Date: Wed, 14 Feb 2001 11:01:40 -0200 (EDT) From: Paulo Fragoso <paulo@nlink.com.br> To: freebsd-security@freebsd.org Subject: SSH2 host auth Message-ID: <Pine.BSF.4.10.10102141052340.17209-100000@mirage.nlink.com.br>
next in thread | raw e-mail | index | archive | help
Hi,
We were using ssh1 protocol with host based authentication. We've
upgraded all sshd to use ssh2 protocol (SSH-2.0-OpenSSH_2.2.0) but we
can't estabilish host based authentication.
On server side we have created some files:
/etc/ssh/ssh_known_hosts2 we have put public key from client
using same format found in
~/.ssh/known_hosts2
/etc/ssh/shosts.equiv
/etc/shosts.equiv
/etc/hosts.equiv we have put the hostname for client
On the client machine we are trying to connect without password, but it's
always ask for it.
We're new with SSH 2 protocol and we can't found a HOW TO make
configurations for host based authentication. We heve ever read man pages
for sshd and we can't found any solution for this problem (guess).
Can anyone help us?
We can't found any information (guess) at sshd debug:
debug: sshd version OpenSSH_2.2.0
debug: read DSA private key done
debug: Bind to port 22 on ::.
Server listening on :: port 22.
debug: Bind to port 22 on 0.0.0.0.
Server listening on 0.0.0.0 port 22.
debug: Server will not fork when running in debugging mode.
Connection from mirage.nlink.com.br port 3207
Connection from CCC.CCC.CCC.CCC port 3207
debug: Client protocol version 2.0; client software version OpenSSH_2.2.0
Enabling compatibility mode for protocol 2.0
debug: Local version string SSH-2.0-OpenSSH_2.2.0
debug: send KEXINIT
debug: done
debug: wait KEXINIT
debug: got kexinit: diffie-hellman-group1-sha1
debug: got kexinit: ssh-dss
debug: got kexinit: 3des-cbc,blowfish-cbc,arcfour,cast128-cbc
debug: got kexinit: 3des-cbc,blowfish-cbc,arcfour,cast128-cbc
debug: got kexinit: hmac-sha1,hmac-md5,hmac-ripemd160@openssh.com
debug: got kexinit: hmac-sha1,hmac-md5,hmac-ripemd160@openssh.com
debug: got kexinit: none
debug: got kexinit: none
debug: got kexinit:
debug: got kexinit:
debug: first kex follow: 0
debug: reserved: 0
debug: done
debug: kex: client->server 3des-cbc hmac-sha1 none
debug: kex: server->client 3des-cbc hmac-sha1 none
debug: Wait SSH2_MSG_KEXDH_INIT.
debug: bits set: 531/1024
debug: bits set: 519/1024
debug: sig size 20 20
debug: send SSH2_MSG_NEWKEYS.
debug: done: send SSH2_MSG_NEWKEYS.
debug: Wait SSH2_MSG_NEWKEYS.
debug: GOT SSH2_MSG_NEWKEYS.
debug: done: KEX2.
debug: userauth-request for user paulo service ssh-connection method none
Failed none for paulo from CCC.CCC.CCC.CCC port 3207 ssh2
Connection closed by CCC.CCC.CCC.CCC
debug: Calling cleanup 0x805b8ec(0x0)
Paulo Fragoso.
--
__O
_-\<,_ Why drive when you can bike?
(_)/ (_)
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.10.10102141052340.17209-100000>