SSH v3.7.1p2 gotcha: illegal user

schulz_at_videotron.ca
Date: 01/26/04

  • Next message: Turner, Carl H [NTK]: "ssh_exchange_identification error when using sftp"
    Date: 26 Jan 2004 01:07:41 -0000
    To: secureshell@securityfocus.com
    
    
    ('binary' encoding is not supported, stored as-is)

    We use passwordless accounts with public_key authentication,
    mainly for cvs access.

    We just upgraded to SSH v3.7.1p2, and the all connections
    were refused, except the few accounts which had been used
    for real. (this on Linux and Solaris)

    I sppose it's a feature, but then it took a few hours to figure out
    as there doesn't seem to be any precedence.

    Simply changing '!!' (disabled) to '*' solved the problem for us.

    I didn't track down when the change was made, it could have been
    there waiting to bite us for a long time.

    So here goes (for google to know):

    sshd -ddd:
    ------------------
    debug1: do_authentication: illegal user mschulz <-----------------
    debug1: Attempting authentication for illegal user mschulz. <-----------------
    debug3: mm_auth_password entering
    debug3: mm_request_send entering: type 10
    debug3: monitor_read: checking request 10
    debug3: mm_answer_authpassword: sending result 0
    debug3: mm_request_send entering: type 11
    Failed none for illegal user mschulz from nnn.nnn.nnn.nnn port nn
    debug3: mm_request_receive entering
    debug3: mm_auth_password: waiting for MONITOR_ANS_AUTHPASSWORD
    debug3: mm_request_receive_expect entering: type 11
    debug3: mm_request_receive entering
    debug3: mm_auth_password: user not authenticated <-----------------
    debug3: mm_auth_rsa_key_allowed entering
    debug3: mm_request_send entering: type 31
    debug3: monitor_read: checking request 31
    debug3: mm_answer_rsa_keyallowed entering
    debug3: mm_request_send entering: type 32
    debug3: mm_request_receive entering
    debug3: mm_request_receive_expect entering: type 32
    debug3: mm_request_receive entering
    Failed rsa for illegal user mschulz from nnn.nnn.nnn.nnn port nn

    ssh -vvv (this didn't provide a useful clue, though)
    ---------------
    debug1: Next authentication method: publickey
    debug1: Offering public key: mschulz@some.company
    debug3: send_pubkey_test
    debug2: we sent a publickey packet, wait for reply
    debug1: Authentications that can continue: publickey,password,keyboard-interact


  • Next message: Turner, Carl H [NTK]: "ssh_exchange_identification error when using sftp"

    Relevant Pages

    • Re: ssh public key authentication
      ... authentication, the key was right (I checked it with another user and it ... worked) and the permissions of the .ssh directory were right. ... added these keys to the authorized_keys file but when I do ssh I'm ... debug3: send_pubkey_test ...
      (Ubuntu)
    • openssh doesnt query user for password
      ... debug2: ssh_connect: needpriv 0 ... debug1: Connection established. ... debug3: check_host_in_hostfile: match line 1 ... debug3: mm_request_send entering: type 0 ...
      (comp.security.ssh)
    • PAM issues with 3.7p and 3.8p
      ... debug1: Bind to port 2200 on::. ... Server listening on:: port 2200. ... debug3: mm_request_send entering: type 28 ... debug3: mm_request_receive_expect entering: type 29 ...
      (SSH)
    • password illegal (locked) problem with OpenSSH 3.7.1p2 on HP11
      ... debug1: read PEM private key done: type RSA ... debug3: preauth child monitor started ... debug2: kex_parse_kexinit: ... debug3: mm_request_send entering: type 0 ...
      (comp.security.ssh)
    • password illegal (locked) problem with OpenSSH 3.7.1p2 on HP11
      ... debug1: read PEM private key done: type RSA ... debug3: preauth child monitor started ... debug2: kex_parse_kexinit: ... debug3: mm_request_send entering: type 0 ...
      (comp.security.ssh)