Hostbased Authentication Question
From: Jason P Holland (jholland@cs.selu.edu)
Date: 02/27/03
- Previous message: Clary, Steve: "Key Exchange Failed (error message)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 27 Feb 2003 15:56:26 -0600 (CST) From: Jason P Holland <jholland@cs.selu.edu> To: secureshell@securityfocus.com
Hi,
I am still working on getting hostbased authentication working in
OpenSSH 3.5p1. It seems so simple, yet I have continued to have problems
getting it working properly. I've read posts about it on this list, and
the openssh-unix-dev list, and nothing I have tried seems to work. My
question is this, does it matter which key, either ssh_host_key.pub or
ssh_host_rsa_key.pub or ssh_host_dsa_key.pub, you put in
/etc/ssh/ssh_known_hosts??? I have tried all three, and continue to get
this error from sshd -d -d -d
debug1: userauth_hostbased: cuser root chost mckinley. pkalg ssh-dss slen
55
debug3: mm_key_allowed entering
debug3: mm_request_send entering: type 20
debug3: monitor_read: checking request 20
debug3: mm_answer_keyallowed entering
debug3: mm_answer_keyallowed: key_from_blob: 0x80a4e88
debug2: userauth_hostbased: chost mckinley. resolvedname mckinley ipaddr
192.168.10.1
debug2: stripping trailing dot from chost mckinley.
debug2: auth_rhosts2: clientuser root hostname mckinley ipaddr
192.168.10.1
debug1: temporarily_use_uid: 0/0 (e=0/0)
debug1: restore_uid: 0/0
debug1: temporarily_use_uid: 0/0 (e=0/0)
debug1: restore_uid: 0/0
debug3: mm_answer_keyallowed: key 0x80a4e88 is disallowed
debug3: mm_request_send entering: type 21
debug3: mm_request_receive entering
debug3: mm_key_allowed: waiting for MONITOR_ANS_KEYALLOWED
debug3: mm_request_receive_expect entering: type 21
debug3: mm_request_receive entering
debug2: userauth_hostbased: authenticated 0
notice the "key 0x80a4e88 is disallowed" line. If I have all my host keys
in /etc/ssh/ssh_known_hosts on the server I'm trying to connect to, it
should allow me in. Right? I've tried all 3 at the same time, then
seperately, and nothing. I've also tried generating new keys, that didn't
work either.
Yes I have HostbasedAuthentication set to yes in /etc/ssh/sshd_config on
the server i'm connecting to.
I do have HostbasedAuthentication set to yes in /etc/ssh/ssh_config on the
client i'm coming from.
I also have an /etc/ssh/shosts.equiv file on the server.
My DSN is setup correctly on both systems, there are no problems doing a
reverse looking on either box. I am using fully qualified hostnames, but
I removed them from the debug output for security reasons.
I have double checked my keys in /etc/ssh/ssh_known_hosts, they are not
mangled.
Is there anyone on this planet that actually has sshv2 hostbased
authentication working in openssh 3.5? I see numerous posts about it, and
I cannot seem to get it working.
Perhaps this should be in the FAQ?
Can anyone help? thanks
Jason
- Next message: Cl. Yuri Huitron Alvarado: "Can't transfer files via scp because it returns : "File transfer server could not be started or it exited unexpectedly""
- Previous message: Clary, Steve: "Key Exchange Failed (error message)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
