pka passphrase not working
- From: "James Stickland" <jstic04@xxxxxxxxxxxxxxxxxxxxxxx>
- Date: Mon, 13 Mar 2006 13:45:22 -0500
Hello, i am using openssh 4.3
Connecting raw to the server i get this header
"SSH-1.5-OpenSSH_4.3"
I built from source using the default options; configure, make and make
install.
The following is my sshd_config:
Port 22
Protocol 2,1
HostKey /usr/local/etc/ssh_host_key
StrictModes yes
MaxAuthTries 6
RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys
PasswordAuthentication no
PermitEmptyPasswords no
UseLogin no
UsePrivilegeSeparation yes
PermitUserEnvironment no
My goal using this config mainly is to have it so a user must have a copy of
the private key, and their public key must be in the authorized_keys file
for that user.
What i would also like to do is have a passphrase for the private key. When
i do so with ssh-keygen, sshd wont load. a "cant load key" type of message
is given.
Secondly, if the user has the private key, and their public key is in the
authorized_key file, i would like sshd to then further authenticate with the
users local password. How can i make it so that PKA, passphrase and
password authentication both take place?
Currently with this config, when the user connects, the client tries PKA. if
successful, they are dropped to a shell. If PKA is not successful, they are
given a password prompt, to which the correct user password does not
succeed. I want to add a passphrase, and also require password
authentication following the PKA.
I created my public/private keys using this:
ssh-keygen -t rsa1 -f /usr/local/etc/ssh_host_key -N "passphrase"
However, adding a passphrase to the private key causes sshd's failure to
load. Leaving it null causes sshd to load.
- Prev by Date: gssapi-with-mic and a Windows AD KDC
- Next by Date: Can SSH emulate SCO-ANSI ?
- Previous by thread: gssapi-with-mic and a Windows AD KDC
- Next by thread: Can SSH emulate SCO-ANSI ?
- Index(es):
Relevant Pages
|
