Re: ssh problem

Wed, 06 Sep 2006 23:32:21 -0700 

Leonard Jacobs wrote:
Well I wish it were this easy, or perhaps I am still missing something. I added AllowUsers username in the sshd_config file and changed the drive to read/write and here's the results: 

[EMAIL PROTECTED]:~# mount -o rw /dev/wd0a /
[EMAIL PROTECTED]:~# ssh -p 222 [EMAIL PROTECTED]
[EMAIL PROTECTED]'s password:
Permission denied, please try again.
[EMAIL PROTECTED]'s password:
Permission denied, please try again.
[EMAIL PROTECTED]'s password:
Permission denied (publickey,password,keyboard-interactive).


Sep  5 18:31:23 shakti-taos sshd[10335]: Failed none for invalid user 
lj from ::1 port 15320 ssh2
Sep  5 18:31:26 shakti-taos sshd[10335]: Failed password for invalid 
user lj from ::1 port 15320 ssh2

Sep  5 18:31:31 shakti-taos last message repeated 2 times


Of course I would love to disallow Root logins but will await the 
resolution of allowing regular users to connect via ssh first.


Any suggestions would be greatly appreciated.


Thordur I. Bjornsson wrote:

Leonard Jacobs <[EMAIL PROTECTED]> wrote on Mon  4.Sep'06 at 
22:22:30 -0400



I've configured a Soekris running OpenBSD 3.9 & pf as a firewall, 
with a   read only CF. I am using the default sshd_config file 
except to run sshd on port 222.

/dev mounted read only ?

If so, then thats your proplem. Load it as an mfs on boot. (image + vnd
? maybe or sth....)

My problem is that I cannot connect remotely to this box via ssh 
except as root. When a legit user who has an account on that box 
attempts connection, I get " Failed password for invalid user lj 
from 192.168.1.13 port 10962 ssh2". Is there anything obvious that 
you can suggest that might be causing this problem? I did try 
changing the file system to read/write, but it did not resolve the 
problem.


Thanks.



If you have console access, have you tried running sshd -D -d -d -d, 
then trying to connect in?  It will give diagnostics from the server 
that usually very obviously reveal what the problem is.



I've even done this (VERY) carefully remotely, once ssh'd in, kill off 
the main daemon, restart with debugging and then try to get whatever 
working that wasn't.  I usually schedule an "at" job to restart in 1 
hour in case I get kicked off...


Good Luck,
Steve Williams















    











					Reply via email to