From owner-freebsd-questions@FreeBSD.ORG Tue Feb 13 16:19:29 2007 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id C029416A46C for ; Tue, 13 Feb 2007 16:19:29 +0000 (UTC) (envelope-from xfb52@dial.pipex.com) Received: from smtp-out4.blueyonder.co.uk (smtp-out4.blueyonder.co.uk [195.188.213.7]) by mx1.freebsd.org (Postfix) with ESMTP id 8A89713C4BA for ; Tue, 13 Feb 2007 16:19:29 +0000 (UTC) (envelope-from xfb52@dial.pipex.com) Received: from [172.23.170.139] (helo=anti-virus01-10) by smtp-out4.blueyonder.co.uk with smtp (Exim 4.52) id 1HH0NM-0004FF-Jc; Tue, 13 Feb 2007 16:19:28 +0000 Received: from [62.31.10.181] (helo=[192.168.0.2]) by asmtp-out2.blueyonder.co.uk with esmtp (Exim 4.52) id 1HH0NJ-0003gQ-2r; Tue, 13 Feb 2007 16:19:25 +0000 Message-ID: <45D1E50C.5000409@dial.pipex.com> Date: Tue, 13 Feb 2007 16:19:24 +0000 From: Alex Zbyslaw User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-GB; rv:1.7.13) Gecko/20061205 X-Accept-Language: en MIME-Version: 1.0 To: Olaf Greve References: <45D07D5A.2040307@axis.nl> <8930024.post@talk.nabble.com> <45D1BDCA.8050709@axis.nl> <20070213090410.c1aa29bc.wmoran@collaborativefusion.com> <45D1DBA8.5040400@axis.nl> In-Reply-To: <45D1DBA8.5040400@axis.nl> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-questions@freebsd.org Subject: Re: [SOLVED] Help please: how to enable SSH password authentication under FreeBSD 6.2? Solved - but not in an expected way X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 13 Feb 2007 16:19:29 -0000 Olaf Greve wrote: > > The issue is that PuTTY does not fall back from its SSH2 attempt to > SSH1 (with password authentication), as is what I specified in my > /etc/ssh/sshd_config > > Is this what you tried too, or did you use SSH2 (i.e. key > authentication, instead of password authentication)? Unless I misunderstand, then you have a serious misapprehension. SSH1 versus SSH2 is *nothing* to do with keys versus passwords. Both SSH1 and SSH2 support password or key based authentication. The difference is that SSH1 an older protocol and is *insecure* and no-one should still be using it unless they have some legacy app which really cannot be updated. I strongly suggest that at the very least you enable SSH2 as the first protocol in sshd_config with a line like Protocol 2,1 though from what I can see, SSH2 only has been the default for a while, and rightly so. --Alex