Date: Tue, 13 Feb 2007 11:56:41 -0500 From: Bill Moran <wmoran@collaborativefusion.com> To: Olaf Greve <o.greve@axis.nl> Cc: freebsd-questions@freebsd.org Subject: Re: [SOLVED] Help please: how to enable SSH password authentication under FreeBSD 6.2? Solved - but not in an expected way Message-ID: <20070213115641.48516b37.wmoran@collaborativefusion.com> In-Reply-To: <45D1DBA8.5040400@axis.nl> References: <45D07D5A.2040307@axis.nl> <8930024.post@talk.nabble.com> <45D1BDCA.8050709@axis.nl> <20070213090410.c1aa29bc.wmoran@collaborativefusion.com> <45D1DBA8.5040400@axis.nl>
next in thread | previous in thread | raw e-mail | index | archive | help
In response to Olaf Greve <o.greve@axis.nl>: > Hi Bill, > > > I'm not seeing this. I tried this with PuTTY 0.58 on a fresh FreeBSD 6.2p1 > > system and had no problems. So I grabbed the latest PuTTY 0.59, and that > > worked fine as well. > > [...] > > > I haven't been following this thread, so I don't have any ideas on what > > your problem might be, but it's certainly not FreeBSD or puTTY's fault > > or I'd be seeing the same problem. [snip] > Is this what you tried too, or did you use SSH2 (i.e. key > authentication, instead of password authentication)? The issue of ssh1 vs. ssh2 appears to already be clarified, so I won't go into it again. In my test scenario, I'm using password authentication. As I said, I haven't really set anything else up yet, so the server has no authorized keys or anything like that. > In my case, SSHD is running in debug mode and the debug log clearly > indicates that PuTTY only tries SSH2 and does not fall back to SSH1, > whereas on my live box (FreeBSD 5.4 release AMD64, custom kernel), PuTTY > does fall back to SSH1. It shouldn't. That's odd, as there's no reason to use SSH1 with FreeBSD 5.4 -- SSH2 worked just fine in 5.X. I'd investigate your puTTY installation/ config, as it sounds to be corrupt. I just remembered a problem a cohort had that sounds similar to this. It was solved by deleting his puTTY config and starting over. It seems that puTTY can somtimes corrupt its own config, at which point its behaviour becomes very unpredictable. Never got around to investigating that in any more detail, unfortunately. > The 'lines' to the new server are about as short as they can be, as I'm > currently setting the machine up over our local network, so the only > thing in between the client and server is our router, which does not > mess with the SSH traffic... That's good. My concern was that this kind of experimenting can lock you out of a machine, and I wanted you to be careful if you don't have ready physical access to it. Read the docs on sshd's -d option and you'll understand. > In short: I see no reason why the PuTTY / FreeBSD 6.2 SSH combination > would _not_ be at fault (especially as other SSH clients do work fine on > this box, and as PuTTY also works when connecting to other boxes). :P > Contrary to what I was thinking yesterday, I don't think my > configuration is at fault... Agreed. My only point is that default installs of both of these work fine. Which seems to indicate that there's something different/odd/wrong with _your_ setup. First law of debugging: if you can't reproduce the problem, that means it's isolated to the person/machine that can cause it. Have you tried connecting to a different server with the puTTY in question? Have you tried connecting to that sshd with a different puTTY installation? > In case in such a situation the password authentication does work fine > for you, I'd be curious to find out the reason why it doesn't work for > me (perhaps you could then also post me your sshd_config settings). You missed the part of my message where I pointed out that this is a stock install. The sshd_config is identical to the one you would get if you did a fresh install of FreeBSD. > As mentioned, there is an easy work around by using a different SSH > client, but PuTTY is handy for quick d/l-ing when abroad, and not having > administrator's rights to the machine you're on at that time. I agree. My point is that it _does_ work, and there is something amiss with _your_ setup. The conclusion being that if you can find what's amiss, yours will work as well. -- Bill Moran Collaborative Fusion Inc.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070213115641.48516b37.wmoran>