[Fwd: Re: [olug] SSH config]

Thom Harrison id4spam at cox.net
Thu Apr 1 01:51:51 UTC 2004


 From a "man ssh_config"

     PreferredAuthentications
             Specifies the order in which the client should try protocol 2
             authentication methods.  This allows a client to prefer one
             method (e.g.  keyboard-interactive) over another method (e.g.
             password) The default for this option is:
             ``hostbased,publickey,keyboard-interactive,password''.

This is actually defined in /etc/ssh/ssh_config ( or 
$HOME/.ssh/ssh_config ).

The order is defined by the client rather than the ssh server.

Thom


-------- Original Message --------
Subject: 	Re: [olug] SSH config
Date: 	Wed, 31 Mar 2004 19:43:25 -0600
From: 	Thom Harrison <id4spam at cox.net>
To: 	Omaha Linux User Group <olug at olug.org>
References: 	<s06a6f56.081 at groupwise.mpsomaha.org>



My password based login used keyboard-interactive ( not password ).  In 
fact, password isn't even in my list of Authentications.
I wonder if password represents ldap or keberos authentication (?)

Thom
----------------------------------


debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Trying private key: /root/.ssh/identity
debug1: Trying private key: /root/.ssh/id_rsa
debug1: Trying private key: /root/.ssh/id_dsa
*debug1: Next authentication method: keyboard-interactive
Password: XXXXXXXXX
debug1: Authentication succeeded (keyboard-interactive).*
debug1: channel 0: new [client-session]
debug1: Entering interactive session.
debug1: Requesting X11 forwarding with authentication spoofing.
Last login: Wed Mar 31 19:15:05 2004 from 192.168.1.1
Have a lot of fun...
linux:~ # exit

I liked the following quote so much I stole it...

The computer said to install Windows 98/NT/2000 or better...
So I installed Linux.  



Craig Wolf wrote:

>Well, I tried it with the -vvv method and I don't understand what it returned:
>debug3: packet_send2: adding 32 (len 22 padlen 10 extra_pad 64)
>debug1: Authentications that can continue: publickey,password,keyboard-interactive
>debug2: userauth_kbdint
>debug2: we sent a keyboard-interactive packet, wait for reply
>debug1: Authentications that can continue: publickey,password,keyboard-interactive
>debug2: userauth_kbdint
>debug2: we sent a keyboard-interactive packet, wait for reply
>debug1: Authentications that can continue: publickey,password,keyboard-interactive
>debug2: we did not send a packet, disable method
>debug3: authmethod_lookup password
>debug3: remaining preferred:
>debug3: authmethod_is_enabled password
>debug1: Next authentication method: password
>bjpoole at XXX.XXX.XXX.XXX's password:
>debug3: packet_send2: adding 64 (len 60 padlen 4 extra_pad 64)
>debug2: we sent a password packet, wait for reply
>debug1: Authentications that can continue: publickey,password,keyboard-interactive
>Permission denied, please try again.
>
>Can someone help me understand what it is saying other than permission denied?  
>Craig sends...
>
>  
>
>>>>Vincent.Raffensberger at dtn.com 03/30/04 22:47 PM >>>
>>>>        
>>>>
>Try running your client with multiple -v arguments for debug output.. ie.. 
> ssh -vvv
>Check your sshd logs and possibly run sshd with multiple -d options for 
>debugging too.
>
>You'll probably find a clue to your problem somewhere in all of that 
>output.
>
>
>
>
>
>"Craig Wolf" <cjwolf at mpsomaha.org> 
>Sent by: olug-bounces at olug.org
>03/30/2004 05:10 PM
>Please respond to
>Omaha Linux User Group <olug at olug.org>
>
>
>To
><olug at olug.org>
>cc
>
>Subject
>Re: [olug] SSH config
>
>
>
>
>
>
>I am able to SSH into my Linux server at my side gig but I am not able to 
>login as a user I just setup on the system.  I keep getting access denied. 
> After researching(google) for info on what could be wrong, I saw that my 
>name is in the sshd_config as "AllowedUser" so I added the other user but 
>I am still getting the access denied when I try to login as him.  I have 
>restarted SSHD but no go.  I just need to rectify this.  He wanted me to 
>open ftp to him and I refused and said to use SCP through SSH.
>
>Craig Wolf
>Linux Web Server Support
>Desktop/Network Specialist
>402-894-6283
>
>  
>
>>>>roberson at olug.org 03/30/04 14:30 PM >>>
>>>>        
>>>>
>
>you lost me... why do you think you need to add a user to sshd_config ?
>
>On Tue, Mar 30, 2004 at 10:39:51AM -0600, Craig Wolf wrote:
>  
>
>>I am stumped.  I have added a user to the sshd_config file as allowed 
>>but I am unable to login as that user to ssh........what did I miss?? 
>>I can login fine still but he cannot......
>>BTW: HP Proliant DL350 server running SuSE 9.0
>>
>>TIA!!
>>
>>Craig Wolf
>>Linux Web Server Support
>>Desktop/Network Specialist
>>402-894-6283
>>
>>
>>_______________________________________________
>>OLUG mailing list
>>OLUG at olug.org
>>http://lists.olug.org/mailman/listinfo/olug
>>    
>>
>_______________________________________________
>OLUG mailing list
>OLUG at olug.org
>http://lists.olug.org/mailman/listinfo/olug
>
>_______________________________________________
>OLUG mailing list
>OLUG at olug.org
>http://lists.olug.org/mailman/listinfo/olug
>
>_______________________________________________
>OLUG mailing list
>OLUG at olug.org
>http://lists.olug.org/mailman/listinfo/olug
>
>_______________________________________________
>OLUG mailing list
>OLUG at olug.org
>http://lists.olug.org/mailman/listinfo/olug
>
>  
>


-- 
I liked the following quote so much I stole it...

The computer said to install Windows 98/NT/2000 or better...
So I installed Linux.  



More information about the OLUG mailing list