Displaying 20 results from an estimated 200 matches similar to: "hostbased authentication problem in 3.4"
2002 Aug 07
0
[Bug 382] New: Privilege Separation breaks HostbasedAuthentication
http://cvs-mirror.mozilla.org/webtools/bugzilla/show_bug.cgi?id=382
Summary: Privilege Separation breaks HostbasedAuthentication
Product: Portable OpenSSH
Version: -current
Platform: Sparc
OS/Version: Solaris
Status: NEW
Severity: major
Priority: P2
Component: sshd
AssignedTo: openssh-unix-dev at
2003 Dec 07
1
hostbased failing and can't derive reason of failure in debugging output
Hello,
I've troubles getting the hostbased method to work. I've given up on
system-to-system for now (different versions), and I'm just trying to
debug localhost. As far as I can see, the key is accepted, but then a
sudden "Failed hostbased" is returned:
[...]
debug3: mm_answer_keyallowed: key 0x8099bc0 is disallowed
debug3: mm_append_debug: Appending debug messages for
2002 Jul 16
0
[Bug 356] New: 3.4p1 hostbased authentication between Linux and Solaris
http://bugzilla.mindrot.org/show_bug.cgi?id=356
Summary: 3.4p1 hostbased authentication between Linux and Solaris
Product: Portable OpenSSH
Version: -current
Platform: ix86
OS/Version: Linux
Status: NEW
Severity: major
Priority: P2
Component: ssh
AssignedTo: openssh-unix-dev at mindrot.org
2002 Jul 19
1
OpenSSH 3.4p1 hostbased auth - howto?
How do you enable hostbased authentication in OpenSSH?
I have two Red Hat 7.3 machines running openssh-3.4p1, and I would like to
be able to ssh from either of the machines to the other, as any user,
without using passwords or per-user keys.
My /etc/ssh/sshd_config contains:
[...]
IgnoreRhosts no
HostbasedAuthentication yes
[...]
My /etc/ssh/ssh_config contains:
[...]
2003 Feb 05
0
openssh 3.5p1 hostbased authentication
hello,
i did some debugging today, here is the weird portion form sshd -d -d -d
debug1: userauth-request for user jholland service ssh-connection method
hostbased
debug1: attempt 1 failures 1
debug2: input_userauth_request: try method hostbased
debug1: userauth_hostbased: cuser jholland chost i2-0. pkalg ssh-dss slen
55
debug3: mm_key_allowed entering
debug3: mm_request_send entering: type 20
2002 Jun 28
2
ssh_rsa_verify: RSA_verify failed: error:
Host based authentication does not seem to be working for us after
upgrading to openssh-3.4p1 (we were at openssh-3.1p1) (openssl is at
0.96d). Any time we try to connect from another unix box also running
openssh-3.4p1, we get the following error (on the server side) and host
based auth fails (it falls back to password prompt).
sshd[15038]: error: ssh_rsa_verify: RSA_verify failed:
2002 Aug 12
1
PermitRootLogin=forced-commands-only does not work with UsePrivilegeSeparation=yes
Using openssh-3.4p1 on Linux I noticed that PermitRootLogin=forced-commands-only
does not work if UsePrivilegeSeparation is enabled; but it does work if privsep
is disabled.
Here are excerpts of debug from the server.
-----------UsePrivilegeSeparation DISABLED-------
...
Found matching DSA key: 56:9d:72:b0:4f:67:2e:ed:06:e7:41:03:e2:86:52:0d^M
debug1: restore_uid^M
debug1: ssh_dss_verify:
2001 Apr 25
0
Case study of new possibilities with PartialAuth and HostbasedAuth
Finally all the pieces are in place to allow strong user and host
authentication with SSH2 and the latest OpenSSH code (plus my partial auth
patch). Herein I describe one problem case, and a possible solution thereof.
Target: Allow user logins from host charles to host steve using passwords
Previously, you would have had to trust the IP headers to authenticate
charles. If charles had a
2001 Sep 26
3
OpenSSH 2.9.9
OpenSSH 2.9.9 has just been uploaded. It will be available from the
mirrors listed at http://www.openssh.com/ shortly.
OpenSSH 2.9.9 fixes a weakness in the key file option handling,
including source IP based access control.
OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0
implementation and includes sftp client and server support.
This release contains many portability
2001 Jul 27
0
Updated ssh-keyscan patch for ssh2 support
In the past 2 months another change occurred in the CVS code that
broke my ssh-keyscan patch. Here's an updated version that tweaks the
changed name (in the Kex struct) and also causes an attempt to grab an
ssh2 key from an older server (without ssh2 support) to fail earlier
and without an error message (Stuart Pearlman emailed me some code for
this).
This patch is based on the BSD CVS
2002 Aug 01
0
[Bug 376] New: HostbasedAuthentication, followed snailbook but not working! :-(
http://bugzilla.mindrot.org/show_bug.cgi?id=376
Summary: HostbasedAuthentication, followed snailbook but not
working! :-(
Product: Portable OpenSSH
Version: -current
Platform: UltraSparc
URL: http://groups.google.com/groups?dq=&hl=en&lr=&ie=UTF-
2003 Jul 06
1
OpenSSH_3.6.1p2 (Gentoo Linux build) hangs on SSH2_MSG_SERVICE_ACCEPT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi there,
One of our customer is experiencing a strange hang on their ssh server which
I updated last night for him and rebuilt from the Gentoo port (this happened
before and after the update). I can trigger it from a fresh boot by logging
once or twice as root with an RSA key, then trying to log in as a regular
user, getting the password wrong, and
2015 May 30
8
Call for testing: OpenSSH 6.9
Debian GNU/Linux 8.0 (jessie)
OpenSSL 1.0.1k
gcc (Debian 4.9.2-10) 4.9.2
"make tests" fails here:
/usr/src/INET/openssh/ssh-keygen -lf
/usr/src/INET/openssh/regress//t12.out.pub | grep test-comment-1234
>/dev/null
run test connect.sh ...
ssh connect with protocol 1 failed
ssh connect with protocol 2 failed
failed simple connect
Makefile:192: recipe for target 't-exec' failed
2003 Oct 06
1
unexpected behaviour in OpenSSH_3.7.1
Hi,
we have installed OpenSSH_3.7.1 in /usr/local. In our environment all
machines mount /usr/local via NFS and automounter from a server. Because
every machine should use its own keys (otherwise we had to export the
directory with root priviledges so that every machine could read the
private keys from /usr/local/etc/ssh), we created the keys in /etc/ssh
and modified the configuration files
2001 Feb 13
0
host based authentication in protocol version 2
Well, after trying repeatedly to get an ssh version 2 client to connect to
an openssh server as a trusted host, and searching throughout the Internet
and the openssh mailing list archives, I finally discovered the following
statement at http://www.snailbook.com/faq/trusted-host-howto.auto.html:
"Note that OpenSSH does not implement hostbased authentication in its
protocol 2 support."
2006 Oct 01
0
new error message in 4.4p1
I'm trying to understand why I'm getting a new error message
in 4.4p1, when 4.3p1 did not produce the error message. The
config files are the unchanged.
The new error in the log is
Failed hostbased for xxx from nnn.nnn.nnn.nnn
That is followed by the usual
Accepted hostbased for xxx from nnn.nnn.nnn.nnn
and the host based authentication continues to work correctly
despite the new
2001 Apr 25
0
Minor bug in HostbasedAuthentication
When using "HostbasedUsesNameFromPacketOnly yes", the ssh client sends the
hostname with a trailing dot, but the server does not strip off the
trailing dot when matching against .shosts et. al., or when looking up keys
in ssh_known_hosts2. This causes the host to not be found. Adding the
hostname with trailing dot to the config files "fixes" this, but I think
sshd should
2001 Oct 01
0
Couldn't obtain random bytes
I am trying to generate a ssh_known_hosts2 file, 2.9.9p2,
using:
ssh-keyscan -f list_of_hosts -t rsa > ssh_known_hosts.rsa
and
ssh-keyscan -f list_of_hosts -t dsa > ssh_known_hosts.dsa
but both commands fail almost immidiately with:
Couldn't obtain random bytes (error 604389476)
What could that mean?
Servers that I am aware of that I query is:
OpenSSH_2.5.1p2
OpenSSH_2.5.2p2
2004 Oct 05
1
compilation problem R2.0.0 Linux SuSE8.2 [incl. output] (PR#7264)
--=-=-=
Sorry, forgot to attach the file...
--=-=-=
Content-Type: application/zip
Content-Disposition: attachment; filename=pdcompilelog.zip
Content-Transfer-Encoding: base64
UEsDBBQAAAAIAImkRTGksC5Kaw8AACBOAAATABUAcGQuY29uZmlndXJlLm91dHB1dFVUCQADoeli
QY3pYkFVeAQA9AFkAOVcbY/bNhL+nl8hFAc0vcR2Nt1kgwJ3QLLrtm73JdjNHRb3xaApymYskapE
2001 Aug 08
1
AUTH_FAIL_MAX reached too early
This looks like a bug (ssh -v output from user included below).
AUTH_FAIL_MAX is reached before all supported authentication methods
are tried.
One possible solution is to count authentication failures separately
for each method tried, and disconnect if one fails more than
<configurable> times.
Btw: The exit status bug is fixed in the CVS version of OpenSSH, but
I'm not very