-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I've had similar problems with sshd from Fink's openssh off and on for a long time. (check the mailing list archives) Copying the host keys doesn't help.
I just tried this out, and I see what appears to be the same thing, even when trying to log in on my local machine. I'll post the 'sshd -d' and 'ssh -vvv' output logs later. Adeyemi Adesanya wrote: > Hi Robert. > > Yes, I saw the note about the host keys. The reason for trying the > Fink port of openssh is an issue with Apple's port related to kerberos > logins and kerberos ticket caching. This kerberos functionality is > working OK in the Fink port so I don't want people to get confused. > What is NOT working in the fink port is normal password > authentication. I just want to get some feedback from anyone who is > using the fink or macport version of openssh. > > ------- > Yemi > > On Aug 12, 2009, at 3:02 PM, Robert Wyatt wrote: > >> Yemi, >> Sorry that I'm not really helping, but did you read the output of >> fink info openssh >> regarding the notes about host keys? >> >> ... and what motivated you to use openssh instead of the built-in >> sshd? I have to confess that I use the built in and am not familiar >> with the finer points of the fink openssh implementation, which >> means that I would be better able to help you debug the built-in. >> >> On the other hand, you DID come to the right mailing list, so it's >> possible that someone else might chime in with a better answer. >> >> I believe this is the relevant section of your log. >> >> debug1: SSH2_MSG_KEX_DH_GEX_REQUEST received >> debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent >> debug1: expecting SSH2_MSG_KEX_DH_GEX_INIT >> debug1: SSH2_MSG_KEX_DH_GEX_REPLY sent >> debug1: SSH2_MSG_NEWKEYS sent >> debug1: expecting SSH2_MSG_NEWKEYS >> debug1: SSH2_MSG_NEWKEYS received >> debug1: KEX done >> debug1: userauth-request for user yemilocal service ssh-connection >> method none >> debug1: attempt 0 failures 0 >> Failed none for yemilocal from 127.0.0.1 port 49304 ssh2 >> debug1: userauth-request for user yemilocal service ssh-connection >> method keyboard-interactive >> debug1: attempt 1 failures 0 >> debug1: keyboard-interactive devs >> debug1: auth2_challenge: user=yemilocal devs= >> debug1: kbdint_alloc: devices '' >> debug1: userauth-request for user yemilocal service ssh-connection >> method password >> debug1: attempt 2 failures 1 >> >> >> >> Adeyemi Adesanya wrote: >>> Hi Robert. >>> >>> Sorry for any confusion! I'll try and simplify matters and keep >>> kerberos out of the discuss for now. The problem is related to >>> normal password authentication and does not involve kerberos. >>> >>> Basically I have an account 'yemilocal' on an OS X 10.5.x system >>> called 'mymac'. I can ssh to yemilo...@mymac just fine when I run >>> the default sshd on mymac (as supplied with OS X 10.5.x). However, >>> when I run the MacPort or Fink sshd version 5.2, I am unable to >>> login - my password is not authenticated correctly. >>> >>> Here's the debug output of the sshd (invoked using '/sw/bin/sshd - >>> d). Note that I am trying to connect using the account name >>> yemilocal from localhost. UsePAM is disabled and >>> KerberosAuthentication is disabled: >>> >>> ------ >>> Yemi >>> >>> >>> >>> On Aug 12, 2009, at 12:59 PM, Robert Wyatt wrote: >>> >>>> Hi Adeyemi, >>>> >>>> It seems I misunderstood your original question. I'm familiar with >>>> using ssh to login from a remote computer to a local account (and >>>> with >>>> preventing unwanted logins of this type), it seems that's not your >>>> goal and I'm not familiar with using Kerberos except that I know the >>>> machine's clocks must be synchronized. Are you using verbose logging >>>> to help debug your situation? >>>> >>>> Adeyemi Adesanya wrote: >>>>> Hi Robert. >>>>> >>>>> UsePAM is disabled. Kerberos logins work great with >>>>> KerberosAuthentication enabled but local logins do not work. >>>>> >>>>> I tried enabling UsePAM and things got interesting......both >>>>> kerberos >>>>> and local login attempts resulted in the motd (message of the day) >>>>> output followed by immediate disconnection. Probably best if I >>>>> try and >>>>> get things working without PAM first?? >>>>> >>>>> ------- >>>>> Yemi >>>>> >>>>> On Aug 12, 2009, at 12:21 PM, Robert Wyatt wrote: >>>>> >>>>>> Have you enabled UsePAM? >>>>>> >>>>>> Adeyemi Adesanya wrote: >>>>>>> Hi There. >>>>>>> >>>>>>> I am considering running a non-Apple port of OpenSSH because the >>>>>>> implementation of sshd that ships with OS X 10.5.x does not >>>>>>> correctly >>>>>>> cache forwarded Kerberos tickets. >>>>>>> >>>>>>> I started taking a look at the MacPorts and Fink port of OpenSSH >>>>>>> 5.2p1. I had no problems installing it using MacPorts or Fink >>>>>>> but I am >>>>>>> unable to login to sshd daemon using a regular, local (not >>>>>>> kerberos >>>>>>> account). Has anyone had any luck with sshd? If so, could you >>>>>>> share >>>>>>> your sshd_config file with me? Kerberos logins work fine with the >>>>>>> KerberosAuthentication option enabled but I'm having no luck with >>>>>>> local account password authentication. >>>>>>> >>>>>>> -------- >>>>>>> Yemi > > > -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkqEcfoACgkQB8UpO3rKjQ+apACghrUpv8eeXngfdAK5TWS6uF/q P/cAnA+LXdjxU4EFsLJommN1MBQWKi9I =Dc3i -----END PGP SIGNATURE----- ------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july _______________________________________________ Fink-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/fink-users
