Displaying 20 results from an estimated 90000 matches similar to: "keyboardinteractive default"
2014 Nov 07
2
[Bug 2309] New: change default PreferredAuthentications order
https://bugzilla.mindrot.org/show_bug.cgi?id=2309
Bug ID: 2309
Summary: change default PreferredAuthentications order
Product: Portable OpenSSH
Version: 6.7p1
Hardware: Other
OS: All
Status: NEW
Severity: enhancement
Priority: P5
Component: ssh
Assignee: unassigned-bugs at
2010 Jan 21
6
[Bug 1702] New: PreferredAuthentications setting doesn't work when spaces are used as documented
https://bugzilla.mindrot.org/show_bug.cgi?id=1702
Summary: PreferredAuthentications setting doesn't work when
spaces are used as documented
Product: Portable OpenSSH
Version: 5.3p1
Platform: Other
OS/Version: Mac OS X
Status: NEW
Severity: normal
Priority: P2
Component: ssh
2007 Feb 27
1
What would cause keyboard-interactive packet connection close
Hi,
I've got a remote system that was down and came back up. I'm
trying to get into the system, but when I do I get timed out. I
forced it to a keyboard interactive to speed things up:
ssh -o PreferredAuthentications=keyboard-interactive -vvv tuc at 10.2.0.2
but I get :
debug1: waiting for SSH2_MSG_NEWKEYS
debug1: newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: done:
2001 May 08
1
HostbasedAuthentication, and my sillyness
Maybe I just can't read properly, but I just spent the best part of a
day trying to work out why HostbasedAuthentication wouldn't work for
me (with protocol 2 in openssh-2.9p1).
It seems (though maybe there is something wrong with my install), that
after enabling it in the sshd_config it doesn't work, since the client
will not in fact request it (by default).
I was fooled by the
2004 Jun 01
1
Sending immediate PAM auth failure messages via kbd-int
Hi.
One thing that people seem to want to do with PAM is to deny a login
immediately without interacting but return a message to the user. (Some
platforms implement, eg, /etc/nologin via PAM this way.) Currently, sshd
will just deny the login and the user will not be told why.
Attached it a patch that return a keyboard-interactive packet with the
message in the "instruction"
2001 Jun 26
1
OpenSSH 2.9p2 with PAMAuthenticationViaKbdInt
When using PAM to do password authenticaion the attempt/failure counter
appears to be getting confused. This is using a rh62 system with the
openssh-2.9p2-1 rpms...
On the client side...
[matthewm at toadhall (7) matthewm]$ grep Auth /etc/ssh/ssh_config
RhostsAuthentication no
RhostsRSAAuthentication no
HostbasedAuthentication no
RSAAuthentication no
PubkeyAuthentication yes
2002 Jan 07
1
Non-root hostname auth problem
All:
I have a problem connecting Openssh 3.0.2p1 on Solaris 8 using hostname
authentication for non-root users. When I connect to the sshd from a
second machine as root it works fine using HostbasedAuthentication, but it
always fails with non-root users.
I suspect that I am having a permissions problem somewhere, but I'll be
damned if I can figure out where.
Any and all help
2002 Nov 15
3
apparent ssh_config fascism
It appears that /etc/ssh/ssh_config enforces policy on local users in
addition to its documented role as provider of defaults.
$ ssh -V
OpenSSH_3.5p1, SSH protocols 1.5/2.0, OpenSSL 0x0090602f
$ cat .ssh/config
Host localhost
HostbasedAuthentication yes
PreferredAuthentications hostbased
$ ssh localhost
Hostbased authentication not enabled in /etc/ssh/ssh_config
ssh_keysign: no reply
2014 Dec 18
4
chaining AUTH methods -- adding GoogleAuthenticator 2nd Factor to pubkey auth? can't get the GA prompt :-/
I have sshd server
sshd -V
...
OpenSSH_6.7p1, OpenSSL 1.0.1j 15 Oct 2014
...
running on linux/64
with
cat sshd_config
...
PubkeyAuthentication yes
PasswordAuthentication no
ChallengeResponseAuthentication no
2013 Nov 12
0
OpenSSH 6.4 connection to Cisco 6506 routers/switches fails
Just upgraded to OpenSSH_6.4 with OpenSSL 1.0.1e and libz.so.1.2.8.
Now some (but not all) Cisco router logins hang:
kraken> ssh -vv -l noc XXX-mgmt.gw
OpenSSH_6.4, OpenSSL 1.0.1e 11 Feb 2013
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 50: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to XXX-mgmt.gw [10.12.0.1] port 22.
