hostbased debugging
- From: mstenner@xxxxxxxxx
- Date: 27 Sep 2006 10:28:01 -0700
OK, here's the short version. I have many machines. They're all
pretty close to identical. Hostbased auth works on (and between) all
but one. I cannot log INTO the one where it doesn't work. I have:
* correct keys in ssh_host_*_key and ssh_host_*_key.pub
* those same keys correctly added to ssh_known_hosts (as hostname,
FQDN, and IP)
* the host appearing (tried hostname, FQDN, and IP) in /etc/hosts
* the host appearing (tried hostname, FQDN, and IP) in shosts.equiv
and /root/.shosts
* trying both as root and regular user
* hostbased on in both ssh_config and sshd_config
I'm running OpenSSH 3.6.1p2. There is one thing that makes this
machine different from the others. They others form a private network
with one acting as the gateway. This machine is just a regular machine
outside that network. I would think that would make things EASIER,
though. It's also possible that something has become munged in the
tweeking process. I have removed and reinstalled sshd. I'm
contemplating a full system reinstall, but would certainly rather not
do that.
I'm including below (cleansed) snippets of the output from "sshd -d -d
-d" and "ssh -vvv thehost". It's clear that hostbased is failing with
"key 0x8772d40 is disallowed" but I don't know WHY. Any help or other
things to try would be much appreciated.
-Michael
Server:
debug1: userauth-request for user ash service ssh-connection method
hostbaseddebug1: attempt 1 failures 1
debug2: input_userauth_request: try method hostbased
debug1: userauth_hostbased: cuser ash chost serv. pkalg ssh-dss slen 55
debug3: mm_key_allowed entering
debug3: mm_request_send entering: type 20
debug3: monitor_read: checking request 20
debug3: mm_answer_keyallowed entering
debug3: mm_answer_keyallowed: key_from_blob: 0x8772d40
debug2: userauth_hostbased: chost serv. resolvedname serv ipaddr
125.135.21.115
debug2: auth_rhosts2: clientuser ash hostname serv. ipaddr serv.
debug1: temporarily_use_uid: 578/578 (e=0/0)
debug3: mm_key_allowed: waiting for MONITOR_ANS_KEYALLOWED
debug3: mm_request_receive_expect entering: type 21
debug3: mm_request_receive entering
debug1: restore_uid: 0/0
debug1: temporarily_use_uid: 578/578 (e=0/0)
debug1: restore_uid: 0/0
debug3: mm_answer_keyallowed: key 0x8772d40 is disallowed
debug3: mm_request_send entering: type 21
debug3: mm_request_receive entering
debug2: userauth_hostbased: authenticated 0
Failed hostbased for ash from 125.135.21.115 port 33514 ssh2
debug1: userauth-request for user ash service ssh-connection method
hostbaseddebug1: attempt 2 failures 2
debug2: input_userauth_request: try method hostbased
debug1: userauth_hostbased: cuser ash chost serv. pkalg ssh-rsa slen
143
debug3: mm_key_allowed entering
debug3: mm_request_send entering: type 20
debug3: monitor_read: checking request 20
debug3: mm_answer_keyallowed entering
debug3: mm_answer_keyallowed: key_from_blob: 0x8772d50
debug2: userauth_hostbased: chost serv. resolvedname serv ipaddr
125.135.21.115
debug2: auth_rhosts2: clientuser ash hostname serv. ipaddr serv.
debug1: temporarily_use_uid: 578/578 (e=0/0)
debug1: restore_uid: 0/0
debug1: temporarily_use_uid: 578/578 (e=0/0)
debug1: restore_uid: 0/0
debug3: mm_answer_keyallowed: key 0x8772d50 is disallowed
debug3: mm_request_send entering: type 21
debug3: mm_request_receive entering
debug3: mm_key_allowed: waiting for MONITOR_ANS_KEYALLOWED
debug3: mm_request_receive_expect entering: type 21
debug3: mm_request_receive entering
debug2: userauth_hostbased: authenticated 0
Failed hostbased for ash from 125.135.21.115 port 33514 ssh2
Client:
debug1: Next authentication method: hostbased
debug2: userauth_hostbased: chost serv.
debug2: ssh_keysign called
debug3: ssh_msg_send: type 2
debug3: ssh_msg_recv entering
debug2: we sent a hostbased packet, wait for reply
debug1: Authentications that can continue:
publickey,password,keyboard-interactive,hostbased
debug2: userauth_hostbased: chost ocplservice.
debug2: ssh_keysign called
debug3: ssh_msg_send: type 2
debug3: ssh_msg_recv entering
debug2: we sent a hostbased packet, wait for reply
debug1: Authentications that can continue:
publickey,password,keyboard-interactive,hostbased
debug1: No more client hostkeys for hostbased authentication.
.
- Prev by Date: SFTP file upload issue
- Next by Date: Re: SFTP file upload issue
- Previous by thread: SFTP file upload issue
- Next by thread: authentication via key pairs
- Index(es):
Relevant Pages
|
|
