From owner-freebsd-security Mon Nov 6 14:18:15 2000 Delivered-To: freebsd-security@freebsd.org Received: from gandalf.innoverity.com (unknown [141.154.27.35]) by hub.freebsd.org (Postfix) with ESMTP id CFD9A37B4CF for ; Mon, 6 Nov 2000 14:18:10 -0800 (PST) Received: from innoverity.com (nickb@localhost.innoverity.com [127.0.0.1]) by gandalf.innoverity.com (8.9.3/8.9.3) with ESMTP id RAA53770 for ; Mon, 6 Nov 2000 17:18:47 -0500 (EST) (envelope-from nicholas@innoverity.com) Message-ID: <3A072E46.201ACD0E@innoverity.com> Date: Mon, 06 Nov 2000 17:18:46 -0500 From: nicholas bernstein X-Mailer: Mozilla 4.73 [en] (X11; I; Linux 2.2.12 i386) X-Accept-Language: en MIME-Version: 1.0 To: freebsd-security@freebsd.org Subject: OPEN SSH Weirdness Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org OK- I hope someone can help with this, 'cause I have no IDEA. :) ------------------ PLATFORMS: Client(s): Mac OS8.6 using niftyterm 1.1 ssh r3 Linux using ssh 1.2.29 Server: FBSD 4.1 Stable using open ssh. ------------------ Error: nickb@thorin:~ > ssh 141.154.27.35 Bad remote protocol version identification: 'You are not welcome to use sshd from thorin.innoverity.com. ------------------ sshd_config: # This is ssh server systemwide configuration file. # # $FreeBSD: src/crypto/openssh/sshd_config,v 1.4.2.1 2000/06/09 07:10:22 kris Ex p $ Port 22 Protocol 2,1 #ListenAddress 0.0.0.0 #ListenAddress :: HostKey /etc/ssh/ssh_host_key HostDsaKey /etc/ssh/ssh_host_dsa_key ServerKeyBits 768 LoginGraceTime 60 KeyRegenerationInterval 3600 PermitRootLogin yes #AllowUsers * # Rate-limit sshd connections to 5 connections per 10 seconds ConnectionsPerPeriod 5/10 # Don't read ~/.rhosts and ~/.shosts files IgnoreRhosts yes # Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication #IgnoreUserKnownHosts yes StrictModes yes X11Forwarding no X11DisplayOffset 10 PrintMotd yes KeepAlive yes # Logging SyslogFacility AUTH LogLevel INFO #obsoletes QuietMode and FascistLogging RhostsAuthentication no # # For this to work you will also need host keys in /etc/ssh_known_hosts RhostsRSAAuthentication no # RSAAuthentication yes # To disable tunneled clear text passwords, change to no here! PasswordAuthentication yes PermitEmptyPasswords no # Uncomment to disable s/key passwords #SkeyAuthentication no # To change Kerberos options #KerberosAuthentication no #KerberosOrLocalPasswd yes #AFSTokenPassing no #KerberosTicketCleanup no # Kerberos TGT Passing does only work with the AFS kaserver #KerberosTgtPassing yes CheckMail yes #UseLogin no ------------------- sshd errors: gandalf# sshd error: Could not load DSA host key: /etc/ssh/ssh_host_dsa_key Disabling protocol version 2 -- Nicholas Bernstein, Technologist, Artist, Etc. nicholas@innoverity.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message