On Sat, Oct 16, 2010 at 4:12 PM, Basil Kurian <[email protected]> wrote: > > Hi Siju > > Can you add the details of enabling ssh login into DragonflyBSD box , in that > wiki ? > > I tried adding sshd_enable="YES" into rc.conf and rcstart sshd >
If you try to ssh to a newly installed dfly you will get this error ~$ ssh [email protected] ssh: connect to host 172.16.50.62 port 22: Connection refused This is because sshd is not up and running on dfly At this pint if you check /etc/ssh you only have the following files # ls blacklist.DSA-1024 blacklist.RSA-2048 ssh_config blacklist.DSA-2048 blacklist.RSA-4096 sshd_config blacklist.RSA-1024 moduli you don't have any host keys generated for the system When you start sshd for the first time it is best to start it through the "/etc/rc.d/sshd" script which will automatically generate the host keys. For this to work right you need to do the following steps 1) Enable sshd in rc.conf #echo "sshd_enable=yes" >> /etc/rc.conf 2) Start the sshd server using the rc script # /etc/rc.d/sshd start Generating public/private rsa1 key pair. Your identification has been saved in /etc/ssh/ssh_host_key. Your public key has been saved in /etc/ssh/ssh_host_key.pub. The key fingerprint is: ........ Generating public/private dsa key pair. Your identification has been saved in /etc/ssh/ssh_host_dsa_key. Your public key has been saved in /etc/ssh/ssh_host_dsa_key.pub. The key fingerprint is: ........ Starting sshd. Now if you go back and look in /etc/ssh you will find more files # ls blacklist.DSA-1024 moduli ssh_host_key.pub blacklist.DSA-2048 ssh_config ssh_host_rsa_key blacklist.RSA-1024 ssh_host_dsa_key ssh_host_rsa_key.pub blacklist.RSA-2048 ssh_host_dsa_key.pub sshd_config blacklist.RSA-4096 ssh_host_key Ok now. if you try to ssh to the dfly you will get the error you got ~$ ssh [email protected] The authenticity of host '172.16.50.62 (172.16.50.62)' can't be established. RSA key fingerprint is 46:77:28:c2:70:86:93:1a:23:32:5f:01:2c:80:de:de. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '172.16.50.62' (RSA) to the list of known hosts. Permission denied (publickey). This is because of the line # To disable tunneled clear text passwords, change to no here! # We disable cleartext passwords by default PasswordAuthentication no in /etc/ssh/sshd_config to PasswordAuthentication yes and # /etc/rc.d/sshd reload Reloading sshd config files. then you can login as a normal user $ ssh [email protected] [email protected]'s password: Last login: Tue Oct 19 04:17:47 2010 Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994 The Regents of the University of California. All rights reserved. DragonFly v2.7.3.1283.gfa568-DEVELOPMENT (GENERIC.MP) #3: Thu Oct 14 12:01:24 IST 2010 .... But if you try to ssh login as root to dfly at this point you get an error $ ssh [email protected] [email protected]'s password: Permission denied, please try again. If you investigate the logs of the dfly server /var/log/auth.log you will find a line like Failed password for root from 172.16.2.0 port 59865 ssh2 even if you typed the right password for root. It is because of the Line # only allow root logins via public key pair PermitRootLogin without-password in /etc/ssh/sshd_config which alloes only SSH key based authentication. if you change it to PermitRootLogin yes and # /etc/rc.d/sshd reload Reloading sshd config files. then you will have $ ssh [email protected] [email protected]'s password: Last login: Fri Oct 8 12:22:40 2010 Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994 The Regents of the University of California. All rights reserved. DragonFly v2.7.3.1283.gfa568-DEVELOPMENT (GENERIC.MP) #3: Thu Oct 14 12:01:24 IST 2010 Welcome to DragonFly! on the dfly log file /var/log/auth.log you will find Accepted password for root from 172.16.2.0 port 56468 ssh2 I will update the dragonflybsd wiki as i get time. Thanks for the suggestion :-) hope this helps --Siju _______________________________________________ bsd-india mailing list [email protected] http://www.bsd-india.org/mailman/listinfo/bsd-india
