Date: Wed, 5 Sep 2001 10:40:11 -0500 From: "qxu" <qxu2@Bayou.UH.EDU> To: <freebsd-questions@FreeBSD.ORG> Subject: SSh configuration Message-ID: <002501c13621$0c9756f0$3fcd0781@ee.uh.edu>
next in thread | raw e-mail | index | archive | help
This is a multi-part message in MIME format. ------=_NextPart_000_0022_01C135F7.23A2CA70 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable I have install freebsd4.1.1 on two boxes. The ssh is automatically = installed, since I choose all ports. But the ssh will not work. The network is fine. I can ping each other. Also I put sshd_enable=3D"YES" in the rc.conf. But I can not even ssh = localhost.=20 There are also two old freebsd boxes(also 4.1.1) left by other people, = I can ssh them from the new boxes.=20 But can not ssh the new box from the old box.=20 I can not find where the configuration is different from the old boxes. old boxes ---------squid1.my.com , squid2.my.com new boxes -------squid3.my.com , squid4.my.com use ps, I can see sshd is there. Here is the output of ssh -v from old and new boxes On the new boxes ssh -v localhost SSH Version OpenSSH-2.1, protocol versions 1.5/2.0. Compiled with SSL (0x0090581f). debug: Reading configuration data /etc/ssh/ssh_config debug: ssh_connect: getuid 0 geteuid 0 anon 0 debug: Connecting to localhost.my.domain [127.0.0.1] port 22. debug: Allocated local port 1006. debug: Connection established. debug: Remote protocol version 1.99, remote software version OpenSSH-2.1 debug: Local version string SSH-1.5-OpenSSH-2.1 debug: Waiting for server public key. debug: Received server public key (768 bits) and host key (1024 bits). debug: Forcing accepting of host key for loopback/localhost. debug: Encryption type: 3des debug: Sent encrypted session key. debug: Installing crc compensation attack detector. debug: Received encrypted confirmation. debug: Trying Kerberos V5 authentication. ssh -v squid1.my.com -----------the old freebsd box SSH Version OpenSSH-2.1, protocol versions 1.5/2.0. Compiled with SSL (0x0090581f). debug: Reading configuration data /etc/ssh/ssh_config debug: ssh_connect: getuid 0 geteuid 0 anon 0 debug: Connecting to squid1.my.com [10.12.0.1] port 22. debug: Allocated local port 1005. debug: connect: Permission denied debug: Trying again... debug: Connecting to squid1.my.com [10.12.0.1] port 22. debug: Allocated local port 1004. debug: connect: Permission denied debug: Trying again... debug: Connecting to squid1.my.com [10.12.0.1] port 22. debug: Allocated local port 1003. debug: connect: Permission denied On the old boxes ssh -v squid1.my.com=20 SSH Version OpenSSH-2.1, protocol versions 1.5/2.0. Compiled with SSL (0x0090581f). debug: Reading configuration data /etc/ssh/ssh_config debug: ssh_connect: getuid 0 geteuid 0 anon 0 debug: Connecting to squid1.my.com [10.12.0.1] port 22. debug: Allocated local port 1023. debug: Connection established. debug: Remote protocol version 1.99, remote software version OpenSSH-2.1 debug: Local version string SSH-1.5-OpenSSH-2.1 debug: Waiting for server public key. debug: Received server public key (768 bits) and host key (1024 bits). debug: Host 'squid1.my.com' is known and matches the RSA host key. debug: Encryption type: 3des debug: Sent encrypted session key. debug: Installing crc compensation attack detector. debug: Received encrypted confirmation. debug: Trying RSA authentication with key 'root@squid2.my.com' debug: Server refused our key. debug: Doing password authentication. debug: Requesting pty. debug: Requesting shell. debug: Entering interactive session. Last login: Wed Sep 5 10:14:36 2001 Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994 The Regents of the University of California. All rights reserved. FreeBSD 4.1.1-RELEASE (MYKERNEL) #0: Tue Jun 19 15:36:57 CDT 2001 Welcome to FreeBSD! Before seeking technical support, please use the following resources: o Security advisories and updated errata information for all releases = are at http://www.FreeBSD.org/releases/ - always consult the ERRATA = section for your release first as it's updated frequently. o The Handbook and FAQ documents are