RE: SHADOW - ssh autologon problem

From: Jerry A. Shenk (jshenk@decommunications.com)
Date: 01/25/02 

From: "Jerry A. Shenk" <jshenk@decommunications.com>
To: "Focus on Intrusion Detection Systems" <FOCUS-IDS@securityfocus.com>
Date: Fri, 25 Jan 2002 13:27:50 -0500

I got it! I thought the problem was on the scp line - it wasn't, the
problem was on the ssh line that checks some files on the sentry. That line
was pointing to /usr/local/bin/ssh - that's a link that changed to ssh2.

Thanks!

> -----Original Message-----
> From: Richard Gilman [mailto:Richard.Gilman@ntn.com]
> Sent: Friday, January 25, 2002 12:21 PM
> To: 'Jerry A. Shenk'; Focus on Intrusion Detection Systems
> Subject: RE: SHADOW - ssh autologon problem
>
>
> Is it possible that you have installed a new version of ssh? I believe the
> SHADOW.conf does a `which ssh` to determine which binary to run.
> Could it be
> finding a different version (i.e. ssh1 vs. ssh2) than the one you are
> execute at the prompt. The only other thing that comes to mind is that the
> user that has the keys setup with the empty passphrase is somehow not the
> same user the fetchem.pl is running under.
>
> Rich
>
> -----Original Message-----
> From: Jerry A. Shenk [mailto:jshenk@decommunications.com]
> Sent: Friday, January 25, 2002 5:32 AM
> To: Focus on Intrusion Detection Systems
> Subject: SHADOW - ssh autologon problem
>
>
> I'm having a bit of a problem with a SHADOW installation that's been
> running for two years. The problem is that I can't keep from
> being prompted
> for a password when fetchem.pl runs (using the -debug switch and watching
> /tmp/fetchem.log). If I try to scp or ssh from the command-line,
> I'm right
> in, without the password prompt.
>
> --------------------------------------------------------------
> Jerry A. Shenk - MCNE, CCNA,
> GCIA (GIAC Certified Intrusion Analyst)
> GCIH (GIAC Certified Intrusion Handler)
> Sr. Systems Engineer - Computer Networking Services
> D&E Networks, Inc.
> jshenk@decommunications.com (also jas@decns.com)
> 1-877-433-8632 Fax via efax: (253) 323-5149 (new number 6/9/01)
>
> my website: http://jerryslinux.dyndns.org/jas - PGP sig. file on
> this site

Relevant Pages

  • Re: SSH login automation, get stuck at the last step.
    ... will get stuck running the batch file. ... and then the prompt. ... When I execute my script on the top, ... Does anybody know about using Expect to do ssh login and then run any ...
    (comp.lang.tcl)
  • ssh prompt quit after timeout
    ... In ssh even if the LoginGraceTime has ended the prompt will be there until ... Esta mensagem é para uso exclusivo de seu destinatário e pode conter ... informações privilegiadas e confidenciais.Se você não é o destinatário, ...
    (SSH)
  • RE: ssh prompt timeout
    ... If the reader of the message is not the intended recipient, ... Subject: ssh prompt timeout ... >informações privilegiadas e confidenciais. ...
    (RedHat)
  • Re: Defering passphrase entry with ssh-add
    ... it checks for valid credentials in the agent but continues with other Preferred Authentication mechanisms if not found (ie password prompt). ... There are several drawbacks to ssh adding all keys it found every time you tried an ssh session: ...
    (SSH)
  • Re: Problems with User Authentication using PAM & LDAP
    ... >> Anyone had problems trying to connect via ssh to FC2 server setup for ... >> When I ssh to FC2 it prompts for my password. ... >> password at the first prompt it lets me in. ...
    (Fedora)