Re: OpenSsh 3.6.1 on Netware, public keys

From: Gene Siepka (gsie44_at_tsg.cbot.com)
Date: 07/09/04

  • Next message: Lucio Crusca: "Re: Disable SFTP/SCP but not SSH?"
    To: secureshell@securityfocus.com
    Date: Fri, 9 Jul 2004 09:20:08 -0500
    
    

    I got my answer finally on this, in case anyone cares..

    The answer is, wait for the next version. Talked to an OpenSsh expert at
    Novell. The NetWare port of OpenSSH authenticates only against
    eDirectory via ldap using password only.
    This shouldn't have even worked for me the first time.
    Oh well.

    -Gene Siepka

    On Wednesday 30 June 2004 08:29 am, Gene Siepka wrote:
    > Hey kids...
    >
    > I'm having a strange issue here that I was hoping someone can shed light
    > on.
    >
    > Our Netware admin and I are working on using scp to transfer some files
    > from a Solaris 9 Box to a Netware 6.5 server.
    >
    > We turned on the SSH service on the Netware server, had to muck with the
    > sshd_config file a little. The actual scp works fine (kinda). Except for
    > that even on a successful transfer it gives a RC=1 !?!?!
    >
    > Anyway, the real issue is that we can't get the public key authentication
    > to stay working. I can do the scp only ONCE after restarting the sshd
    > service on the Netware box. The second try and all subsequent attempts fail
    > with a Public Key failure message.
    > Yes I can log in successfully with a password, but I need to be able to
    > script this, hence the reason for the key authentication..
    >
    > To even get the public key authentication to work even the first time, we
    > had to change STRICT MODES to NO in the sshd_config, I gather because of
    > the wierd file permissions on the Novell box.
    >
    > We've tested this several times, only the first attempt after restarting
    > sshd does it allow the key authentication to work...
    >
    > Any ideas anyone has would be greatly appreciated.
    >
    > Thanks in advance
    >
    > Gene Siepka
    > Senior Systems Administrator
    > Chicago Board of Trade


  • Next message: Lucio Crusca: "Re: Disable SFTP/SCP but not SSH?"