at http://www.freebsd.org/ and, along with the mailing lists, can be searched by going to http://www.FreeBSD.org/search.html. If the doc distribution has been installed, they're also available formatted in /usr/share/doc. If you still have a question or problem, please take the output of `uname -a', along with any relevant error messages, and email it as a question to the questions@FreeBSD.org mailing list. If you are unfamiliar with FreeBSD's directory layout, please refer to the hier(7) man page. If you are not familiar with man pages, type "man man". You may also use `/stand/sysinstall' to re-enter the installation and configuration utility. Edit /etc/motd to change this login = announcement. You have new mail. squid1#=20 By the way when I use ssh -v hostname > outputfile, the system is = frozen, and can not response until I shut down the host it connected. Is = there any way to deal with this. Finally, this after I run ssh -v, the network is in trouble, when I ping = between the old boxes and the new box. the permission is denied when I = ping from the new to old,=20 if I ping from the old to new, there is no response at all. Thank you. Xu,Qiang ------=_NextPart_000_0022_01C135F7.23A2CA70 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <HTML><HEAD> <META content=3D"text/html; charset=3Diso-8859-1" = http-equiv=3DContent-Type> <META content=3D"MSHTML 5.00.2920.0" name=3DGENERATOR> <STYLE></STYLE> </HEAD> <BODY bgColor=3D#ffffff> <DIV><FONT face=3DArial size=3D2> <DIV><FONT face=3DArial size=3D2>I have install freebsd4.1.1 on two = boxes. The ssh=20 is automatically installed, since I choose all ports.</FONT></DIV> <DIV><FONT face=3DArial size=3D2>But the ssh will not work. The = network is=20 fine. I can ping each other.</FONT></DIV> <DIV><FONT face=3DArial size=3D2>Also I put sshd_enable=3D"YES" in the = rc.conf. But=20 </FONT><FONT face=3DArial size=3D2><FONT face=3DArial size=3D2>I can not = even ssh=20 localhost. </FONT></FONT></DIV> <DIV> </DIV> <DIV><FONT face=3DArial size=3D2>There are also two old freebsd = boxes(also=20 4.1.1) left by other people, I can ssh them from the new boxes. = </FONT></DIV> <DIV><FONT face=3DArial size=3D2>But can not ssh the new box from the = old box.=20 </FONT></DIV> <DIV> </DIV> <DIV><FONT face=3DArial size=3D2>I can not find where the configuration = is different=20 from the old boxes.</FONT></DIV> <DIV> </DIV> <DIV> </DIV> <DIV>old boxes ---------squid1.my.com , squid2.my.com</DIV> <DIV>new boxes -------squid3.my.com , squid4.my.com</DIV> <DIV> </DIV> <DIV> </DIV> <DIV>use ps, I can see sshd is there.<BR>Here is the output of ssh -v = from old=20 and new boxes<BR><BR></DIV> <DIV><FONT size=3D4><STRONG>On the new boxes</STRONG></FONT></DIV> <DIV> </DIV> <DIV>ssh -v localhost</DIV> <DIV><BR>SSH Version OpenSSH-2.1, protocol versions 1.5/2.0.<BR>Compiled = with=20 SSL (0x0090581f).<BR>debug: Reading configuration data=20 /etc/ssh/ssh_config<BR>debug: ssh_connect: getuid 0 geteuid 0 anon = 0<BR>debug:=20 Connecting to localhost.my.domain [127.0.0.1] port 22.<BR>debug: = Allocated local=20 port 1006.<BR>debug: Connection established.<BR>debug: Remote protocol = version=20 1.99, remote software version OpenSSH-2.1<BR>debug: Local version string = SSH-1.5-OpenSSH-2.1<BR>debug: Waiting for server public key.<BR>debug: = Received=20 server public key (768 bits) and host key (1024 bits).<BR>debug: Forcing = accepting of host key for loopback/localhost.<BR>debug: Encryption type: = 3des<BR>debug: Sent encrypted session key.<BR>debug: Installing crc = compensation=20 attack detector.<BR>debug: Received encrypted confirmation.<BR>debug: = Trying=20 Kerberos V5 authentication.<BR><BR>ssh -v squid1.my.com -----------the = old=20 freebsd box</DIV> <DIV><BR>SSH Version OpenSSH-2.1, protocol versions 1.5/2.0.<BR>Compiled = with=20 SSL (0x0090581f).<BR>debug: Reading configuration data=20 /etc/ssh/ssh_config<BR>debug: ssh_connect: getuid 0 geteuid 0 anon = 0<BR>debug:=20 Connecting to squid1.my.com [10.12.0.1] port 22.<BR>debug: Allocated = local port=20 1005.<BR>debug: connect: Permission denied<BR>debug: Trying = again...