Hi all, I am having some trouble configuring an ssh server on my machine.
Here is the problem. My machine sits behind a firewall and ssh is the sole service exposed. I setup ssh and it appears to work normally, except that it keeps asking me for my "normal" password. The pass-phrase is never requested. I turned debugging on with the ssh client (running on the same machine) and here is what I got: thorgal /etc/pam.d [60] -> ssh -v thorgal SSH Version OpenSSH-1.2.3, protocol version 1.5. Compiled with SSL. debug: Reading configuration data /etc/ssh/ssh_config debug: Applying options for * debug: ssh_connect: getuid 500 geteuid 0 anon 0 debug: Connecting to thorgal [127.0.0.1] port 22. debug: Allocated local port 834. debug: Connection established. debug: Remote protocol version 1.5, remote software version OpenSSH-1.2.3 debug: Waiting for server public key. debug: Received server public key (768 bits) and host key (1024 bits). debug: Forcing accepting of host key for loopback/localhost. debug: Encryption type: 3des debug: Sent encrypted session key. debug: Installing crc compensation attack detector. debug: Received encrypted confirmation. debug: Trying RSA authentication via agent with '[EMAIL PROTECTED]' debug: Server refused our key. debug: RSA authentication using agent refused. debug: Trying RSA authentication with key '[EMAIL PROTECTED]' debug: Server refused our key. debug: Doing password authentication. .... So the server refused the RSA-based authenticatioNov 5 21:06:06 thorgal sshd[22859]: debug: sshd version OpenSSH-1.2.3 Nov 5 21:06:07 thorgal sshd[22859]: debug: Bind to port 22 on 0.0.0.0. Nov 5 21:06:07 thorgal sshd[22859]: Server listening on 0.0.0.0 port 22. Nov 5 21:06:07 thorgal sshd[22859]: Generating 768 bit RSA key. Nov 5 21:06:08 thorgal sshd[22859]: RSA key generation complete. Nov 5 21:06:13 thorgal sshd[22859]: debug: Server will not fork when running in debugging mode. Nov 5 21:06:13 thorgal sshd[22859]: Connection from 127.0.0.1 port 834 Nov 5 21:06:13 thorgal sshd[22859]: debug: Client protocol version 1.5; client software version OpenSSH-1.2.3 Nov 5 21:06:13 thorgal sshd[22859]: debug: Sent 768 bit public key and 1024 bit host key. Nov 5 21:06:13 thorgal sshd[22859]: debug: Encryption type: 3des Nov 5 21:06:13 thorgal sshd[22859]: debug: Received session key; encryption turned on. Nov 5 21:06:13 thorgal sshd[22859]: debug: Installing crc compensation attack detector. Nov 5 21:06:13 thorgal sshd[22859]: debug: checking for shadow entry Nov 5 21:06:13 thorgal sshd[22859]: debug: shadow entry found, verifying Nov 5 21:06:13 thorgal sshd[22859]: debug: completed shadow checks Nov 5 21:06:13 thorgal sshd[22859]: debug: Starting up PAM with username "ldm" Nov 5 21:06:13 thorgal sshd[22859]: debug: Attempting authentication for ldm. Nov 5 21:06:13 thorgal sshd[22859]: Failed rsa for ldm from 127.0.0.1 port 834 Nov 5 21:06:13 thorgal sshd[22859]: Failed rsa for ldm from 127.0.0.1 port 834 n. So I ran sshd with -d and Here is what I got: Nov 5 21:06:06 thorgal sshd[22859]: debug: sshd version OpenSSH-1.2.3 Nov 5 21:06:07 thorgal sshd[22859]: debug: Bind to port 22 on 0.0.0.0. Nov 5 21:06:07 thorgal sshd[22859]: Server listening on 0.0.0.0 port 22. Nov 5 21:06:07 thorgal sshd[22859]: Generating 768 bit RSA key. Nov 5 21:06:08 thorgal sshd[22859]: RSA key generation complete. Nov 5 21:06:13 thorgal sshd[22859]: debug: Server will not fork when running in debugging mode. Nov 5 21:06:13 thorgal sshd[22859]: Connection from 127.0.0.1 port 834 Nov 5 21:06:13 thorgal sshd[22859]: debug: Client protocol version 1.5; client software version OpenSSH-1.2.3 Nov 5 21:06:13 thorgal sshd[22859]: debug: Sent 768 bit public key and 1024 bit host key. Nov 5 21:06:13 thorgal sshd[22859]: debug: Encryption type: 3des Nov 5 21:06:13 thorgal sshd[22859]: debug: Received session key; encryption turned on. Nov 5 21:06:13 thorgal sshd[22859]: debug: Installing crc compensation attack detector. Nov 5 21:06:13 thorgal sshd[22859]: debug: checking for shadow entry Nov 5 21:06:13 thorgal sshd[22859]: debug: shadow entry found, verifying Nov 5 21:06:13 thorgal sshd[22859]: debug: completed shadow checks Nov 5 21:06:13 thorgal sshd[22859]: debug: Starting up PAM with username "ldm" Nov 5 21:06:13 thorgal sshd[22859]: debug: Attempting authentication for ldm. Nov 5 21:06:13 thorgal sshd[22859]: Failed rsa for ldm from 127.0.0.1 port 834 Nov 5 21:06:13 thorgal sshd[22859]: Failed rsa for ldm from 127.0.0.1 port 834 The last two lines are intriguing. I even attempted to wipe out my .ssh and regenerate keys but it didn't help. Any ideas ? Thanks for any help/pointer. -- Laurent
