Zitat von [EMAIL PROTECTED]: > "Horatio B. Bogbindero" <[EMAIL PROTECTED]> writes: > > > i have been an avid user of SSH key-based authentication for quite sometime. >however, > > i would like a way to do host-based authentication on SSHv2 not SSHv1. the >documentation > > Would forcing protocol 2, then using shosts.equiv do the job? > Server needs client's host key in /etc/ssh/ssh_known_hosts > According to the manpage, SSH protocol 2 tries hostbased first. > Must set HostbasedAuthentication. > yup. i did that. strange thing is that it does not seem to work. i even followed the documentaion that came from the links below. btw, which is very informative.
> Googling for [host based authentication ssh 2] gives details at: > > www.snailbook.com/discussion.html > Difference between host-based auth in ssh v1 and v2. > i will try to work from this. but, off hand it does not work. even with debugging level 3 on both the client and the server. here is a snippet. Jul 17 17:48:01 netflow sshd[2104]: debug2: input_userauth_request: try method hostbased Jul 17 17:48:01 netflow sshd[2104]: debug1: userauth_hostbased: cuser wyy chost hip2b2.domain.com.ph. pkalg ssh-rsa slen 143 Jul 17 17:48:01 netflow sshd[2104]: debug2: userauth_hostbased: chost hip2b2.domain.com.ph. resolvedname hip2b2.domain.com.ph ipaddr 192.168.0.1 Jul 17 17:48:01 netflow sshd[2104]: debug2: auth_rhosts2: clientuser wyy hostname hip2b2.domain.com.ph. ipaddr hip2b2.domain.com.ph. Jul 17 17:48:01 netflow sshd[2104]: debug1: temporarily_use_uid: 500/500 (e=0) Jul 17 17:48:01 netflow sshd[2104]: debug1: restore_uid Jul 17 17:48:01 netflow sshd[2104]: debug2: userauth_hostbased: authenticated 0 Jul 17 17:48:01 netflow sshd[2104]: Failed hostbased for wyy from 192.168.0.1 port 3684 ssh2 Jul 17 17:48:02 netflow sshd[2104]: Connection closed by 192.168.0.1 as can be seen above with the highest debugging level, the results are not very informative. thanks anyway. ------------------------------------------- William Emmanuel S. Yu Ateneo Campus Network Group (AteneoCNG) email : wyu at ateneo dot edu web : http://CNG.ateneo.net/wyu/ phone : +63(2)4266001-4186 GPG : http://CNG.ateneo.net/wyu/wyy.pgp _ Philippine Linux Users Group. Web site and archives at http://plug.linux.org.ph To leave: send "unsubscribe" in the body to [EMAIL PROTECTED] To subscribe to the Linux Newbies' List: send "subscribe" in the body to [EMAIL PROTECTED]
