Displaying 20 results from an estimated 1000 matches similar to: "hostbased failing and can't derive reason of failure in debugging output"
2002 Jun 28
1
hostbased authentication problem in 3.4
I am seeing the same issues as another recent post, hostbased
authentication in 3.4p1 not seeming to work. I tried the ssh-keysign.c
patch posted, didn't seem to fix the problem.
Details:
Solaris 7, OpenSSH 3.4p1, OpenSSL 0.9.6d
Key from client ssh_host_rsa_key.pub copied to server /etc/ssh/ssh_known_hosts2
with comma-separated client hostnames added to front and a blank space before
rest of
2003 Feb 05
0
openssh 3.5p1 hostbased authentication
hello,
i did some debugging today, here is the weird portion form sshd -d -d -d
debug1: userauth-request for user jholland service ssh-connection method
hostbased
debug1: attempt 1 failures 1
debug2: input_userauth_request: try method hostbased
debug1: userauth_hostbased: cuser jholland chost i2-0. pkalg ssh-dss slen
55
debug3: mm_key_allowed entering
debug3: mm_request_send entering: type 20
2002 Aug 07
0
[Bug 382] New: Privilege Separation breaks HostbasedAuthentication
http://cvs-mirror.mozilla.org/webtools/bugzilla/show_bug.cgi?id=382
Summary: Privilege Separation breaks HostbasedAuthentication
Product: Portable OpenSSH
Version: -current
Platform: Sparc
OS/Version: Solaris
Status: NEW
Severity: major
Priority: P2
Component: sshd
AssignedTo: openssh-unix-dev at
2002 Jul 19
1
OpenSSH 3.4p1 hostbased auth - howto?
How do you enable hostbased authentication in OpenSSH?
I have two Red Hat 7.3 machines running openssh-3.4p1, and I would like to
be able to ssh from either of the machines to the other, as any user,
without using passwords or per-user keys.
My /etc/ssh/sshd_config contains:
[...]
IgnoreRhosts no
HostbasedAuthentication yes
[...]
My /etc/ssh/ssh_config contains:
[...]
2002 Jul 16
0
[Bug 356] New: 3.4p1 hostbased authentication between Linux and Solaris
http://bugzilla.mindrot.org/show_bug.cgi?id=356
Summary: 3.4p1 hostbased authentication between Linux and Solaris
Product: Portable OpenSSH
Version: -current
Platform: ix86
OS/Version: Linux
Status: NEW
Severity: major
Priority: P2
Component: ssh
AssignedTo: openssh-unix-dev at mindrot.org
2002 Aug 01
0
[Bug 376] New: HostbasedAuthentication, followed snailbook but not working! :-(
http://bugzilla.mindrot.org/show_bug.cgi?id=376
Summary: HostbasedAuthentication, followed snailbook but not
working! :-(
Product: Portable OpenSSH
Version: -current
Platform: UltraSparc
URL: http://groups.google.com/groups?dq=&hl=en&lr=&ie=UTF-
2002 Jun 28
2
ssh_rsa_verify: RSA_verify failed: error:
Host based authentication does not seem to be working for us after
upgrading to openssh-3.4p1 (we were at openssh-3.1p1) (openssl is at
0.96d). Any time we try to connect from another unix box also running
openssh-3.4p1, we get the following error (on the server side) and host
based auth fails (it falls back to password prompt).
sshd[15038]: error: ssh_rsa_verify: RSA_verify failed:
2003 Oct 06
1
unexpected behaviour in OpenSSH_3.7.1
Hi,
we have installed OpenSSH_3.7.1 in /usr/local. In our environment all
machines mount /usr/local via NFS and automounter from a server. Because
every machine should use its own keys (otherwise we had to export the
directory with root priviledges so that every machine could read the
private keys from /usr/local/etc/ssh), we created the keys in /etc/ssh
and modified the configuration files
2015 Jan 09
5
OpenSSH_6.7p1 hostbased authentication failing on linux->linux connection. what's wrong with my config?
I run OpenSSH on linux
@ client
which ssh
/usr/local/bin/ssh
ssh -v
OpenSSH_6.7p1, OpenSSL 1.0.1j 15 Oct 2014
@ server
which sshd
/usr/local/bin/sshd
sshd -v
unknown option -- V
OpenSSH_6.7p1, OpenSSL 1.0.1j 15 Oct 2014
usage: sshd [-46DdeiqTt] [-b bits] [-C connection_spec] [-c host_cert_file]
[-E log_file] [-f config_file] [-g login_grace_time]
2015 Jan 09
5
OpenSSH_6.7p1 hostbased authentication failing on linux->linux connection. what's wrong with my config?
