From owner-freebsd-questions Wed Sep 5 8:41:11 2001 Delivered-To: freebsd-questions@freebsd.org Received: from Bayou.UH.EDU (Bay.UH.EDU [129.7.235.4]) by hub.freebsd.org (Postfix) with ESMTP id AEFAE37B403 for ; Wed, 5 Sep 2001 08:40:56 -0700 (PDT) Received: from GINGER (Ginger.EE.UH.EDU [129.7.205.63]) by Bayou.UH.EDU (8.11.6/8.11.6) with SMTP id f85Fetg1321997 for ; Wed, 5 Sep 2001 10:40:56 -0500 (CDT) Message-ID: <002501c13621$0c9756f0$3fcd0781@ee.uh.edu> From: "qxu" To: Subject: SSh configuration Date: Wed, 5 Sep 2001 10:40:11 -0500 MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_0022_01C135F7.23A2CA70" X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.00.2919.6700 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6700 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG This is a multi-part message in MIME format. ------=_NextPart_000_0022_01C135F7.23A2CA70 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable I have install freebsd4.1.1 on two boxes. The ssh is automatically = installed, since I choose all ports. But the ssh will not work. The network is fine. I can ping each other. Also I put sshd_enable=3D"YES" in the rc.conf. But I can not even ssh = localhost.=20 There are also two old freebsd boxes(also 4.1.1) left by other people, = I can ssh them from the new boxes.=20 But can not ssh the new box from the old box.=20 I can not find where the configuration is different from the old boxes. old boxes ---------squid1.my.com , squid2.my.com new boxes -------squid3.my.com , squid4.my.com use ps, I can see sshd is there. Here is the output of ssh -v from old and new boxes On the new boxes ssh -v localhost SSH Version OpenSSH-2.1, protocol versions 1.5/2.0. Compiled with SSL (0x0090581f). debug: Reading configuration data /etc/ssh/ssh_config debug: ssh_connect: getuid 0 geteuid 0 anon 0 debug: Connecting to localhost.my.domain [127.0.0.1] port 22. debug: Allocated local port 1006. debug: Connection established. debug: Remote protocol version 1.99, remote software version OpenSSH-2.1 debug: Local version string SSH-1.5-OpenSSH-2.1 debug: Waiting for server public key. debug: Received server public key (768 bits) and host key (1024 bits). debug: Forcing accepting of host key for loopback/localhost. debug: Encryption type: 3des debug: Sent encrypted session key. debug: Installing crc compensation attack detector. debug: Received encrypted confirmation. debug: Trying Kerberos V5 authentication. ssh -v squid1.my.com -----------the old freebsd box SSH Version OpenSSH-2.1, protocol versions 1.5/2.0. Compiled with SSL (0x0090581f). debug: Reading configuration data /etc/ssh/ssh_config debug: ssh_connect: getuid 0 geteuid 0 anon 0 debug: Connecting to squid1.my.com [10.12.0.1] port 22. debug: Allocated local port 1005. debug: connect: Permission denied debug: Trying again... debug: Connecting to squid1.my.com [10.12.0.1] port 22. debug: Allocated local port 1004. debug: connect: Permission denied debug: Trying again... debug: Connecting to squid1.my.com [10.12.0.1] port 22. debug: Allocated local port 1003. debug: connect: Permission denied On the old boxes ssh -v squid1.my.com=20 SSH Version OpenSSH-2.1, protocol versions 1.5/2.0. Compiled with SSL (0x0090581f). debug: Reading configuration data /etc/ssh/ssh_config debug: ssh_connect: getuid 0 geteuid 0 anon 0 debug: Connecting to squid1.my.com [10.12.0.1] port 22. debug: Allocated local port 1023. debug: Connection established. debug: Remote protocol version 1.99, remote software version OpenSSH-2.1 debug: Local version string SSH-1.5-OpenSSH-2.1 debug: Waiting for server public key. debug: Received server public key (768 bits) and host key (1024 bits). debug: Host 'squid1.my.com' is known and matches the RSA host key. debug: Encryption type: 3des debug: Sent encrypted session key. debug: Installing crc compensation attack detector. debug: Received encrypted confirmation. debug: Trying RSA authentication with key 'root@squid2.my.com' debug: Server refused our key. debug: Doing password authentication. debug: Requesting pty. debug: Requesting shell. debug: Entering interactive session. Last login: Wed Sep 5 10:14:36 2001 Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994 The Regents of the University of California. All rights reserved. FreeBSD 4.1.1-RELEASE (MYKERNEL) #0: Tue Jun 19 15:36:57 CDT 2001 Welcome to FreeBSD! Before seeking technical support, please use the following resources: o Security advisories and updated errata information for all releases = are at http://www.FreeBSD.org/releases/ - always consult the ERRATA = section for your release first as it's updated frequently. o The Handbook and FAQ documents are at http://www.freebsd.org/ and, along with the mailing lists, can be searched by going to http://www.FreeBSD.org/search.html. If the doc distribution has been installed, they're also available formatted in /usr/share/doc. If you still have a question or problem, please take the output of `uname -a', along with any relevant error messages, and email it as a question to the questions@FreeBSD.org mailing list. If you are unfamiliar with FreeBSD's directory layout, please refer to the hier(7) man page. If you are not familiar with man pages, type "man man". You may also use `/stand/sysinstall' to re-enter the installation and configuration utility. Edit /etc/motd to change this login = announcement. You have new mail. squid1#=20 By the way when I use ssh -v hostname > outputfile, the system is = frozen, and can not response until I shut down the host it connected. Is = there any way to deal with this. Finally, this after I run ssh -v, the network is in trouble, when I ping = between the old boxes and the new box. the permission is denied when I = ping from the new to old,=20 if I ping from the old to new, there is no response at all. Thank you. Xu,Qiang ------=_NextPart_000_0022_01C135F7.23A2CA70 Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable
I have install freebsd4.1.1 on two = boxes. The ssh=20 is automatically installed, since I choose all ports.
But the ssh will not work.  The = network is=20 fine. I can ping each other.
Also I put sshd_enable=3D"YES" in the = rc.conf. But=20 I can not = even ssh=20 localhost.
 
