Date: Wed, 5 Sep 2001 10:40:11 -0500 From: "qxu" <qxu2@Bayou.UH.EDU> To: <freebsd-questions@FreeBSD.ORG> Subject: SSh configuration Message-ID: <002501c13621$0c9756f0$3fcd0781@ee.uh.edu>
next in thread | raw e-mail | index | archive | help
[-- Attachment #1 --] I have install freebsd4.1.1 on two boxes. The ssh is automatically installed, since I choose all ports. But the ssh will not work. The network is fine. I can ping each other. Also I put sshd_enable="YES" in the rc.conf. But I can not even ssh localhost. There are also two old freebsd boxes(also 4.1.1) left by other people, I can ssh them from the new boxes. But can not ssh the new box from the old box. I can not find where the configuration is different from the old boxes. old boxes ---------squid1.my.com , squid2.my.com new boxes -------squid3.my.com , squid4.my.com use ps, I can see sshd is there. Here is the output of ssh -v from old and new boxes On the new boxes ssh -v localhost SSH Version OpenSSH-2.1, protocol versions 1.5/2.0. Compiled with SSL (0x0090581f). debug: Reading configuration data /etc/ssh/ssh_config debug: ssh_connect: getuid 0 geteuid 0 anon 0 debug: Connecting to localhost.my.domain [127.0.0.1] port 22. debug: Allocated local port 1006. debug: Connection established. debug: Remote protocol version 1.99, remote software version OpenSSH-2.1 debug: Local version string SSH-1.5-OpenSSH-2.1 debug: Waiting for server public key. debug: Received server public key (768 bits) and host key (1024 bits). debug: Forcing accepting of host key for loopback/localhost. debug: Encryption type: 3des debug: Sent encrypted session key. debug: Installing crc compensation attack detector. debug: Received encrypted confirmation. debug: Trying Kerberos V5 authentication. ssh -v squid1.my.com -----------the old freebsd box SSH Version OpenSSH-2.1, protocol versions 1.5/2.0. Compiled with SSL (0x0090581f). debug: Reading configuration data /etc/ssh/ssh_config debug: ssh_connect: getuid 0 geteuid 0 anon 0 debug: Connecting to squid1.my.com [10.12.0.1] port 22. debug: Allocated local port 1005. debug: connect: Permission denied debug: Trying again... debug: Connecting to squid1.my.com [10.12.0.1] port 22. debug: Allocated local port 1004. debug: connect: Permission denied debug: Trying again... debug: Connecting to squid1.my.com [10.12.0.1] port 22. debug: Allocated local port 1003. debug: connect: Permission denied On the old boxes ssh -v squid1.my.com SSH Version OpenSSH-2.1, protocol versions 1.5/2.0. Compiled with SSL (0x0090581f). debug: Reading configuration data /etc/ssh/ssh_config debug: ssh_connect: getuid 0 geteuid 0 anon 0 debug: Connecting to squid1.my.com [10.12.0.1] port 22. debug: Allocated local port 1023. debug: Connection established. debug: Remote protocol version 1.99, remote software version OpenSSH-2.1 debug: Local version string SSH-1.5-OpenSSH-2.1 debug: Waiting for server public key. debug: Received server public key (768 bits) and host key (1024 bits). debug: Host 'squid1.my.com' is known and matches the RSA host key. debug: Encryption type: 3des debug: Sent encrypted session key. debug: Installing crc compensation attack detector. debug: Received encrypted confirmation. debug: Trying RSA authentication with key 'root@squid2.my.com' debug: Server refused our key. debug: Doing password authentication. debug: Requesting pty. debug: Requesting shell. debug: Entering interactive session. Last login: Wed Sep 5 10:14:36 2001 Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994 The Regents of the University of California. All rights reserved. FreeBSD 4.1.1-RELEASE (MYKERNEL) #0: Tue Jun 19 15:36:57 CDT 2001 Welcome to FreeBSD! Before seeking technical support, please use the following resources: o Security advisories and updated errata information for all releases are at http://www.FreeBSD.org/releases/ - always consult the ERRATA section for your release first as it's updated