F-Secure problem with system trying using pub/priv keys to authenticate back to itself
From: Sean O'Neill (sean@deletethistorespond.seanoneill.deletethistorespond.info)Date: 04/11/02
- Next message: Richard E. Silverman: "Re: F-Secure problem with system trying using pub/priv keys to authenticate back to itself"
- Previous message: Oeyvind Pedersen: "Re: SH.ARON/NETANY.AHU - w.ar criminals - [3/3]"
- Next in thread: Richard E. Silverman: "Re: F-Secure problem with system trying using pub/priv keys to authenticate back to itself"
- Reply: Richard E. Silverman: "Re: F-Secure problem with system trying using pub/priv keys to authenticate back to itself"
- Reply: Richard E. Silverman: "Re: F-Secure problem with system trying using pub/priv keys to authenticate back to itself"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Sean O'Neill <sean@deletethistorespond.seanoneill.deletethistorespond.info> Date: Thu, 11 Apr 2002 16:13:04 GMT
Solaris 8 system running ssh: F-Secure-SSH-2.1.0 dss. I noticed
that F-Secure is at 3.0.9 these days. Don't know if this will resolve
this little problem of mine.
Why I'm trying to do this has to do with getting around a firewall
restriction - no I'm not going around security controls. I'm trying
to setup something to use rsync tunneled through ssh using a REMOTE
tunnel for rsync. And rsync is a pain-in-the-neck because it wants to
use RSH or SSH.
I need to get get a login to authenticate right back into itself using
pub/priv keys. BTW, OpenSSH does this with no problems. Keys are
setup correctly for how F-secure wants them. I know this because I
can ssh in using pub/priv keys from remote host into this same login
just fine using OpenSSH.
Basically, want this to work with no password prompts:
perfboy $ ssh localhost
-or-
perfboy $ ssh -l perfboy localhost
What I get debug wise is this:
warning: Development-time debugging not compiled in.
warning: To enable, configure with --enable-debug and recompile.
debug: hostname is '127.0.0.1'.
warning: Development-time debugging not compiled in.
warning: To enable, configure with --enable-debug and recompile.
warning: Development-time debugging not compiled in.
warning: To enable, configure with --enable-debug and recompile.
debug: connecting to 127.0.0.1...
debug: ssh_client_wrap: creating transport protocol
debug: Ssh2Client/sshclient.c:1015/ssh_client_wrap: creating userauth
protocol
debug: entering event loop
debug: Remote version: SSH-1.99-2.1.0 dss F-SECURE SSH
debug: Ssh2Client/sshclient.c:349/keycheck_key_match: Host key found
from database.
debug: Ssh2AuthClient/sshauthc.c:304/ssh_authc_completion_proc: Method
'publickey' disabled.
debug: Ssh2AuthPasswdClient/authc-passwd.c:82/ssh_client_auth_passwd:
Starting password query...
perfboy's password:
Here the problem that I see after performing several trusses on the
sshd daemon. When F-Secure gets the "local" connection from this
login and NEVER reads the ~perfboy/.ssh2 stuff. IT READS ROOT's !!!!
That's is totally WHACKED. It only touches the perfboy .ssh2 stuff
only after I've typed in the login password correctly and am about to
get a ksh shell prompt.
The remote pub/priv key login also initially "touches" the root /.ssh2
directory but later on it reads all the information it needs from the
~perfboy/.ssh2 directory and log in with no password correctly.
So why does OpenSSH do this "local" to "local" pub/priv key stuff just
fine and F-Secure forces password authentication (because it never
reads the login your trying to get to .ssh2 information) ?
A confused and PISSED OFF mind wants to know.
-- ........................................................ ......... ..- -. .. -..- .-. ..- .-.. . ... ............ .-- .. -. -... .-.. --- .-- ... -.. .-. --- --- .-.. ...Sean O'Neill sean@deletethistorespond.seanoneill.deletethistorespond.info
- Next message: Richard E. Silverman: "Re: F-Secure problem with system trying using pub/priv keys to authenticate back to itself"
- Previous message: Oeyvind Pedersen: "Re: SH.ARON/NETANY.AHU - w.ar criminals - [3/3]"
- Next in thread: Richard E. Silverman: "Re: F-Secure problem with system trying using pub/priv keys to authenticate back to itself"
- Reply: Richard E. Silverman: "Re: F-Secure problem with system trying using pub/priv keys to authenticate back to itself"
- Reply: Richard E. Silverman: "Re: F-Secure problem with system trying using pub/priv keys to authenticate back to itself"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
