I'm not sure whether it'd help, but that's what you should do after a clean install:
Disable Rhost and password authentication, only enable RSA authentication. Append your public key of your client into /home/username/.ssh/authorized_keys. Login with a ssh client with RSA support, like mindterm. Hope this help. Alan. > Hi all, > > I am having some trouble configuring an ssh server on my machine. > > Here is the problem. > My machine sits behind a firewall and ssh is the sole service exposed. > I setup ssh and it appears to work normally, except that it keeps asking me > for my "normal" password. The pass-phrase is never requested. > > I turned debugging on with the ssh client (running on the same machine) and > here is what I got: > > thorgal /etc/pam.d [60] -> ssh -v thorgal > SSH Version OpenSSH-1.2.3, protocol version 1.5. > Compiled with SSL. > debug: Reading configuration data /etc/ssh/ssh_config > debug: Applying options for * > debug: ssh_connect: getuid 500 geteuid 0 anon 0 > debug: Connecting to thorgal [127.0.0.1] port 22. > debug: Allocated local port 834. > debug: Connection established. > debug: Remote protocol version 1.5, remote software version OpenSSH-1.2.3 > debug: Waiting for server public key. > debug: Received server public key (768 bits) and host key (1024 bits). > debug: Forcing accepting of host key for loopback/localhost. > debug: Encryption type: 3des > debug: Sent encrypted session key. > debug: Installing crc compensation attack detector. > debug: Received encrypted confirmation. > debug: Trying RSA authentication via agent with '[EMAIL PROTECTED]' > debug: Server refused our key. > debug: RSA authentication using agent refused. > debug: Trying RSA authentication with key '[EMAIL PROTECTED]' > debug: Server refused our key. > debug: Doing password authentication. > .... > > > So the server refused the RSA-based authenticatioNov 5 21:06:06 thorgal > sshd[22859]: debug: sshd version OpenSSH-1.2.3 > Nov 5 21:06:07 thorgal sshd[22859]: debug: Bind to port 22 on 0.0.0.0. > Nov 5 21:06:07 thorgal sshd[22859]: Server listening on 0.0.0.0 port 22. > Nov 5 21:06:07 thorgal sshd[22859]: Generating 768 bit RSA key. > Nov 5 21:06:08 thorgal sshd[22859]: RSA key generation complete. > Nov 5 21:06:13 thorgal sshd[22859]: debug: Server will not fork when running > in debugging mode. > Nov 5 21:06:13 thorgal sshd[22859]: Connection from 127.0.0.1 port 834 > Nov 5 21:06:13 thorgal sshd[22859]: debug: Client protocol version 1.5; > client software version OpenSSH-1.2.3 > Nov 5 21:06:13 thorgal sshd[22859]: debug: Sent 768 bit public key and 1024 > bit host key. > Nov 5 21:06:13 thorgal sshd[22859]: debug: Encryption type: 3des > Nov 5 21:06:13 thorgal sshd[22859]: debug: Received session key; encryption > turned on. > Nov 5 21:06:13 thorgal sshd[22859]: debug: Installing crc compensation > attack detector. > Nov 5 21:06:13 thorgal sshd[22859]: debug: checking for shadow entry > Nov 5 21:06:13 thorgal sshd[22859]: debug: shadow entry found, verifying > Nov 5 21:06:13 thorgal sshd[22859]: debug: completed shadow checks > Nov 5 21:06:13 thorgal sshd[22859]: debug: Starting up PAM with username > "ldm" > Nov 5 21:06:13 thorgal sshd[22859]: debug: Attempting authentication for ldm. > Nov 5 21:06:13 thorgal sshd[22859]: Failed rsa for ldm from 127.0.0.1 port > 834 > Nov 5 21:06:13 thorgal sshd[22859]: Failed rsa for ldm from 127.0.0.1 port > 834 > > n. So I ran sshd with -d > and Here is what I got: > > Nov 5 21:06:06 thorgal sshd[22859]: debug: sshd version OpenSSH-1.2.3 > Nov 5 21:06:07 thorgal sshd[22859]: debug: Bind to port 22 on 0.0.0.0. > Nov 5 21:06:07 thorgal sshd[22859]: Server listening on 0.0.0.0 port 22. > Nov 5 21:06:07 thorgal sshd[22859]: Generating 768 bit RSA key. > Nov 5 21:06:08 thorgal sshd[22859]: RSA key generation complete. > Nov 5 21:06:13 thorgal sshd[22859]: debug: Server will not fork when running > in debugging mode. > Nov 5 21:06:13 thorgal sshd[22859]: Connection from 127.0.0.1 port 834 > Nov 5 21:06:13 thorgal sshd[22859]: debug: Client protocol version 1.5; > client software version OpenSSH-1.2.3 > Nov 5 21:06:13 thorgal sshd[22859]: debug: Sent 768 bit public key and 1024 > bit host key. > Nov 5 21:06:13 thorgal sshd[22859]: debug: Encryption type: 3des > Nov 5 21:06:13 thorgal sshd[22859]: debug: Received session key; encryption > turned on. > Nov 5 21:06:13 thorgal sshd[22859]: debug: Installing crc compensation > attack detector. > Nov 5 21:06:13 thorgal sshd[22859]: debug: checking for shadow entry > Nov 5 21:06:13 thorgal sshd[22859]: debug: shadow entry found, verifying > Nov 5 21:06:13 thorgal sshd[22859]: debug: completed shadow checks > Nov 5 21:06:13 thorgal sshd[22859]: debug: Starting up PAM with username > "ldm" > Nov 5 21:06:13 thorgal sshd[22859]: debug: Attempting authentication for ldm. > Nov 5 21:06:13 thorgal sshd[22859]: Failed rsa for ldm from 127.0.0.1 port > 834 > Nov 5 21:06:13 thorgal sshd[22859]: Failed rsa for ldm from 127.0.0.1 port > 834 > > > The last two lines are intriguing. I even attempted to wipe out my .ssh and > regenerate keys but it didn't help. > > Any ideas ? > > Thanks for any help/pointer. > > > -- > Laurent > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > >
