From nobody Tue Jan 30 04:32:05 2024 X-Original-To: freebsd-questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TPC1k2ydfz58DcS for ; Tue, 30 Jan 2024 04:32:10 +0000 (UTC) (envelope-from paulf@quillandmouse.com) Received: from seahorse.cherry.relay.mailchannels.net (seahorse.cherry.relay.mailchannels.net [23.83.223.161]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4TPC1h3VBwz4MmN for ; Tue, 30 Jan 2024 04:32:08 +0000 (UTC) (envelope-from paulf@quillandmouse.com) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=quillandmouse.com header.s=dreamhost header.b=LSVKhtPr; arc=pass ("mailchannels.net:s=arc-2022:i=1"); dmarc=none; spf=pass (mx1.freebsd.org: domain of paulf@quillandmouse.com designates 23.83.223.161 as permitted sender) smtp.mailfrom=paulf@quillandmouse.com X-Sender-Id: dreamhost|x-authsender|paulf@quillandmouse.com Received: from relay.mailchannels.net (localhost [127.0.0.1]) by relay.mailchannels.net (Postfix) with ESMTP id B718B83B24 for ; Tue, 30 Jan 2024 04:32:06 +0000 (UTC) Received: from pdx1-sub0-mail-a269.dreamhost.com (unknown [127.0.0.6]) (Authenticated sender: dreamhost) by relay.mailchannels.net (Postfix) with ESMTPA id 5EA39839E1 for ; Tue, 30 Jan 2024 04:32:06 +0000 (UTC) ARC-Seal: i=1; s=arc-2022; d=mailchannels.net; t=1706589126; a=rsa-sha256; cv=none; b=XK9xqmiO36wvjFdjnNTs5nk/WysgU5oP6RRDwGVRPPZfLVWExg53AwllO8+wgmnABkmBV3 nnOAT/JFuwYV0L3wcC21USs2yDQenIapswhovKMeFDjkylXdBSZ1o7N41Kzjkp9WfpazN9 4TJey5/Ia44tAoM1FxsjGCe/fz1LctrWwg7Ju8AGs0L+MrbXPgq6K72IKr6/YIA4T/76yb Iehl4zUtaYICEXteVK9pEmmr0x6yPYvlcwEjeHWkzDlXHENvgY1G/NYV1//HEfNghBYSeC NNbHC31yL1XAIJPk4EOAz/RqgPyhw1Ob58iWZmtNMZlp9wv76PFbRQTJG4kVEQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=mailchannels.net; s=arc-2022; t=1706589126; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type:dkim-signature; bh=1+UxYmn4b0UJivCmmeZKvUhHoYO38uMY0t58eFRk8Ro=; b=pbPYiz7r4FhdqR6bLSBEtsik8UQGs1eIMyz1V1uB/B1zfnn85r9ZUxoM4YRf/1+/QJ9jR4 AIYLy9K9i5J2fZMs5zW7LjR1AjtuG4+P42eExaROig9VaSKZXH7Y8P0dUCddlvQ1SGFYMR VgAdJBJngrUp5QTYb3v+Tpo20eZ0Hg4A0+7MCulmVH7cl8zH/ii1tahBl225+ofe6UELne Y5orwiyJHIU8IGRqY0vM3bM572sDsUXPwV3kBd44PdKgSNur0HKzDwyqrzf1zJg4I6JAYq DRjbe8ueJchV3DXOTntXQ47jUEt2cZPaaMNNfCpl6pD9bfRp5iVbHciyt99VLQ== ARC-Authentication-Results: i=1; rspamd-6fdd97fffb-btctq; auth=pass smtp.auth=dreamhost smtp.mailfrom=paulf@quillandmouse.com X-Sender-Id: dreamhost|x-authsender|paulf@quillandmouse.com X-MC-Relay: Neutral X-MailChannels-SenderId: dreamhost|x-authsender|paulf@quillandmouse.com X-MailChannels-Auth-Id: dreamhost X-Whimsical-Society: 279dfad059d3c61e_1706589126603_190849580 X-MC-Loop-Signature: 1706589126603:3221264587 X-MC-Ingress-Time: 1706589126603 Received: from pdx1-sub0-mail-a269.dreamhost.com (pop.dreamhost.com [64.90.62.162]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384) by 100.110.105.71 (trex/6.9.2); Tue, 30 Jan 2024 04:32:06 +0000 Received: from yosemite.mars.lan (unknown [47.205.190.127]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) (Authenticated sender: paulf@quillandmouse.com) by pdx1-sub0-mail-a269.dreamhost.com (Postfix) with ESMTPSA id 4TPC1f1cJxz4g for ; Mon, 29 Jan 2024 20:32:06 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=quillandmouse.com; s=dreamhost; t=1706589126; bh=1+UxYmn4b0UJivCmmeZKvUhHoYO38uMY0t58eFRk8Ro=; h=Date:From:To:Subject:Reply-To:Content-Type; b=LSVKhtPrGDifQw3TH4VeOmS4Vy9OpceFE7pz9aIHP2rwfBppvc+WxyGmGhOEGIYKi