From nobody Thu Nov 17 02:43:21 2022
X-Original-To: freebsd-questions@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4NCPNs5L5wz4hsN9
	for <freebsd-questions@mlmmj.nyi.freebsd.org>; Thu, 17 Nov 2022 02:43:25 +0000 (UTC)
	(envelope-from iio7@tutanota.com)
Received: from w1.tutanota.de (w1.tutanota.de [81.3.6.162])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (2048 bits) client-digest SHA256)
	(Client CN "mail.tutanota.de", Issuer "Sectigo RSA Domain Validation Secure Server CA" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4NCPNr5Rclz3MBn
	for <freebsd-questions@freebsd.org>; Thu, 17 Nov 2022 02:43:24 +0000 (UTC)
	(envelope-from iio7@tutanota.com)
Authentication-Results: mx1.freebsd.org;
	dkim=pass header.d=tutanota.com header.s=s1 header.b=qm9xoHNO;
	spf=pass (mx1.freebsd.org: domain of iio7@tutanota.com designates 81.3.6.162 as permitted sender) smtp.mailfrom=iio7@tutanota.com;
	dmarc=pass (policy=quarantine) header.from=tutanota.com
Received: from tutadb.w10.tutanota.de (unknown [192.168.1.10])
	by w1.tutanota.de (Postfix) with ESMTP id 0ECEDFA0D48
	for <freebsd-questions@freebsd.org>; Thu, 17 Nov 2022 02:43:22 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; t=1668653001;
	s=s1; d=tutanota.com;
	h=From:From:To:Subject:Subject:Content-Description:Content-ID:Content-Type:Content-Type:Content-Transfer-Encoding:Content-Transfer-Encoding:Cc:Cc:Date:Date:In-Reply-To:In-Reply-To:MIME-Version:MIME-Version:Message-ID:Message-ID:Reply-To:References:References:Sender;
	bh=tvW5hKzVfnGk5IslGs7c423yF8OLqTw2/UO2y6Z9YdI=;
	b=qm9xoHNOD3dZptrEjYR2y5QSO7iISaWauanbw/r8kyGuTZaq9q+F9r2lHbME1ViH
	1d2t0S+wCTOWEwqsgXbGZrx6ZtD0GftD3gxHS29Ak3fqiutgoOOWQ2zNuJUC1aB2eMt
	Qe5jdcIw/BSvQIyGQ/sTj3ZyjXqaDfDFVJCMk93VtCb0ZiP9Ln55pE2cwcfS1/3ICO1
	9O4X4AXWhvmNLhmOHpxNqeL45ps2ieBUNgt6FwMASpE0+SCZW1mB6f89jYiRLUANGQR
	fpyKFmLsd9MeTCBEuUjHbBH95DWmXkKcLTn4NCoZII3wANr4r3MtZWfiLGV+LvOlPbn
	zF+rQxXvXQ==
Date: Thu, 17 Nov 2022 03:43:21 +0100 (CET)
From: iio7@tutanota.com
Cc: freebsd-questions@freebsd.org
Message-ID: <NH2SeYy--3-9@tutanota.com>
In-Reply-To: <wu7r0y2e2wd.fsf@banyan.cs.ait.ac.th>
References: <NGyIwfq--3-9@tutanota.com> <wu7zgcrehqb.fsf@banyan.cs.ait.ac.th> <NGyNHA3--3-9@tutanota.com> <wu7v8nfegx6.fsf@banyan.cs.ait.ac.th> <NH1ZjKw--B-9@tutanota.com> <wu7r0y2e2wd.fsf@banyan.cs.ait.ac.th>
Subject: Re: Cannot SFTP into FreeBSD boxes with Midnight Commander
List-Id: User questions <freebsd-questions.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-questions
List-Help: <mailto:questions+help@freebsd.org>
List-Post: <mailto:questions@freebsd.org>
List-Subscribe: <mailto:questions+subscribe@freebsd.org>
List-Unsubscribe: <mailto:questions+unsubscribe@freebsd.org>
Sender: owner-freebsd-questions@freebsd.org
X-BeenThere: freebsd-questions@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit
X-Spamd-Result: default: False [-2.00 / 15.00];
	MISSING_TO(2.00)[];
	NEURAL_HAM_LONG(-1.00)[-1.000];
	NEURAL_HAM_MEDIUM(-1.00)[-1.000];
	NEURAL_HAM_SHORT(-1.00)[-1.000];
	DMARC_POLICY_ALLOW(-0.50)[tutanota.com,quarantine];
	R_SPF_ALLOW(-0.20)[+ip4:81.3.6.160/28];
	R_DKIM_ALLOW(-0.20)[tutanota.com:s=s1];
	MIME_GOOD(-0.10)[text/plain];
	FROM_EQ_ENVFROM(0.00)[];
	RCVD_TLS_LAST(0.00)[];
	MLMMJ_DEST(0.00)[freebsd-questions@freebsd.org];
	MIME_TRACE(0.00)[0:+];
	ASN(0.00)[asn:24679, ipnet:81.3.0.0/18, country:DE];
	ARC_NA(0.00)[];
	DKIM_TRACE(0.00)[tutanota.com:+];
	RCVD_COUNT_TWO(0.00)[2];
	TO_MATCH_ENVRCPT_ALL(0.00)[];
	FROM_NO_DN(0.00)[];
	PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org];
	RCPT_COUNT_ONE(0.00)[1];
	TO_DN_NONE(0.00)[];
	MID_RHS_MATCH_FROM(0.00)[]
X-Rspamd-Queue-Id: 4NCPNr5Rclz3MBn
X-Spamd-Bar: -
X-ThisMailContainsUnwantedMimeParts: N

Nov 17, 2022, 02:22 by Olivier.Nicole@cs.ait.ac.th:

> iio7@tutanota.com writes:
>
>> Apparently the default option for "PasswordAuthentication" is set to
>> "no" in sshd_config on FreeBSD, which is what is causing the error. On
>> OpenBSD and Linux it's default "yes".
>>
>
> I just checked on a machine I am currently installing and the
> "PasswordAuthentication No" is commented out by dedfault and I can SSH
> to that machine. It may depend on the level of security you choose when
> installing FreeBSD?
>
It's commented out because it's the default setting. When it's set to "no",
SFTP via Midnight Commander doesn't work. However, normal SSH and
SFTP via the console works fine. Setting it to the upstream default "yes",
then SFTP via Midnight Commander works.

The install script doesn't change the setting, it's default "no" is
documented in the man page as well.

The default SSH authentication mechanism is to ask for a username and a
password, which is what OpenSSH does when PasswordAuthentication is
said to "yes". When the option is changed to "no", using a password
doesn't work and you have to login by e.g. a key.

However, the FreeBSD version has the option "UsePAM", which is default
set to "yes". So this means that PAM is authenticating users.

I don't know why this doesn't work with Midnight Commander, but I guess
it has to do with exactly how Midnight Commander sends the command.

Perhaps someone else can clarify whether I should file this as a bug
to the MC maintainer?

Kind regards.