Re: NEW: cannot ssh to my computer
On Mon, 22 Nov 2004 00:05:33 -0500, Ivan Georgiev [EMAIL PROTECTED] wrote: Just another thing ... If I remove myself from the group wheel then I CAN ssh to my computer; if I put myself back to wheel - then CANNOT ssh to the computer. How can I ssh and be a member of the wheel group? In that case, maybe PermitRootLogin yes in /etc/ssh/sshd_config and restarting sshd would help. Regards, Panagiotis ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: NEW: cannot ssh to my computer
correct me if im wrong, but just because user is a part of WHELL group does that mean he/she is a root ? or equivlent of root ? I know lot of things like su - may require you to be wheel group but Im not sure why a user has to be non wheel group in order to log in. I think using SUDO is better than putting any user in to wheel too. but thats just me. James H -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rob Sent: Monday, November 22, 2004 10:10 PM To: FreeBSD Subject: Re: NEW: cannot ssh to my computer Panagiotis Christias wrote: On Mon, 22 Nov 2004 00:05:33 -0500, Ivan Georgiev [EMAIL PROTECTED] wrote: Just another thing ... If I remove myself from the group wheel then I CAN ssh to my computer; if I put myself back to wheel - then CANNOT ssh to the computer. How can I ssh and be a member of the wheel group? In that case, maybe PermitRootLogin yes in /etc/ssh/sshd_config and restarting sshd would help. For testing purpose, yes. The default is no. I think allowing root login in a not-secure environment is a bad idea. R. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: NEW: cannot ssh to my computer
* Panagiotis Christias [EMAIL PROTECTED] [1116 09:16]: On Mon, 22 Nov 2004 00:05:33 -0500, Ivan Georgiev [EMAIL PROTECTED] wrote: Just another thing ... If I remove myself from the group wheel then I CAN ssh to my computer; if I put myself back to wheel - then CANNOT ssh to the computer. How can I ssh and be a member of the wheel group? In that case, maybe PermitRootLogin yes in /etc/ssh/sshd_config and restarting sshd would help. That setting shouldn't affect wheel logins. -- Yeah, life is hilariously cruel. - Bender Rasputin :: Jack of All Trades - Master of Nuns ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: NEW: cannot ssh to my computer
On Monday 22 November 2004 06:39 am, Dick Davies wrote: * Panagiotis Christias [EMAIL PROTECTED] [1116 09:16]: On Mon, 22 Nov 2004 00:05:33 -0500, Ivan Georgiev [EMAIL PROTECTED] wrote: Just another thing ... If I remove myself from the group wheel then I CAN ssh to my computer; if I put myself back to wheel - then CANNOT ssh to the computer. How can I ssh and be a member of the wheel group? In that case, maybe PermitRootLogin yes in /etc/ssh/sshd_config and restarting sshd would help. That setting shouldn't affect wheel logins. Changing PermitRootLogin to yes didn't do it ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: NEW: cannot ssh to my computer
James Hong wrote: correct me if im wrong, but just because user is a part of WHELL group does that mean he/she is a root ? or equivlent of root ? I know lot of things like su - may require you to be wheel group but Im not sure why a user has to be non wheel group in order to log in. I think using SUDO is better than putting any user in to wheel too. but thats just me. James H To my knowledge the wheel group has no special privileges and it's only purpose is to allow a normal user to become (su) root, thats it. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: NEW: cannot ssh to my computer
On Mon, Nov 22, 2004 at 07:41:32AM -0500, Ivan Georgiev typed: On Monday 22 November 2004 06:39 am, Dick Davies wrote: * Panagiotis Christias [EMAIL PROTECTED] [1116 09:16]: On Mon, 22 Nov 2004 00:05:33 -0500, Ivan Georgiev [EMAIL PROTECTED] wrote: Just another thing ... If I remove myself from the group wheel then I CAN ssh to my computer; if I put myself back to wheel - then CANNOT ssh to the computer. How can I ssh and be a member of the wheel group? In that case, maybe PermitRootLogin yes in /etc/ssh/sshd_config and restarting sshd would help. That setting shouldn't affect wheel logins. Changing PermitRootLogin to yes didn't do it You don't by any chance have a line DenyGroups wheel in your /etc/ssh/sshd_config, do you? Ruben ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: NEW: cannot ssh to my computer
