From owner-freebsd-stable  Mon Sep  3 22: 0:28 2001
Delivered-To: freebsd-stable@freebsd.org
Received: from smtp-2.ig.com.br (smtp-2.ig.com.br [200.226.132.151])
	by hub.freebsd.org (Postfix) with SMTP id B749F37B406
	for <stable@freebsd.org>; Mon,  3 Sep 2001 22:00:23 -0700 (PDT)
Received: (qmail 4540 invoked from network); 4 Sep 2001 03:54:13 -0000
Received: from adsl-fnsbnu-123-a.brt.telesc.net.br (HELO conrado) (@200.193.25.123)
  by smtp-2.ig.com.br with SMTP; 4 Sep 2001 03:54:13 -0000
From: "Conrado Vardanega" <cvspam@ig.com.br>
To: <stable@freebsd.org>
Subject: Disallowed ssh part II
Date: Tue, 4 Sep 2001 00:56:27 -0300
Message-ID: <NDBBLGPICDCECKDGFCGFEEDCCKAA.cvspam@ig.com.br>
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0)
Importance: Normal
X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200
Sender: owner-freebsd-stable@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-stable.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-stable>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-stable>
X-Loop: FreeBSD.ORG

For those that asked for verbose mode output and stuff, there is it.

Just to remember, IPs have reverse DNS set correctly (forward/reverse
matches), This problem, as follows, was reproduced locally (ssh'ing to its
own ip address), its not tcpwrapper, (its "ALL : ALL : allow" )

$ ssh -v -l cvarda www
SSH Version OpenSSH_2.3.0 FreeBSD localisations 20010713, protocol versions
1.5/2.0.
Compiled with SSL (0x0090601f).
debug: Reading configuration data /etc/ssh/ssh_config
debug: ssh_connect: getuid 1000 geteuid 1000 anon 1
debug: Connecting to rock.varda.lan [192.168.3.1] port 22.
debug: Connection established.
debug: Remote protocol version 1.99, remote software version OpenSSH_2.3.0
FreeBSD localisations 20010713
debug: match: OpenSSH_2.3.0 FreeBSD localisations 20010713 pat
^OpenSSH[-_]2\.3

debug: Local version string SSH-1.5-OpenSSH_2.3.0 FreeBSD localisations
20010713
debug: Waiting for server public key.
debug: Received server public key (768 bits) and host key (1024 bits).
The authenticity of host 'www' can't be established.
RSA key fingerprint is b3:77:f9:06:e8:d7:49:3e:00:8a:41:82:62:e9:50:fb.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'www' (RSA) to the list of known hosts.
debug: Encryption type: 3des
debug: Sent encrypted session key.
debug: Installing crc compensation attack detector.
debug: Received encrypted confirmation.
debug: Trying RSA authentication with key 'cvarda@rock.varda.lan'
debug: Received RSA challenge from server.
debug: Sending response to host key RSA challenge.
debug: Remote: RSA authentication accepted.
Received disconnect: Sorry, you are not allowed to connect.
debug: Calling cleanup 0x8058204(0x0)

Thanks all.



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message