Date: Tue, 13 Feb 2007 14:31:54 +0100 From: Olaf Greve <o.greve@axis.nl> To: freebsd-questions@freebsd.org Subject: Re: [SOLVED] Help please: how to enable SSH password authentication under FreeBSD 6.2? Solved - but not in an expected way Message-ID: <45D1BDCA.8050709@axis.nl> In-Reply-To: <8930024.post@talk.nabble.com> References: <45D07D5A.2040307@axis.nl> <8930024.post@talk.nabble.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi all, To cut to the chase, I 'solved' the issue, or rather, the mystery around it at least, but the 'solution' was not quite as expected. I tried both suggestions given. Firstly: > It rather looks like putty is checking the server key with the older one > (you mentioned you reinstalled the box). Well... Yes and no. Yes: the box was 'reinstalled', but completely cleanly, with a newer FreeBSD version (i.e. 6.2 vs. 5.3), and using a completely different IP address. Given those parameters, it's better to call it a clean install. :P Also, PuTTY never got to the stage where it infomrmed me that a new host was found and if I wanted to store the fingerprint. Instead, it directly bailed out with a message like 'Host key not found' (or something like that). > try to delete the know_host entry in the register database (look for the > entry start->run->regedit then look for the "SshHostKeys" entry and delete > the old key). > > This should fix your pb ;) I did so anyway and it didn't seem to make a difference. I kept getting the same error. Then I tried the other suggestion: ># Change to no to disable PAM authentication >ChallengeResponseAuthentication no I did that (trying setting it to 'yes' as well as 'no') and this too, did not seem to make a difference. Nowwww, normally PuTTY gives me the 'host key' error some 3 times or so before properly finding any host, so I'm used to that. On the new box, I tried it easily 15 times in a row before posing the question yesterday. Today I gave it a longer pounding, and lo and behold: all of a sudden after some 30 attempts it worked! Then, I tried switching the ChallengeResponseAuthentication to the opposite value it was set at, gave it again a pouding of around 20 attempts, and again 1 succeeded. I tried reproducing my 'luck', but some 40 further attempts all yielded no score. It then dawned on me that it might be simply PuTTY that is causing the errors, and indeed, I tried Tunnelier and it works a charm (with and without PAM), and during all atempts I made, it directly logged in without any issues. Conclusion (or assumption, if you will): there seem to be some major incompatibility issues between PuTTY and FreeBSD 6.2's bundled SSH version. Of course it is easy enough to use a different client at home, it's just that when abroad and wanting to check the machine, it is handy to quickly download PuTTY.exe and have a quick check without having to install a complete program... Oh well, at least it works now, and I know the box was (and still is) configured correctly, and I have found a good work-around (i.e. using a better SSH client than PuTTY). Cheers, and thanks for baring with me, Olafo
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?45D1BDCA.8050709>