WwsDthJ5VUfjlrSsrkL27YroMcNf1GwlbzaUdyZ6d1VI2xIZNlBnnAIuoHl9R8ENis cFLwzycL9kvlrZIYX55qTKuDI5o8+kMKC4ZLrQ+tXaY6EWJzOJvaxhzLnCKLx7cbay FYHcfcKxoeR6mFww2rnO4bONey01xC4f4ldM5sRM7oksJ5lbIrmRUGubdyUE7fmI2X qt5q8ei5S9tEOrWfKwd+4e19ubcegiSPbb3hpdU1mZLQ1GkRJ68OrRybeJvjTbhwYk iUjuOS3vPZTMQ== Received: from paulf by yosemite.mars.lan with local (Exim 4.96) (envelope-from ) id 1rUfn3-000Esn-0X for freebsd-questions@freebsd.org; Mon, 29 Jan 2024 23:32:05 -0500 Date: Mon, 29 Jan 2024 23:32:05 -0500 From: Paul M Foster To: freebsd-questions@freebsd.org Subject: Enabling SSD Message-ID: <20240130043205.2japt7ja7j5urm5r@yosemite.mars.lan> Reply-To: paulf@quillandmouse.com Mail-Followup-To: freebsd-questions@freebsd.org List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline X-Spamd-Bar: ---- X-Spamd-Result: default: False [-4.60 / 15.00]; ARC_ALLOW(-1.00)[mailchannels.net:s=arc-2022:i=1]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_SHORT(-1.00)[-1.000]; R_SPF_ALLOW(-0.20)[+ip4:23.83.208.0/20]; R_DKIM_ALLOW(-0.20)[quillandmouse.com:s=dreamhost]; MIME_GOOD(-0.10)[text/plain]; RWL_MAILSPIKE_GOOD(-0.10)[23.83.223.161:from]; TO_MATCH_ENVRCPT_ALL(0.00)[]; DKIM_TRACE(0.00)[quillandmouse.com:+]; DMARC_NA(0.00)[quillandmouse.com]; MIME_TRACE(0.00)[0:+]; RCVD_TLS_LAST(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; MISSING_XM_UA(0.00)[]; FROM_HAS_DN(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[23.83.223.161:from]; RCVD_COUNT_FIVE(0.00)[5]; REPLYTO_ADDR_EQ_FROM(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; ASN(0.00)[asn:63213, ipnet:23.83.223.0/24, country:CA]; TO_DN_NONE(0.00)[]; MLMMJ_DEST(0.00)[freebsd-questions@freebsd.org]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; RCVD_VIA_SMTP_AUTH(0.00)[]; HAS_REPLYTO(0.00)[paulf@quillandmouse.com] X-Rspamd-Queue-Id: 4TPC1h3VBwz4MmN Folks: Fresh install of FreeBSD 14. The following changes in /etc/ssh/sshd_config: LogLevel DEBUG PermitRootLogin yes PubkeyAuthentication no PasswordAuthentication yes KbdInteractiveAuthentication no No modifications have been made to other files, including the PAM files. My intent is to insist on password, not public key authentication. Root login is more or less irrelevent, just convenient. Regardless of edits to the file, or which user, attempts to login from elsewhere on the LAN fail. The response on the client side: I'm not asked for a password at all. The connection just closes. This client has consistently been able to SSH into other Linux clients on this LAN. It's based on the latest Debian, so it's particularly out of date. Here are the relevant lines from auth.log: Jan 30 03:24:22 buckaroo sshd[3121]: Connection from 192.168.254.20 port 60568 on 192.168.254.30 port 22 Jan 30 03:34:22 buckaroo sshd[3121]: Connection closed by authenticating user paulf 192.168.254.20 port 60568 [preauth] The last line puzzles me. Does this mean that the *client* closed the connection? If so, any guesses why? If this is no help, any other reasons why SSH is not working properly? Paul -- Paul M. Foster Personal Blog: http://noferblatz.com Company Site: http://quillandmouse.com Software Projects: https://gitlab.com/paulmfoster