2002 Aug 01
0
[Bug 376] New: HostbasedAuthentication, followed snailbook but not working! :-(
http://bugzilla.mindrot.org/show_bug.cgi?id=376
Summary: HostbasedAuthentication, followed snailbook but not
working! :-(
Product: Portable OpenSSH
Version: -current
Platform: UltraSparc
URL: http://groups.google.com/groups?dq=&hl=en&lr=&ie=UTF-
2001 Nov 15
1
ssh -2 and hostbasedauth
Hi,
I'm trying to figure out how to read OpenSSH's log files (to assist
our people in diagnosing "why is it always asking me for passwords").
All clients and servers are 3.0p1.
First: server does not have the client's RSA2 key in known_host.
debug1: done: ssh_kex2.
debug1: send SSH2_MSG_SERVICE_REQUEST
debug1: service_accept: ssh-userauth
debug1: got
2004 Aug 21
1
openssh-unix-dev Digest, Vol 16, Issue 9
Hello,
We tested OpenSSH 3.9 in Hp-UX platforms for Passwordauthentication
under PAM modules. We started the SSH Daemon with following settings:
Usepam yes
ChallengeResponseAuthentication yes
passwordauthentication yes
The client is invoked with ssh -o'Passwordauthentication yes' localhost
-vvv. The debug traces shows that the authentication suceed as
keyboard-interactive.
2008 Jan 16
4
x509 patch for SSH
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi guys,
been trying the x509 patch for ssh from Roumen, it works great.
However, I can't figure out couple of things, and been trying to solve
it for couple of days already.
I'am using OpenSSH_4.7p1-hpn12v19, OpenSSL 0.9.8g
with 6.1 version of your patch.
The serverside hostkey is configured correctly, to present x509v3-sign-rsa
dynowork
2002 Jun 26
3
pam session as root
Beyond any more general questions of whether pam sessions *should* be
run as root, is there an immediate security concern with moving the
pam_open_session (and pam_setcred) stuff to the parent (root) process?
(E.g., via the patch below.)
--
Mike Stone
diff -u -r1.4 auth-pam.c
--- auth-pam.c 25 Jun 2002 00:45:33 -0000 1.4
+++ auth-pam.c 25 Jun 2002 20:33:41 -0000
@@ -286,6 +286,8 @@
2015 Jan 15
3
OpenSSH v6.7 & NumberOfPasswordPrompts Option ...
Yes, I have tried that option with no difference in behavior. It seems it ignores that option when provided. Just for reference, I am building it on RedHat 5. I have never had this issue on any previous version of OpenSSH. I use the default configuration with only the changes specified in the RHEL 5 STIG applied.
I appreciate the security advice. The root account was indicated simply as an
2002 Mar 18
0
[Bug 171] New: Banner /etc/issue.net (default) not displaying with Protocol 2
http://bugzilla.mindrot.org/show_bug.cgi?id=171
Summary: Banner /etc/issue.net (default) not displaying with
Protocol 2
Product: Portable OpenSSH
Version: 3.1p1
Platform: ix86
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: sshd
AssignedTo:
2014 Dec 18
3
chaining AUTH methods -- adding GoogleAuthenticator 2nd Factor to pubkey auth? can't get the GA prompt :-/
On Thu, Dec 18, 2014 at 2:01 AM, Damien Miller <...> wrote:
> On Wed, 17 Dec 2014, Dmt Ops wrote:
>
>> vi /etc/ssh/sshd_config
>> ...
>> - ChallengeResponseAuthentication no
>> + ChallengeResponseAuthentication yes
>> + KbdInteractiveAuthentication yes
>>
2003 Sep 12
1
Agent Forwarding Anomalies on OpenBSD 3.3/OpenSSH 3.6.1
I have a curious situation with four OpenBSD 3.3 hosts.
Each of these has public/private keys on each other for inter-host
authentication using RSA2 keys.
For instance, they're called hostA-to-hostBCD, hostB-to-hostACD,
hostC-to-hostABD, and hostD-to-hostABC.
The sshd_config files, on each host, look as follows...
#;
#; /etc/ssh/sshd_config
#;
Port 22
Protocol 2
ListenAddress
2001 Mar 28
5
Initial patch to implement partial auth with SSH2
Attached is a patch which adds a new config option, AuthOrder2, to
sshd_config.c. The syntax is:
AuthOrder2 AuthMethod1[:SubAuthMethod1[:SubAuthMethod2...]][,AuthMethod2...]
An example, requiring users to enter a public key _and_ a password, in that
order:
AuthOrder2 publickey:password
The current default behaviour:
AuthOrder2 password,publickey,keyboard-interactive
Require a public key,