<BR>debug:=20 Connecting to squid1.my.com [10.12.0.1] port 22.<BR>debug: Allocated = local port=20 1004.<BR>debug: connect: Permission denied<BR>debug: Trying = again...<BR>debug:=20 Connecting to squid1.my.com [10.12.0.1] port 22.<BR>debug: Allocated = local port=20 1003.<BR>debug: connect: Permission denied<BR><BR> <DIV><FONT size=3D4><STRONG>On the old boxes</STRONG></FONT></DIV> <DIV> </DIV> <DIV>ssh -v squid1.my.com </DIV></DIV> <DIV>SSH Version OpenSSH-2.1, protocol versions 1.5/2.0.<BR>Compiled = with SSL=20 (0x0090581f).<BR>debug: Reading configuration data = /etc/ssh/ssh_config<BR>debug:=20 ssh_connect: getuid 0 geteuid 0 anon 0<BR>debug: Connecting to = squid1.my.com=20 [10.12.0.1] port 22.<BR>debug: Allocated local port 1023.<BR>debug: = Connection=20 established.<BR>debug: Remote protocol version 1.99, remote software = version=20 OpenSSH-2.1<BR>debug: Local version string SSH-1.5-OpenSSH-2.1<BR>debug: = Waiting=20 for server public key.<BR>debug: Received server public key (768 bits) = and host=20 key (1024 bits).<BR>debug: Host 'squid1.my.com' is known and matches the = RSA=20 host key.<BR>debug: Encryption type: 3des<BR>debug: Sent encrypted = session=20 key.<BR>debug: Installing crc compensation attack detector.<BR>debug: = Received=20 encrypted confirmation.<BR>debug: Trying RSA authentication with key <A=20 href=3D"mailto:'root@squid2.my.com'">'root@squid2.my.com'</A><BR>debug: = Server=20 refused our key.<BR>debug: Doing password authentication.<BR>debug: = Requesting=20 pty.<BR>debug: Requesting shell.<BR>debug: Entering interactive = session.<BR>Last=20 login: Wed Sep 5 10:14:36 2001</DIV> <DIV> </DIV> <DIV>Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, = 1994<BR> The=20 Regents of the University of California. All rights = reserved.<BR>FreeBSD=20 4.1.1-RELEASE (MYKERNEL) #0: Tue Jun 19 15:36:57 CDT 2001</DIV> <DIV> </DIV> <DIV>Welcome to FreeBSD!</DIV> <DIV> </DIV> <DIV>Before seeking technical support, please use the following = resources:</DIV> <DIV> </DIV> <DIV>o Security advisories and updated errata information for all = releases=20 are<BR> at <A=20 href=3D"http://www.FreeBSD.org/releases/">http://www.FreeBSD.org/releases= /</A> -=20 always consult the ERRATA section<BR> for your release first = as it's=20 updated frequently.</DIV> <DIV> </DIV> <DIV>o The Handbook and FAQ documents are at <A=20 href=3D"http://www.freebsd.org/">http://www.freebsd.org/</A>; = and,<BR> =20 along with the mailing lists, can be searched by going = to<BR> <A=20 href=3D"http://www.FreeBSD.org/search.html">http://www.FreeBSD.org/search= .html</A>. =20 If the doc distribution has<BR> been installed, they're also = available formatted in /usr/share/doc.</DIV> <DIV> </DIV> <DIV>If you still have a question or problem, please take the output=20 of<BR>`uname -a', along with any relevant error messages, and = email=20 it<BR>as a question to the <A=20 href=3D"mailto:questions@FreeBSD.org">questions@FreeBSD.org</A> mailing=20 list. If you are<BR>unfamiliar with FreeBSD's directory layout, = please=20 refer to the hier(7)<BR>man page. If you are not familiar with man = pages, type=20 "man man".<BR>You may also use `/stand/sysinstall' to re-enter the = installation=20 and<BR>configuration utility. Edit /etc/motd to change this login=20 announcement.</DIV> <DIV> </DIV> <DIV>You have new mail.<BR>squid1# </DIV> <DIV> </DIV> <DIV> </DIV> <DIV> </DIV> <DIV>By the way when I use ssh -v hostname > outputfile, the = system is=20 frozen, and can not response until I shut down the host it connected. Is = there=20 any way to deal with this.</DIV> <DIV> </DIV> <DIV>Finally, this after I run ssh -v, the network is in trouble, when I = ping=20 between the old boxes and the new box. the permission is = denied=20 when I ping from the new to old, </DIV> <DIV>if I ping from the old to new, there is no response at all.</DIV> <DIV> </DIV> <DIV><BR>Thank you.<BR><BR>Xu,Qiang<BR><BR></DIV> <DIV> </DIV></FONT></DIV></BODY></HTML> ------=_NextPart_000_0022_01C135F7.23A2CA70-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?002501c13621$0c9756f0$3fcd0781>