From owner-freebsd-questions@FreeBSD.ORG Thu Feb 12 19:18:26 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1313016A4CF for ; Thu, 12 Feb 2004 19:18:26 -0800 (PST) Received: from dragoncrest.jasnetworks.net (dragoncrest.jasnetworks.net [69.51.151.143]) by mx1.FreeBSD.org (Postfix) with ESMTP id C101B43D1F for ; Thu, 12 Feb 2004 19:18:25 -0800 (PST) (envelope-from dragoncrest@voyager.net) Received: from works.voyager.net (testbox [192.168.0.4]) i1CMMmke000713; Thu, 12 Feb 2004 22:22:48 GMT (envelope-from dragoncrest@voyager.net) Message-Id: <5.2.0.9.2.20040212222637.00a2c9c0@pop.voyager.net> X-Sender: dragoncrest@pop.voyager.net X-Mailer: QUALCOMM Windows Eudora Version 5.2.0.9 Date: Thu, 12 Feb 2004 22:29:01 -0500 To: Clint Gilders , freebsd-questions@freebsd.org From: Dragoncrest In-Reply-To: <402BDE2D.2050706@onlinehobbyist.com> References: <20040212200417.GF17922@nkinkade> <200402121949.i1CJnI5q083815@mail5.mx.voyager.net> <20040212200417.GF17922@nkinkade> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Subject: Re: Problem with ssh X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 13 Feb 2004 03:18:26 -0000 At 03:12 PM 2/12/04 -0500, Clint Gilders wrote: >Nathan Kinkade wrote: > > Uncomment the following line /etc/ssh/sshd_config and HUP sshd: >>#PasswordAuthentication yes > >You also want to set that to 'no' > >PasswordAuthentication no Well, that's the kicker. I've got that already in my sshd_config file and I've restarted SSHD and still no go. Here's my current config file. The weird part is this used to work. ######################################################## # This is ssh server systemwide configuration file. See sshd(8) # for more information Port 22 Protocol 2 HostDsaKey /etc/ssh/ssh_host_dsa_key ServerKeyBits 768 LoginGraceTime 120 KeyRegenerationInterval 3600 PermitRootLogin no # After 3 unauthenticated connections, refuse 50% of the new ones, and # refuse any more than 10 total. MaxStartups 3:50:10 # Don't read ~/.rhosts and ~/.shosts files IgnoreRhosts yes # Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication #IgnoreUserKnownHosts yes StrictModes yes X11Forwarding no X11DisplayOffset 10 PrintMotd yes PrintLastLog yes KeepAlive yes # Logging SyslogFacility AUTH LogLevel VERBOSE #obsoletes QuietMode and FascistLogging RhostsAuthentication no # # For this to work you will also need host keys in /etc/ssh_known_hosts RhostsRSAAuthentication no # similar for protocol version 2 HostbasedAuthentication no # RSAAuthentication yes # To disable tunneled clear text passwords, change to no here! PasswordAuthentication no PermitEmptyPasswords no # Uncomment to disable s/key passwords ChallengeResponseAuthentication no # To change Kerberos options #KerberosAuthentication no #KerberosOrLocalPasswd yes #AFSTokenPassing no #KerberosTicketCleanup no # Kerberos TGT Passing does only work with the AFS kaserver #KerberosTgtPassing yes CheckMail yes #UseLogin no Banner /etc/issue.net #ReverseMappingCheck yes Subsystem sftp /usr/libexec/sftp-server AllowUsers dragoncrest