From owner-freebsd-stable Sun Sep 24 21:49:15 2000 Delivered-To: freebsd-stable@freebsd.org Received: from front002.cluster1.charter.net (24-216-159-200.hsacorp.net [24.216.159.200]) by hub.freebsd.org (Postfix) with ESMTP id 44BFF37B424 for ; Sun, 24 Sep 2000 21:49:12 -0700 (PDT) Received: from [24.217.5.250] (HELO dave.uhring.com) by front002.cluster1.charter.net (CommuniGate Pro SMTP 3.2.4) with SMTP id 20617006; Mon, 25 Sep 2000 00:47:41 -0400 From: Dave Uhring To: Joakim Ryden Subject: RE: Login Date: Sun, 24 Sep 2000 23:41:28 -0500 X-Mailer: KMail [version 1.0.28] Content-Type: text/plain Cc: Daniel O'Connor , freebsd-stable@freebsd.org References: In-Reply-To: MIME-Version: 1.0 Message-Id: <00092423491001.09773@dave.uhring.com> Content-Transfer-Encoding: 8bit Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Sun, 24 Sep 2000, Joakim Ryden wrote: > Yesterday at 11:19pm Dave Uhring suggested: > > =>On Sun, 24 Sep 2000, Daniel O'Connor wrote: > =>> On 25-Sep-00 Joakim Ryden wrote: > =>> > I'm using OpenSSH as shipped, have HUP'ed, and am editing > =>> > the right file. ;-) That's why I got a bit stomped.. > =>> > =>> Hmm.. well all I can suggest is kill it and restart it :( > =>> > =>> --- > =>> Daniel O'Connor software and network engineer > =>> for Genesis Software - http://www.gsoft.com.au > =>> "The nice thing about standards is that there > =>> are so many of them to choose from." > =>> -- Andrew Tanenbaum > => > => > =>Are you running sshd on the other boxes? Have you set up > =>/root/.ssh/authorized_keys on those boxes? It is unnecessary to run sshd on > =>your 'master' box, but is essential to have sshd running on any client box to > =>which you wish to connect. Have you set up /root/.ssh/identity.pub or > =>/root/.ssh/id_dsa.pub on your 'master' box? > => > =>Dave > > I'm running sshd on all boxes. I haven't set up key files - > do you have to use RSA auth for root logins to work?? > > Joakim > If the client box doesn't have your public key in its /root/.ssh/authorized_keys file, it will be unable to generate the encrypted random number it needs to send for authentication. On each client box, mkdir /root/.ssh, cd /root/.ssh and ftp to the master box for /etc/ssh/ssh_host_key.pub placing it in authorized_keys. If you wish to do DSA authentication then get your master box's /etc/ssh/ssh_host_dsa_key.pub and put it into the authorized_keys(2)(?) file. Not sure here, I use only RSA. In my experience, login generally fails using the password authentication. Placing your master box's public key in authorized_keys works. Dave To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message