similar to: sshd_config file settings

https://bugzilla.mindrot.org/show_bug.cgi?id=1410 Summary: Correct UsePAM comment in sshd_config on Mac OS X Classification: Unclassified Product: Portable OpenSSH Version: 4.7p1 Platform: Other OS/Version: Mac OS X Status: NEW Severity: normal Priority: P2 Component: PAM support AssignedTo:

Hi , I have two problems when i went through a) the man page of sshd_config and b) the comments quoted in sshd_config file itself. They are given below. a) >From the man page of sshd_config: "If UsePAM is enabled, you will not be able to run sshd(8) as a non-privileged user." I changed the permission of the hostkeys to a non-privileged user and tried to run sshd alongwith

http://bugzilla.mindrot.org/show_bug.cgi?id=843 Summary: sshd_config.5: add warning to PasswordAuthentication Product: Portable OpenSSH Version: 3.8p1 Platform: All OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: Documentation AssignedTo: openssh-bugs at mindrot.org

On Thu, Dec 18, 2014 at 2:01 AM, Damien Miller <...> wrote: > On Wed, 17 Dec 2014, Dmt Ops wrote: > >> vi /etc/ssh/sshd_config >> ... >> - ChallengeResponseAuthentication no >> + ChallengeResponseAuthentication yes >> + KbdInteractiveAuthentication yes >>

Hi, I have an auth module for PAM that I wrote a few years ago called pam_vsd.so. The idea is that a user must have a certain privilege before they can successfully authenticate. Without the privilege the PAM module will return PAM_PERM_DENIED. However I find that in OpenSSH 3.7.1p2, I can easily subvert this check simply by hitting return 3 times on connection i.e. [nick at localhost

http://bugzilla.mindrot.org/show_bug.cgi?id=647 Summary: Setting "UsePAM no" in sshd_config gives error if not config'ed w/ --with-pam Product: Portable OpenSSH Version: -current Platform: Sparc OS/Version: SunOS Status: NEW Severity: minor Priority: P4 Component: sshd

Hi, There are a few minor tweaks I would like to suggest regrading the recently added TrustedUserCAKeys section in sshd_config(5). TrustedUserCAKeys Specifies a file containing public keys of certificate authorities that are trusted sign user certificates for authentication. Keys are listed one per line, empty lines and comments starting with

Hi All, I noticed that if I put: AuthorizedKeysFile .ssh/authorized_keys in my sshd_config file, pub/priv key authentication no longer worked. I am using OpenSSH_5.4p1, OpenSSL 0.9.8n 24 Mar 2010 on Archlinux. Sam ****************** Here is my WORKING config ****************** Port 22 ListenAddress 0.0.0.0 Protocol 2 PermitRootLogin no PubkeyAuthentication yes #AuthorizedKeysFile

Hello, I have recently download and compiled version 3.7.1p2 of openssh, but am having authentication issues with it. I have been using 3.6.1p1 with no problems. Both versions were compiled on the same Solaris 8 host. That host uses ldap for its name service. Both were compiled using the same openssh config options: --prefix=/opt/openssh --with-pam --with-zlib=/opt/openssh/lib However, the

Hi, On Fri, Jan 9, 2015, at 10:48 AM, Tim Rice wrote: > My ssh_config has > Host * > HostbasedAuthentication yes > EnableSSHKeysign yes > NoHostAuthenticationForLocalhost yes > > NoHostAuthenticationForLocalhost is not necessary. > The one you are missing is EnableSSHKeysign. > > Additionally, you made no mention of your ssh_known_hosts files. Make > sure

I run OpenSSH on linux @ client which ssh /usr/local/bin/ssh ssh -v OpenSSH_6.7p1, OpenSSL 1.0.1j 15 Oct 2014 @ server which sshd /usr/local/bin/sshd sshd -v unknown option -- V OpenSSH_6.7p1, OpenSSL 1.0.1j 15 Oct 2014 usage: sshd [-46DdeiqTt] [-b bits] [-C connection_spec] [-c host_cert_file] [-E log_file] [-f config_file] [-g login_grace_time]

Hello All, The attached patch allows openssh to specify which pam service name to authenticate users against by specifying the PAMServiceName attribute in the sshd_config file. Because the parameter can be included in the Match directive sections, it allows different authentication based on the Match directive. In our case, we use it to allow different levels of authentication based on the

http://bugzilla.mindrot.org/show_bug.cgi?id=719 Summary: pam auth not working the same way Product: Portable OpenSSH Version: -current Platform: Sparc OS/Version: Solaris Status: NEW Severity: normal Priority: P2 Component: PAM support AssignedTo: openssh-bugs at mindrot.org ReportedBy:

Hello list, on a CentOS 6.4 machine I'm creating accounts with empty passwords. Each user's public key is located in <user's home>/.ssh/authorized_keys. When trying to ssh into that machine, following error message is displayed: Permission denied (publickey). In /etc/ssh/sshd_config I've set: PasswordAuthentication no UsePAM no If I set a password for the users, the

On Fri, Jan 09, 2015 at 12:22:00 -0800, grantksupport at operamail.com wrote: > @client > > as root (as before) > > ssh server.DOMAIN.COM > Permission denied (hostbased). > > instead, as my user, fails differently for some reason, > > ssh server.DOMAIN.COM > ... > no matching hostkey found for key ED25519

http://bugzilla.mindrot.org/show_bug.cgi?id=667 Summary: Openssh 3.7x, Windows ssh clients and Ldap don't play together Product: Portable OpenSSH Version: 3.7.1p1 Platform: ix86 OS/Version: Linux Status: NEW Severity: critical Priority: P2 Component: PAM support AssignedTo:

hi, i just noticed that my pam_tally config has stopped working. it used to work in 3.6.1p2, but since then hasn't. i configured openssh like so: ./configure --with-tcp-wrappers --with-pam --with-privsep-user=sshd --with-md5-passwords --with-ipaddr-display and i do have "UsePAM yes" set in sshd_config. i've tried and failed to get it to work with 3.7.1p2 and 3.8.1p1. i've

Hello everyone, We are setting up a server at work, and we have run into something that I am not sure how to resolve. We have set up sshd (OpenSSH server) on the machine. We have placed ssh keys into each user's home directory that needs to access the system (and they work). We want to disable everyone from logging in, using a password, utilizing ssh keys only to access the system. I have

I am trying to find out how I can use the new self-signed certificates So what I read in the man pages, it should be something like: client: 1) ssh-keygen -f ca_rsa # generate a ssh keypair for use as a certificate Server(s): 2) make sure your /etc/ssh/sshd_config has TrustedUserCAKeys assigned TrustedUserCAKeys /etc/ssh/sshcakeys # or whatever name or location you like 3) edit

Hi.? I have configured sshd in OpenBSD to require publickey authentication. I've tried configuring FreeBSD to do the same, but I can still login via keyboard authentication. Here are the options I have in my sshd_config: PasswordAuthentication no ChallengeResponseAuthentication no UsePAM no After setting those options I kill -HUP the sshd? process. Is there something simple I am missing?