From owner-freebsd-questions Mon Mar 17 9:29:40 2003 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id F2A9137B401 for ; Mon, 17 Mar 2003 09:29:37 -0800 (PST) Received: from gatekeeper.microcell.ca (gatekeeper.microcell.ca [205.151.8.2]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3AF6D43FB1 for ; Mon, 17 Mar 2003 09:29:36 -0800 (PST) (envelope-from SoHo@admin.fido.ca) Received: from mailserv.microcell.ca (mailserv.microcell.ca [10.2.0.87]) by gatekeeper.microcell.ca (Postfix) with ESMTP id D63AE16C27; Mon, 17 Mar 2003 12:29:30 -0500 (EST) Received: from 127.0.0.1 (localhost [127.0.0.1]) by mailserv.microcell.ca (Postfix) with SMTP id 712EA16BC7; Mon, 17 Mar 2003 12:29:30 -0500 (EST) Received: from lenard.admin.fido.ca (lamus.fido.ca [10.0.1.45]) by mailserv.microcell.ca (Postfix) with ESMTP id 5331716BCA; Mon, 17 Mar 2003 12:29:29 -0500 (EST) Received: from magni.microcell.ca (magni.microcell.ca [10.6.22.102]) by lenard.admin.fido.ca (SMTP_Gateway) with ESMTP id 0F87A47D3C; Mon, 17 Mar 2003 12:29:29 -0500 (EST) Received: from magni.microcell.ca (localhost [127.0.0.1]) by magni.microcell.ca (8.12.6/8.12.7) with SMTP id h2HHS6fa060790; Mon, 17 Mar 2003 12:28:06 -0500 (EST) (envelope-from SoHo@admin.fido.ca) Date: Mon, 17 Mar 2003 12:28:06 -0500 From: Edmond Baroud To: "John Straiton" Cc: freebsd-questions@FreeBSD.ORG Subject: Re: SSH woes Message-Id: <20030317122806.7f7fe9df.SoHo@admin.fido.ca> In-Reply-To: <001d01c2eca2$e82410d0$1916c60a@win2k.clickcom.com> References: <001d01c2eca2$e82410d0$1916c60a@win2k.clickcom.com> X-Mailer: Sylpheed version 0.8.10 (GTK+ 1.2.10; i386-portbld-freebsd4.7) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Sanitizer: This message has been sanitized! X-Sanitizer-Rev: $Id: Sanitizer.pm,v 1.64 2002/10/22 16:37:04 bre Exp $ Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG do you have /root/.ssh/config ? you have skipped this part when pasting your verbose connection with root, I'm just curious. maybe when you're connecting with root, its reading its options from $HOME/.ssh/options + u're specifying -l testuser and from testuser's shell it's reading /etc/ssh/config if u dont, could u paste your "env" output for us here? my 2c. Ed. On Mon, 17 Mar 2003 11:33:09 -0500 "John Straiton" wrote: > I continue to have problems with SSH authentication. The behavior is > outside the normal I'm used to. Here's what's going on: > > I'm trying to ssh from MACHINE1 to MACHINE2 as user "testuser". > > Now here's the funny thing: > > su > Password: > MACHINE1# ssh 209.198.xxx.xxx -l testuser > Password: > Last login: Mon Mar 17 11:17:05 2003 from chasm > Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994 > The Regents of the University of California. All rights > reserved. > > > > Now on the same machine: > >exit > #su testuser > %ssh 209.198.xxx.xxx > Permission denied, please try again. > Permission denied, please try again. > Permission denied (publickey,password,keyboard-interactive). > % > > Why in the world would the login prompted for a password when I'm as > root specifying a login, and then I wouldn't even be prompted for a > password when I'm su'ed as the user? > > I thought at first maybe it was because this account *used to* > auto-login, however if you look at the remote machine's > /home/testuser/.ssh directory, it's empty (ie , no authorized_keys). On > the client machine, it's only got "known_hosts" in there. > > Thoughts? I'm attaching the verbose debug for the client side as the > user & as root > > John Straiton > jks@clickcom.com > Clickcom, Inc > 704-365-9970x101 > > -- Edmond Baroud UNIX Systems Admin mailto:SoHo@admin.fido.ca Fingerprint 140F 5FD5 3FDD 45D9 226D 9602 8C3D EAFB 4E19 BEF9 "UNIX is very user friendly, it's just picky about who its friends are." To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message