There are also two old  freebsd = boxes(also=20 4.1.1) left by other people, I can ssh them from the new boxes. =
But can not ssh the new box from the = old box.=20
 
I can not find where the configuration = is different=20 from the old boxes.
 
 
old boxes ---------squid1.my.com , squid2.my.com
new boxes -------squid3.my.com , squid4.my.com
 
 
use ps, I can see sshd is there.
Here is the output of ssh -v = from old=20 and new boxes

On the new boxes
 
ssh -v localhost

SSH Version OpenSSH-2.1, protocol versions 1.5/2.0.
Compiled = with=20 SSL (0x0090581f).
debug: Reading configuration data=20 /etc/ssh/ssh_config
debug: ssh_connect: getuid 0 geteuid 0 anon = 0
debug:=20 Connecting to localhost.my.domain [127.0.0.1] port 22.
debug: = Allocated local=20 port 1006.
debug: Connection established.
debug: Remote protocol = version=20 1.99, remote software version OpenSSH-2.1
debug: Local version string = SSH-1.5-OpenSSH-2.1
debug: Waiting for server public key.
debug: = Received=20 server public key (768 bits) and host key (1024 bits).
debug: Forcing = accepting of host key for loopback/localhost.
debug: Encryption type: = 3des
debug: Sent encrypted session key.
debug: Installing crc = compensation=20 attack detector.
debug: Received encrypted confirmation.
debug: = Trying=20 Kerberos V5 authentication.

