[olug] openssh

Vincent vraffensberger at home.com
Sun Sep 10 02:11:17 UTC 2000


ktb wrote:
> 
> On Sat, 09 Sep 2000, you wrote:
> > Does anyone here know openssh really well?  I've installed it on about
> > 30 systems.  All the installs are identical and were done with a script
> > I wrote.  Hostbased authentication works between them (except for 1),
> > but password authentication always fails.  I've read every doc and man
> > page and have tried dozens of things without success.  I can't find a
> > decent troubleshooting doc or FAQ...
> 
> I don't know openssh well but I can walk through the steps for my
> install and maybe it will jog something for you.
> 
> I run sshd on my firewall.
> I ran ssh-keygen within the /root directory of one of my internal
> computers on my network
> I then copied /root/.ssh/identity.pub from my internal computer to
> /root/.ssh/authorized_keys on my firewall
> 
> Now as root on my internal when I run ssh <firewall>  I get the
> following prompt -- "Enter passphrase for RSA key 'root at redhat':"
> 
> If  I log in from my internal from my user home directory to my firewall
> I get  the prompt -- "[redhat:~]$ ssh firewall
>                               kent at firewall password:"
> I don't get the passphrase key but I'm listed in
> ~/kent/.ssh/known_hosts on my firewall, so I get the prompt to enter a
> password.
> 
> I've set up the same thing with my computer from work except I used the
> user directories instead of the root directorys so I get RSA
> authentication from work also.
> 
> If I remember right RSA authentication didn't work the first time I
> logged in but recognized me the second time.
> 
> This may be a stupid way of setting things up but it is my first step
> in learning this program.  If I'm doing something real stupid here I
> wouldn't mind someone telling me so:)
> hth,
> kent
> 
> ________________________________________________________________

There's nothing wrong with the way you are doing it.   There are quite a
few ways to authenticate.  I'm starting to think my problem is related
to pam, I'll run things in debug mode a few time and see what I come up
with.  As I said, hostbased authentication works, but not password...

---------------------------------------------------------------------
To unsubscribe, e-mail: olug-unsubscribe at bstc.net
For additional commands, e-mail: olug-help at bstc.net



More information about the OLUG mailing list