Hi,
On Fri, Jan 9, 2015, at 10:48 AM, Tim Rice wrote:
> My ssh_config has
> Host *
> HostbasedAuthentication yes
> EnableSSHKeysign yes
> NoHostAuthenticationForLocalhost yes
>
> NoHostAuthenticationForLocalhost is not necessary.
> The one you are missing is EnableSSHKeysign.
>
> Additionally, you made no mention of your ssh_known_hosts files. Make
> sure
2001 Aug 08
1
AUTH_FAIL_MAX reached too early
This looks like a bug (ssh -v output from user included below).
AUTH_FAIL_MAX is reached before all supported authentication methods
are tried.
One possible solution is to count authentication failures separately
for each method tried, and disconnect if one fails more than
<configurable> times.
Btw: The exit status bug is fixed in the CVS version of OpenSSH, but
I'm not very
2006 Oct 01
0
new error message in 4.4p1
I'm trying to understand why I'm getting a new error message
in 4.4p1, when 4.3p1 did not produce the error message. The
config files are the unchanged.
The new error in the log is
Failed hostbased for xxx from nnn.nnn.nnn.nnn
That is followed by the usual
Accepted hostbased for xxx from nnn.nnn.nnn.nnn
and the host based authentication continues to work correctly
despite the new
2002 Aug 12
1
PermitRootLogin=forced-commands-only does not work with UsePrivilegeSeparation=yes
Using openssh-3.4p1 on Linux I noticed that PermitRootLogin=forced-commands-only
does not work if UsePrivilegeSeparation is enabled; but it does work if privsep
is disabled.
Here are excerpts of debug from the server.
-----------UsePrivilegeSeparation DISABLED-------
...
Found matching DSA key: 56:9d:72:b0:4f:67:2e:ed:06:e7:41:03:e2:86:52:0d^M
debug1: restore_uid^M
debug1: ssh_dss_verify:
2001 Apr 25
0
Case study of new possibilities with PartialAuth and HostbasedAuth
Finally all the pieces are in place to allow strong user and host
authentication with SSH2 and the latest OpenSSH code (plus my partial auth
patch). Herein I describe one problem case, and a possible solution thereof.
Target: Allow user logins from host charles to host steve using passwords
Previously, you would have had to trust the IP headers to authenticate
charles. If charles had a
2001 Feb 13
0
host based authentication in protocol version 2
Well, after trying repeatedly to get an ssh version 2 client to connect to
an openssh server as a trusted host, and searching throughout the Internet
and the openssh mailing list archives, I finally discovered the following
statement at http://www.snailbook.com/faq/trusted-host-howto.auto.html:
"Note that OpenSSH does not implement hostbased authentication in its
protocol 2 support."
2001 Sep 26
3
OpenSSH 2.9.9
OpenSSH 2.9.9 has just been uploaded. It will be available from the
mirrors listed at http://www.openssh.com/ shortly.
OpenSSH 2.9.9 fixes a weakness in the key file option handling,
including source IP based access control.
OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0
implementation and includes sftp client and server support.
This release contains many portability
2010 Jun 04
0
Hostbased authentication with certificates
Greetings,
For those interested in using certificates with hostbased
authentication, I have just submitted an enhancement request[1] to the
OpenSSH bugzilla site with a preliminary patch that adds support for
this.
Despite the fact that hostbased authentication is, by default, disabled
for both the client and server, there are environments where hostbased
authentication can be very useful. One
2023 Nov 15
0
@cert-authority for hostbased auth - sans shosts?
On 11/15/23, 10:51 AM, "openssh-unix-dev on behalf of Marian Beermann" <openssh-unix-dev-bounces+iain.morgan=nasa.gov at mindrot.org <mailto:nasa.gov at mindrot.org> on behalf of public at enkore.de <mailto:public at enkore.de>> wrote:
On 11/15/23 18:09, Chris Rapier wrote:
> On 11/11/23 9:31 PM, Damien Miller wrote:
>
>> It's not discouraged so much as
2014 Mar 14
7
[Bug 2211] New: Too many hostbased authentication attempts
https://bugzilla.mindrot.org/show_bug.cgi?id=2211
Bug ID: 2211
Summary: Too many hostbased authentication attempts
Product: Portable OpenSSH
Version: 6.5p1
Hardware: All
OS: All
Status: NEW
Severity: enhancement
Priority: P5
Component: ssh
Assignee: unassigned-bugs at
2023 Nov 09
1
@cert-authority for hostbased auth - sans shosts?
Hi,
we're looking to reduce the number of host lists that
need to be kept in sync in our system. (There are quite a few of them
all over the place)
OpenSSH CAs are an obvious solution for not having to
keep all host keys in sync in /etc/ssh/known_hosts, however,
while OpenSSH does support using a CA in conjunction with hostbased
authentication,
it still requires a list of all authorized