SSH protocol2 without a password

From: Ray Hinse (rhinse@attbi.com)
Date: 01/11/02 

From: "Ray Hinse" <rhinse@attbi.com>
Date: Fri, 11 Jan 2002 17:04:27 GMT

Have read 'ssh without a password' and apparently the problem lingers.
I have a similar problem in that I cannot 'ssh hostname' without a password
even though ssh_config contains the lines:

   Host *
   ForwardAgent no
   ForwardX11 no
   ConnectionAttempts 4
   HostbasedAuthentication no
   HostKeyAlgorithms ssh-rsa,ssh-dss
   PubkeyAuthentication yes
   PreferredAuthentications publickey,password,keyboard-interactive
   BatchMode no
   CheckHostIP yes
   StrictHostKeyChecking ask
   IdentityFile ~/.ssh/id_rsa
   Port 22
   Protocol 2
   Ciphers
blowfish-cbc,aes128-cbc,3des-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc
   EscapeChar ~

The sshd_config files on all other computers contain:
Port 22
Protocol 2
HostKey /etc/ssh/ssh_host_rsa_key
LoginGraceTime 600
KeyRegenerationInterval 3600
#PermitRootLogin yes
StrictModes yes
X11Forwarding no
X11DisplayOffset 10
PrintMotd yes
KeepAlive yes

# Logging
SyslogFacility AUTH
LogLevel DEBUG
#obsoletes QuietMode and FascistLogging

# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
#RhostsRSAAuthentication no
# similar for protocol version 2
#HostbasedAuthentication no
#RSAAuthentication yes
PubkeyAuthentication yes
PasswordAuthentication yes
PermitEmptyPasswords no
Subsystem sftp /usr/libexec/sftp-server

Looking at /var/log/messages when the server (sshd) is started with a DEBUG
log level:

Starting SSH Daemon
socket: Address family not supported by protocol
server listening on 0.0.0.0 Port 22

I don't know exactly what this might mean although several comments on the
net seem to
think that CONFIG_PACKET=n is the problem. However my kernel is compiled
with a y.
This does not seem to effect the ssh connection other than requiring a
password. Further log
entries are:

connection from 192.168.0.1 port 32769
enabling compatibility mode for protocol 2.0
failed none for root from 192.168.0.1 port 32769 ssh2
failed publickey for root from 192.168.0.1 port 32769 ssh2
accepted password for root from 192.168.0.1 port 32769 ssh2
could not reverse map address 192.168.0.1

My ~/.ssh and files contained therein have the appropriate permissions as
well as /etc/ssh.
The public keys for connecting machines are in ~/.ssh/known_hosts2 and have
not been
altered. Even if they were 'StrictHostKeyChecking ask ' would allow the
change to be
entered.

I'm at a real loss here trying to figure out what's wrong. I anyone has a
suggestion or can
spot the problem, I'd appreciate hearing about it.

Relevant Pages

  • PuTTY terminate on open Alteon Director - Contains packet dump (LONG POSTING)
    ... Using SSH protocol version 1 ... I have also tried multiple different protocol settings and bugs ... Header checksum: 0xbdc1 ... Transmission Control Protocol, Src Port: 2759, Dst Port: ssh ...
    (comp.security.ssh)
  • Re: Odd ssh attacks?
    ... port 57194 ssh2 ... The first thing to do is to set ssh so users have to use a key rather ... IT Services Division, Kilburn Building, Oxford Road, Manchester M13 9PL. ...
    (Ubuntu)
  • Re: sshd question
    ... Three days ago my Linux box stopped ... piotrs from 201.63.24.60 port 46229 ssh2 ... Couple of things on securing ssh. ...
    (comp.os.linux.networking)
  • it this is ssh issue ?
    ... ssh issue or DNS related problem? ... port 35375 ssh2 ...
    (RedHat)
  • RE: Anyone else seeing SSH scans?
    ... I have seen an significant increase of scans on our ssh ports... ... trying different accounts such as root or admin. ... port 41402 ssh2 ...
    (Incidents)