[olug] openssh

ktb x.y.f at home.com
Sat Sep 9 17:57:14 UTC 2000


On Sat, 09 Sep 2000, you wrote:
> Does anyone here know openssh really well?  I've installed it on about
> 30 systems.  All the installs are identical and were done with a script
> I wrote.  Hostbased authentication works between them (except for 1),
> but password authentication always fails.  I've read every doc and man
> page and have tried dozens of things without success.  I can't find a
> decent troubleshooting doc or FAQ...


I don't know openssh well but I can walk through the steps for my
install and maybe it will jog something for you.

I run sshd on my firewall.  
I ran ssh-keygen within the /root directory of one of my internal
computers on my network
I then copied /root/.ssh/identity.pub from my internal computer to
/root/.ssh/authorized_keys on my firewall

Now as root on my internal when I run ssh <firewall>  I get the
following prompt -- "Enter passphrase for RSA key 'root at redhat':"

If  I log in from my internal from my user home directory to my firewall
I get  the prompt -- "[redhat:~]$ ssh firewall
                              kent at firewall password:"
I don't get the passphrase key but I'm listed in
~/kent/.ssh/known_hosts on my firewall, so I get the prompt to enter a
password.

I've set up the same thing with my computer from work except I used the
user directories instead of the root directorys so I get RSA
authentication from work also.

If I remember right RSA authentication didn't work the first time I
logged in but recognized me the second time.

This may be a stupid way of setting things up but it is my first step 
in learning this program.  If I'm doing something real stupid here I
wouldn't mind someone telling me so:)
hth,
kent

________________________________________________________________
"Neurosis is the way of avoiding non-being by avoiding being." -
Paul Tillich, American theologian (1886-1965).

---------------------------------------------------------------------
To unsubscribe, e-mail: olug-unsubscribe at bstc.net
For additional commands, e-mail: olug-help at bstc.net



More information about the OLUG mailing list