ssh -v squid1.my.com -----------the = old=20 freebsd box

SSH Version OpenSSH-2.1, protocol versions 1.5/2.0.
Compiled = with=20 SSL (0x0090581f).
debug: Reading configuration data=20 /etc/ssh/ssh_config
debug: ssh_connect: getuid 0 geteuid 0 anon = 0
debug:=20 Connecting to squid1.my.com [10.12.0.1] port 22.
debug: Allocated = local port=20 1005.
debug: connect: Permission denied
debug: Trying = again...
debug:=20 Connecting to squid1.my.com [10.12.0.1] port 22.
debug: Allocated = local port=20 1004.
debug: connect: Permission denied
debug: Trying = again...
debug:=20 Connecting to squid1.my.com [10.12.0.1] port 22.
debug: Allocated = local port=20 1003.
debug: connect: Permission denied

On the old boxes
 
ssh -v squid1.my.com
SSH Version OpenSSH-2.1, protocol versions 1.5/2.0.
Compiled = with SSL=20 (0x0090581f).
debug: Reading configuration data = /etc/ssh/ssh_config
debug:=20 ssh_connect: getuid 0 geteuid 0 anon 0
debug: Connecting to = squid1.my.com=20 [10.12.0.1] port 22.
debug: Allocated local port 1023.
debug: = Connection=20 established.
debug: Remote protocol version 1.99, remote software = version=20 OpenSSH-2.1
debug: Local version string SSH-1.5-OpenSSH-2.1
debug: = Waiting=20 for server public key.
debug: Received server public key (768 bits) = and host=20 key (1024 bits).
debug: Host 'squid1.my.com' is known and matches the = RSA=20 host key.
debug: Encryption type: 3des
debug: Sent encrypted = session=20 key.
debug: Installing crc compensation attack detector.
debug: = Received=20 encrypted confirmation.
debug: Trying RSA authentication with key 'root@squid2.my.com'
debug: = Server=20 refused our key.
debug: Doing password authentication.
debug: = Requesting=20 pty.
debug: Requesting shell.
debug: Entering interactive = session.
Last=20 login: Wed Sep  5 10:14:36 2001
 
Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, = 1994
 The=20 Regents of the University of California.  All rights = reserved.
FreeBSD=20 4.1.1-RELEASE (MYKERNEL) #0: Tue Jun 19 15:36:57 CDT 2001
 
Welcome to FreeBSD!
 
Before seeking technical support, please use the following = resources:
 
o  Security advisories and updated errata information for all = releases=20 are
   at http://www.FreeBSD.org/releases= / -=20 always consult the ERRATA section
   for your release first = as it's=20 updated frequently.
 
o  The Handbook and FAQ documents are at http://www.freebsd.org/ = and,
  =20 along with the mailing lists, can be searched by going = to
   http://www.FreeBSD.org/search= .html. =20 If the doc distribution has
   been installed, they're also = available formatted in /usr/share/doc.
 
If you still have a question or problem, please take the output=20 of
`uname -a',  along with any relevant error messages, and = email=20 it
as a question to the questions@FreeBSD.org mailing=20 list.  If you are
unfamiliar with FreeBSD's directory layout, = please=20 refer to the hier(7)
man page. If you are not familiar with man = pages, type=20 "man man".
You may also use `/stand/sysinstall' to re-enter the = installation=20 and
configuration utility.  Edit /etc/motd to change this login=20 announcement.
 
You have new mail.
squid1# 
 
 
 
By the way when I use  ssh -v hostname > outputfile, the = system is=20 frozen, and can not response until I shut down the host it connected. Is = there=20 any way to deal with this.
 
Finally, this after I run ssh -v, the network is in trouble, when I = ping=20 between the old boxes and the new box. the permission is = denied=20 when I ping from the new to old,
if I ping from the old to new, there is no response at all.
 

Thank you.

Xu,Qiang

 
------=_NextPart_000_0022_01C135F7.23A2CA70-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message