Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 12 Feb 2007 07:10:52 -0800
From:      Garrett Cooper <youshi10@u.washington.edu>
To:        freebsd-questions@freebsd.org
Subject:   Re: Help please: how to enable SSH password authentication under FreeBSD 6.2?
Message-ID:  <45D0837C.2070205@u.washington.edu>
In-Reply-To: <45D07D5A.2040307@axis.nl>
References:  <45D07D5A.2040307@axis.nl>

next in thread | previous in thread | raw e-mail | index | archive | help
Olaf Greve wrote:
> Hi guys,
> 
> (Firstly: I posted this message well over an hour ago, and it does not 
> seem to have come through, in case you recieve this twice, then I'm 
> sorry for that :P )
> 
> Sorry to ask such a trivial question, and I'm positive it must have been
> treated here before, but I just can't remember how to do it exactly, and
> perhaps someone can give me a quick answer and spare me hours of further
> RTFM-ing. :P
> 
> The issue:
> I'm (re-) installing my fall-back server, and selected FreeBSD 6.2 i386
> release (generic kernel, for now) for that. Now, I want to be able to
> access it using SSH (PuTTY, most often) from anywhere in the world, and
> hence would like to enable password authentication in SSH again.
> Therefore, I used the same /etc/ssh/sshd_config (as listed down below,
> with dummy names abc, def, and ghi in the AllowUsers line) as on my live
> server, where this works fine. However, when I try accessing it using
> PuTTY, PuTTY keeps failing mentioning something like 'host key check
> failed'. In the debug.log file on the fallback machine, I learnt that
> PuTTY only tries the SSH2 protocol, and doesn't fall back to SSH1 when
> it notices that that fails. On the live server (FreeBSD 5.4-release
> AMD64, custom kernel), this works a charm, and on that machine the
> debug.log file does mention PuTTY (yes, the very same as used for trying
> to connect to the fallback machine) that PuTTY falls back to SSH1 and
> uses PAM for authentication...
> 
> The question:
> I recall having had this issue before, and I *think* the resolution was
> to enable PAM authentication or so outside of /etc/ssh/sshd_config. I
> thought to recall that I either did this in rc.conf (or the defaults for
> that), or in the custom kernel configuration. However, I couldn't find
> any hints to that anymore on the live box...:(
> Does anyone know how to get this going properly, and what it is that I'm
> overlooking?
> 
> Tnx in advance and cheers!
> Olafo
> 
> PS: the used /etc/ssh/sshd_config file's contents follows here:

<snip>

Just looking at your config everything appears to be fine. If you don't 
have PAM enabled or don't want it enabled though you should uncomment 
this line in your config:

# Change to no to disable PAM authentication
ChallengeResponseAuthentication no

1) Did you restart your daemon?
2) Are you using the ssh available in the base system or ports?

Cheers,
-Garrett



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?45D0837C.2070205>