote root ssh connection to a FreeBSD 4.10 server (with no remote
root access) will allow you to 'work out' the root password. However, if
you try the same against 5.2.1 FreeBSD, you have little chance. The
following are pretty clear examples.
If this is a config
2022 Apr 11
1
server gave bad signature for RSA key 0 - ?
Hi guys.
Anybody has seen something like this from 'ssh' and care to
comment?
-> $ ssh 10.0.1.6
(root at 10.0.1.6) Password:
client_global_hostkeys_private_confirm: server gave bad
signature for RSA key 0: error in libcrypto
I have virtually identical c8 Stream boxes and only one
gives out this message. I regen keys but that changed nothing.
many thanks, L.
2002 Mar 26
1
[Bug 185] --with-ipv4-default breaks X11-forwarding on HP-UX 10.20
http://bugzilla.mindrot.org/show_bug.cgi?id=185
------- Additional Comments From koenig at science-computing.de 2002-03-27 01:28 -------
I found a possible workaround for my problem: adding
X11UseLocalhost no
in sshd_conf for HP-UX 10.20 avoids the X11-forwarding problems.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
2003 Jul 23
0
Passwordless login for root
Hello:
Can anyone show me direction on how to config the
sshd_conf and ssd_conf file so that I can remotely
login to other machine without typing any password
(for root user)?
I am using the openssh as default in Red Hat 7.3. I
have set the machine IP/user name in the files:
/root/.shosts, /etc/ssh/shosts.equiv,
/etc/hosts.equiv. But it is still fail!
Thanks a l...
2003 Sep 26
1
openssh-3.7.1p2: no pam_close_session() invocation
...0;
}
I guess that the forked child process that calls the sshpam_cleanup()
function is forked before the parent calls do_pam_session() (which sets
sshpam_session_open to true).
pam_close_session() will be invoked by removing surrounding if-statement.
Is this a bug?
My changes to the default sshd_conf are:
72c72
< UsePAM yes
---
> #UsePAM yes
83c83
< UsePrivilegeSeparation no
---
> #UsePrivilegeSeparation yes
96c96
< #Subsystem sftp /local/libexec/sftp-server
---
> Subsystem sftp /local/libexec/sftp-server
By the way: This is a bug in the documentation: The d...
2002 May 08
0
[Bug 237] New: Key authentication failed with SSH 2 / Path wrong
...cleanup 0x33ecc(0x0)
It seems that it doesn't "recognise" correctly SSH 2 and that the 'path' to the
keys (public & private) are wrong.
I've also noticed that it seems to skip completely the file "authorized_keys"
even I specify it "as it is" in sshd_conf!
I didn't finish completely the tests but apparently it's working fine with
OpenSSH rel. < 3.
Thanks in advance and do not hesitate if you need more informations.
Kind Regards,
S.G.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are wa...
2003 Aug 19
3
splitting big authorized_keys files
...~/.ssh/authorized_keys file has about 15000
entries.
With about 300 characters per line I'd get 4,5 MB of data.
I believe that this length of file could lead to performance issues; so I'm
looking for solutions.
I already saw the possibility of using "%u" or "%h" in
sshd_conf/AuthorizedKeysFile; but that's system-wide and not for this one
user.
And %u wouldn't differentiate between my users, as the target-user is always
the same.
One solution would be to have a %2p, which would take 2 characters of the
public-key (preferably the last two - the first two won&...
2008 Mar 24
1
ForceCommand and NFS-shared home directories
> > On Mar 22, 2008, at 3:32 PM, Chris Wilson wrote:
> >
> >> As I understand the "ForceCommand" in the sshd_confing file is meant to
> >> ignore any command supplied by the client, but if user's home is shared
> >> by server and client machines over network (ex. NFS) then user can
> >> still put something else into ~/.ssh/rc file and overcome this
> >> limitation. Is it...