Leonard Jacobs wrote:
Well I wish it were this easy, or perhaps I am still missing
something. I added AllowUsers username in the sshd_config file and
changed the drive to read/write and here's the results:
[EMAIL PROTECTED]:~# mount -o rw /dev/wd0a /
[EMAIL PROTECTED]:~# ssh -p 222 [EMAIL PROTECTED]
[EMAIL PROTECTED]'s password:
Permission denied, please try again.
[EMAIL PROTECTED]'s password:
Permission denied, please try again.
[EMAIL PROTECTED]'s password:
Permission denied (publickey,password,keyboard-interactive).
Sep 5 18:31:23 shakti-taos sshd[10335]: Failed none for invalid user
lj from ::1 port 15320 ssh2
Sep 5 18:31:26 shakti-taos sshd[10335]: Failed password for invalid
user lj from ::1 port 15320 ssh2
Sep 5 18:31:31 shakti-taos last message repeated 2 times
Of course I would love to disallow Root logins but will await the
resolution of allowing regular users to connect via ssh first.
Any suggestions would be greatly appreciated.
Thordur I. Bjornsson wrote:
Leonard Jacobs <[EMAIL PROTECTED]> wrote on Mon 4.Sep'06 at
22:22:30 -0400
I've configured a Soekris running OpenBSD 3.9 & pf as a firewall,
with a read only CF. I am using the default sshd_config file
except to run sshd on port 222.
/dev mounted read only ?
If so, then thats your proplem. Load it as an mfs on boot. (image + vnd
? maybe or sth....)
My problem is that I cannot connect remotely to this box via ssh
except as root. When a legit user who has an account on that box
attempts connection, I get " Failed password for invalid user lj
from 192.168.1.13 port 10962 ssh2". Is there anything obvious that
you can suggest that might be causing this problem? I did try
changing the file system to read/write, but it did not resolve the
problem.
Thanks.
If you have console access, have you tried running sshd -D -d -d -d,
then trying to connect in? It will give diagnostics from the server
that usually very obviously reveal what the problem is.
I've even done this (VERY) carefully remotely, once ssh'd in, kill off
the main daemon, restart with debugging and then try to get whatever
working that wasn't. I usually schedule an "at" job to restart in 1
hour in case I get kicked off...
Good Luck,
Steve Williams