On Tue, 20 May 2008 08:20:04 +0100 "Alexandros Papadopoulos" <[EMAIL PROTECTED]> wrote:
> I administer a couple of remote Debian servers and must say the latest > security update has left me stranded. My only access to these machines > was over SSH, using keys. So I logged in the other night and this was > the series of events: > + I enabled password authentication in sshd_config > (PasswordAuthentication yes) > + aptitude update && aptitude dist-upgrade, which updated the packages > and restarted the openssh daemon > + shortly thereafter my SSH connection was terminated > + I tried to login to the machine, but never got the chance: > > <snip> > debug1: Host '[hostname.domainname]:222' is known and matches the RSA > host key. debug1: Found key in /home/user/.ssh/known_hosts:1 > debug2: bits set: 497/1024 > debug1: ssh_rsa_verify: signature correct > debug2: kex_derive_keys > debug2: set_newkeys: mode 1 > debug1: SSH2_MSG_NEWKEYS sent > debug1: expecting SSH2_MSG_NEWKEYS > debug2: set_newkeys: mode 0 > debug1: SSH2_MSG_NEWKEYS received > debug1: SSH2_MSG_SERVICE_REQUEST sent > debug2: service_accept: ssh-userauth > debug1: SSH2_MSG_SERVICE_ACCEPT received > debug2: key: /home/user/.ssh/identity ((nil)) > debug2: key: /home/user/.ssh/id_rsa ((nil)) > debug2: key: /home/user/.ssh/id_dsa ((nil)) > debug1: Authentications that can continue: > publickey,keyboard-interactive debug3: start over, passed a different > list publickey,keyboard-interactive debug3: preferred > gssapi-keyex,gssapi-with-mic,gssapi,publickey,keyboard-interactive,password > debug3: authmethod_lookup publickey > debug3: remaining preferred: keyboard-interactive,password > debug3: authmethod_is_enabled publickey > debug1: Next authentication method: publickey > debug1: Trying private key: /home/user/.ssh/identity > debug3: no such identity: /home/user/.ssh/identity > debug1: Trying private key: /home/user/.ssh/id_rsa > debug3: no such identity: /home/user/.ssh/id_rsa > debug1: Trying private key: /home/user/.ssh/id_dsa > debug3: no such identity: /home/user/.ssh/id_dsa > debug2: we did not send a packet, disable method > debug3: authmethod_lookup keyboard-interactive > debug3: remaining preferred: password > debug3: authmethod_is_enabled keyboard-interactive > debug1: Next authentication method: keyboard-interactive > debug2: userauth_kbdint > debug2: we sent a keyboard-interactive packet, wait for reply > debug1: Authentications that can continue: > publickey,keyboard-interactive debug3: userauth_kbdint: disable: no > info_req_seen debug2: we did not send a packet, disable method > debug1: No more authentication methods to try. > Permission denied (publickey,keyboard-interactive). > > Why does it not give me the opportunity to login via interactive > password authentication? I tried logging in from a windows box with > putty and again got a "no authentication methods available" message > and a dropped connection. > > I've instructed people over the phone to check that hosts.deny is > blank, that denyhosts scripts are stopped, that the openssh daemon is > restarted (after having regenerated its keys)... > > I can't understand what's wrong - would very much like to see a howto > detailing what the upgrade procedure is for people maintaining servers > remotely. I am also maintaining a couple of machines, and I found the information in /usr/share/doc/openssh-server useful. > Cheers > > -A > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact > [EMAIL PROTECTED] > > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