frequently. o The Handbook and FAQ documents are at http://www.freebsd.org/ and, along with the mailing lists, can be searched by going to http://www.FreeBSD.org/search.html. If the doc distribution has been installed, they're also available formatted in /usr/share/doc. If you still have a question or problem, please take the output of `uname -a', along with any relevant error messages, and email it as a question to the questions@FreeBSD.org mailing list. If you are unfamiliar with FreeBSD's directory layout, please refer to the hier(7) man page. If you are not familiar with man pages, type "man man". You may also use `/stand/sysinstall' to re-enter the installation and configuration utility. Edit /etc/motd to change this login announcement. You have new mail. squid1# By the way when I use ssh -v hostname > outputfile, the system is frozen, and can not response until I shut down the host it connected. Is there any way to deal with this. Finally, this after I run ssh -v, the network is in trouble, when I ping between the old boxes and the new box. the permission is denied when I ping from the new to old, if I ping from the old to new, there is no response at all. Thank you. Xu,Qiang [-- Attachment #2 --] <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <HTML><HEAD> <META content="text/html; charset=iso-8859-1" http-equiv=Content-Type> <META content="MSHTML 5.00.2920.0" name=GENERATOR> <STYLE></STYLE> </HEAD> <BODY bgColor=#ffffff> <DIV><FONT face=Arial size=2> <DIV><FONT face=Arial size=2>I have install freebsd4.1.1 on two boxes. The ssh is automatically installed, since I choose all ports.</FONT></DIV> <DIV><FONT face=Arial size=2>But the ssh will not work. The network is fine. I can ping each other.</FONT></DIV> <DIV><FONT face=Arial size=2>Also I put sshd_enable="YES" in the rc.conf. But </FONT><FONT face=Arial size=2><FONT face=Arial size=2>I can not even ssh localhost. </FONT></FONT></DIV> <DIV> </DIV> <DIV><FONT face=Arial size=2>There are also two old freebsd boxes(also 4.1.1) left by other people, I can ssh them from the new boxes. </FONT></DIV> <DIV><FONT face=Arial size=2>But can not ssh the new box from the old box. </FONT></DIV> <DIV> </DIV> <DIV><FONT face=Arial size=2>I can not find where the configuration is different from the old boxes.</FONT></DIV> <DIV> </DIV> <DIV> </DIV> <DIV>old boxes ---------squid1.my.com , squid2.my.com</DIV> <DIV>new boxes -------squid3.my.com , squid4.my.com</DIV> <DIV> </DIV> <DIV> </DIV> <DIV>use ps, I can see sshd is there.<BR>Here is the output of ssh -v from old and new boxes<BR><BR></DIV> <DIV><FONT size=4><STRONG>On the new boxes</STRONG></FONT></DIV> <DIV> </DIV> <DIV>ssh -v localhost</DIV> <DIV><BR>SSH Version OpenSSH-2.1, protocol versions 1.5/2.0.<BR>Compiled with SSL (0x0090581f).<BR>debug: Reading configuration data /etc/ssh/ssh_config<BR>debug: ssh_connect: getuid 0 geteuid 0 anon 0<BR>debug: Connecting to localhost.my.domain [127.0.0.1] port 22.<BR>debug: Allocated local port 1006.<BR>debug: Connection established.<BR>debug: Remote protocol version 1.99, remote software version OpenSSH-2.1<BR>debug: Local version string SSH-1.5-OpenSSH-2.1<BR>debug: Waiting for server public key.<BR>debug: Received server public key (768 bits) and host key (1024 bits).<BR>debug: Forcing accepting of host key for loopback/localhost.<BR>debug: Encryption type: 3des<BR>debug: Sent encrypted session key.<BR>debug: Installing crc compensation attack detector.<BR>debug: Received encrypted confirmation.<BR>debug: Trying Kerberos V5 authentication.<BR><BR>ssh -v squid1.my.com -----------the old freebsd box</DIV> <DIV><BR>SSH Version OpenSSH-2.1, protocol versions 1.5/2.0.<BR>Compiled with SSL (0x0090581f).<BR>debug: Reading configuration data /etc/ssh/ssh_config<BR>debug: ssh_connect: getuid 0 geteuid 0 anon 0<BR>debug: Connecting to squid1.my.com [10.12.0.1] port 22.<BR>debug: Allocated local port 1005.<BR>debug: connect: Permission denied<BR>debug: Trying again...<BR>debug: Connecting to squid1.my.com [10.12.0.1] port 22.<BR>debug: Allocated local port 1004.<BR>debug: connect: Permission denied<BR>debug: Trying again...<BR>debug: Connecting to squid1.my.com [10.12.0.1] port 22.<BR>debug: Allocated local port 1003.<BR>debug: connect: Permission denied<BR><BR> <DIV><FONT size=4><STRONG>On the old boxes</STRONG></FONT></DIV> <DIV> </DIV> <DIV>ssh -v squid1.my.com </DIV></DIV> <DIV>SSH Version OpenSSH-2.1, protocol versions 1.5/2.0.<BR>Compiled with SSL (0x0090581f).<BR>debug: Reading configuration data /etc/ssh/ssh_config<BR>debug: ssh_connect: getuid 0 geteuid 0 anon 0<BR>debug: Connecting to squid1.my.com [10.12.0.1] port 22.<BR>debug: Allocated local port 1023.<BR>debug: Connection established.<BR>debug: Remote protocol version 1.99, remote software version OpenSSH-2.1<BR>debug: Local version string SSH-1.5-OpenSSH-2.1<BR>debug: Waiting for server public key.<BR>debug: Received server public key (768 bits) and host key (1024 bits).<BR>debug: Host 'squid1.my.com' is known and matches the RSA host key.<BR>debug: Encryption type: 3des<BR>debug: Sent encrypted session key.<BR>debug: Installing crc compensation attack detector.<BR>debug: Received encrypted confirmation.<BR>debug: Trying RSA authentication with key <A href="mailto:'root@squid2.my.com'">'root@squid2.my.com'</A><BR>debug: Server refused our key.<BR>debug: Doing password authentication.<BR>debug: Requesting pty.<BR>debug: Requesting shell.<BR>debug: Entering interactive session.<BR>Last login: Wed Sep 5 10:14:36 2001</DIV> <DIV> </DIV> <DIV>Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994<BR> The Regents of the University of California. All rights reserved.<BR>FreeBSD 4.1.1-RELEASE (MYKERNEL) #0: Tue Jun 19 15:36:57 CDT 2001</DIV> <DIV> </DIV> <DIV>Welcome to FreeBSD!</DIV> <DIV> </DIV> <DIV>Before seeking technical support, please use the following resources:</DIV> <DIV> </DIV> <DIV>o Security advisories and updated errata information for all releases are<BR> at <A href="http://www.FreeBSD.org/releases/">http://www.FreeBSD.org/releases/</A>; - always consult the ERRATA section<BR> for your release first as it's updated frequently.</DIV> <DIV> </DIV> <DIV>o The Handbook and FAQ documents are at <A href="http://www.freebsd.org/">http://www.freebsd.org/</A>; and,<BR> along with the mailing lists, can be searched by going to<BR> <A href="http://www.FreeBSD.org/search.html">http://www.FreeBSD.org/search.html</A>. If the doc distribution has<BR> been installed, they're also available formatted in /usr/share/doc.</DIV> <DIV> </DIV> <DIV>If you still have a question or problem, please take the output of<BR>`uname -a', along with any relevant error messages, and email it<BR>as a question to the <A href="mailto:questions@FreeBSD.org">questions@FreeBSD.org</A> mailing list. If you are<BR>unfamiliar with FreeBSD's directory layout, please refer to the hier(7)<BR>man page. If you are not familiar with man pages, type "man man".<BR>You may also use `/stand/sysinstall' to re-enter the installation and<BR>configuration utility. Edit /etc/motd to change this login announcement.</DIV> <DIV> </DIV> <DIV>You have new mail.<BR>squid1# </DIV> <DIV> </DIV> <DIV> </DIV> <DIV> </DIV> <DIV>By the way when I use ssh -v hostname > outputfile, the system is frozen, and can not response until I shut down the host it connected. Is there any way to deal with this.</DIV> <DIV> </DIV> <DIV>Finally, this after I run ssh -v, the network is in trouble, when I ping between the old boxes and the new box. the permission is denied when I ping from the new to old, </DIV> <DIV>if I ping from the old to new, there is no response at all.</DIV> <DIV> </DIV> <DIV><BR>Thank you.<BR><BR>Xu,Qiang<BR><BR></DIV> <DIV> </DIV></FONT></DIV></BODY></HTML>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?002501c13621$0c9756f0$3fcd0781>