From owner-freebsd-security Tue Aug 13 6:29:19 2002 Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 38B0737B400 for ; Tue, 13 Aug 2002 06:29:16 -0700 (PDT) Received: from spitfire.velocet.net (spitfire.velocet.net [216.138.223.227]) by mx1.FreeBSD.org (Postfix) with ESMTP id AF3CC43E4A for ; Tue, 13 Aug 2002 06:29:15 -0700 (PDT) (envelope-from steve@nomad.tor.lets.net) Received: from nomad.tor.lets.net (H74.C220.tor.velocet.net [216.138.220.74]) by spitfire.velocet.net (Postfix) with SMTP id CA2C4FB45CA for ; Tue, 13 Aug 2002 13:29:13 +0000 (GMT) Received: (qmail 6636 invoked by uid 1001); 13 Aug 2002 13:24:33 -0000 Date: Tue, 13 Aug 2002 09:24:33 -0400 From: Steve Shorter To: Radoy Pavlov Cc: security@FreeBSD.ORG Subject: Re: openssh 3.4p1 issue ? Message-ID: <20020813092433.A6613@nomad.lets.net> References: <200208131204.g7DC4TDS060093@mail.euroscript-ls.de> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <200208131204.g7DC4TDS060093@mail.euroscript-ls.de>; from pavlov@euroscript-ls.de on Tue, Aug 13, 2002 at 02:03:06PM +0200 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Tue, Aug 13, 2002 at 02:03:06PM +0200, Radoy Pavlov wrote: > Hello, > > i'm expiriencing something interesting here. > > PC1: OpenSSH_2.9 FreeBSD localisations 20010713, SSH protocols > 1.5/2.0, OpenSSL 0x0090601f > > PC2: OpenSSH_3.4p1, SSH protocols 1.5/2.0, OpenSSL 0x0090605f > > PC1: ssh -v PC2 > > debug1: authentications that can continue: > publickey,password,keyboard-interactive > debug1: next auth method to try is publickey > debug1: try privkey: /root/.ssh/id_rsa > debug1: try privkey: /root/.ssh/id_dsa > debug1: next auth method to try is password > PC2's password: > > everything is just fine. > > PC2: ssh -v PC1 > > debug1: authentications that can continue: > publickey,password,keyboard-interactive > debug1: next auth method to try is publickey > debug1: try privkey: /root/.ssh/identity > debug1: try privkey: /root/.ssh/id_rsa > debug1: try pubkey: /root/.ssh/id_dsa > debug1: authentications that can continue: > publickey,password,keyboard-interactive > debug1: next auth method to try is keyboard-interactive > > keyboard-interactive infront of password auth ? > > Both PC use same sshd_config and ssh_config. > > Ideas ? You need to specifically configure the auth method you wish to use in ssh_config for ssh 3.4. or it defaults to something that you are not expecting. How to do this is documented in the man page man (1) ssh. Some things have changed in 3.4 -steve To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message