On Monday 22 November 2004 08:25 am, Ruben de Groot wrote: On Mon, Nov 22, 2004 at 07:41:32AM -0500, Ivan Georgiev typed: On Monday 22 November 2004 06:39 am, Dick Davies wrote: * Panagiotis Christias [EMAIL PROTECTED] [1116 09:16]: On Mon, 22 Nov 2004 00:05:33 -0500, Ivan Georgiev [EMAIL PROTECTED] wrote: Just another thing ... If I remove myself from the group wheel then I CAN ssh to my computer; if I put myself back to wheel - then CANNOT ssh to the computer. How can I ssh and be a member of the wheel group? In that case, maybe PermitRootLogin yes in /etc/ssh/sshd_config and restarting sshd would help. That setting shouldn't affect wheel logins. Changing PermitRootLogin to yes didn't do it You don't by any chance have a line DenyGroups wheel in your /etc/ssh/sshd_config, do you? Ruben No, I do not have any Deny* entries in the /etc/sshd_config file. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: NEW: cannot ssh to my computer
On Mon, 22 Nov 2004 08:35:58 -0500, Ivan Georgiev [EMAIL PROTECTED] wrote: On Monday 22 November 2004 08:25 am, Ruben de Groot wrote: On Mon, Nov 22, 2004 at 07:41:32AM -0500, Ivan Georgiev typed: On Monday 22 November 2004 06:39 am, Dick Davies wrote: * Panagiotis Christias [EMAIL PROTECTED] [1116 09:16]: On Mon, 22 Nov 2004 00:05:33 -0500, Ivan Georgiev [EMAIL PROTECTED] wrote: Just another thing ... If I remove myself from the group wheel then I CAN ssh to my computer; if I put myself back to wheel - then CANNOT ssh to the computer. How can I ssh and be a member of the wheel group? In that case, maybe PermitRootLogin yes in /etc/ssh/sshd_config and restarting sshd would help. That setting shouldn't affect wheel logins. Changing PermitRootLogin to yes didn't do it You don't by any chance have a line DenyGroups wheel in your /etc/ssh/sshd_config, do you? Ruben No, I do not have any Deny* entries in the /etc/sshd_config file. Can other wheel users log in? -Aaron ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: NEW: cannot ssh to my computer
+++ Ivan Georgiev [freebsd] [22-11-04 07:41 -0500]: | On Monday 22 November 2004 06:39 am, Dick Davies wrote: | * Panagiotis Christias [EMAIL PROTECTED] [1116 09:16]: | On Mon, 22 Nov 2004 00:05:33 -0500, Ivan Georgiev [EMAIL PROTECTED] wrote: |Just another thing ... | |If I remove myself from the group wheel then I CAN ssh to my computer; |if I put myself back to wheel - then CANNOT ssh to the computer. | |How can I ssh and be a member of the wheel group? | | In that case, maybe PermitRootLogin yes in /etc/ssh/sshd_config and | restarting sshd would help. | | That setting shouldn't affect wheel logins. | | Changing PermitRootLogin to yes didn't do it what's in /etc/hosts.allow? Regards, Shantanoo ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: NEW: cannot ssh to my computer
On Monday 22 November 2004 08:42 am, cape canaveral wrote: On Mon, 22 Nov 2004 08:35:58 -0500, Ivan Georgiev [EMAIL PROTECTED] wrote: On Monday 22 November 2004 08:25 am, Ruben de Groot wrote: On Mon, Nov 22, 2004 at 07:41:32AM -0500, Ivan Georgiev typed: On Monday 22 November 2004 06:39 am, Dick Davies wrote: * Panagiotis Christias [EMAIL PROTECTED] [1116 09:16]: On Mon, 22 Nov 2004 00:05:33 -0500, Ivan Georgiev [EMAIL PROTECTED] wrote: Just another thing ... If I remove myself from the group wheel then I CAN ssh to my computer; if I put myself back to wheel - then CANNOT ssh to the computer. How can I ssh and be a member of the wheel group? In that case, maybe PermitRootLogin yes in /etc/ssh/sshd_config and restarting sshd would help. That setting shouldn't affect wheel logins. Changing PermitRootLogin to yes didn't do it You don't by any chance have a line DenyGroups wheel in your /etc/ssh/sshd_config, do you? Ruben No, I do not have any Deny* entries in the /etc/sshd_config file. Can other wheel users log in? No, all of the users in the wheel group cannot ssh ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: NEW: cannot ssh to my computer
On Monday 22 November 2004 02:59 pm, Shantanoo Mahajan wrote: +++ Ivan Georgiev [freebsd] [22-11-04 07:41 -0500]: | On Monday 22 November 2004 06:39 am, Dick Davies wrote: | * Panagiotis Christias [EMAIL PROTECTED] [1116 09:16]: | On Mon, 22 Nov 2004 00:05:33 -0500, Ivan Georgiev [EMAIL PROTECTED] wrote: |Just another thing ... | |If I remove myself from the group wheel then I CAN ssh to my |computer; if I put myself back to wheel - then CANNOT ssh to the |computer. | |How can I ssh and be a member of the wheel group? | | In that case, maybe PermitRootLogin yes in /etc/ssh/sshd_config and | restarting sshd would help. | | That setting shouldn't affect wheel logins. | | Changing PermitRootLogin to yes didn't do it what's in /etc/hosts.allow? Whatever is in the default 5-3-RELEASE installation. I haven't touched that : ALL : ALL : allow #sshd : .evil.cracker.example.com : deny ALL : PARANOID : RFC931 20 : deny ALL : localhost 127.0.0.1 [::1] : allow ALL : my.machine.example.com 192.0.2.35 : allow ALL : [fe80::%fxp0]/10 : allow ALL : [fe80::]/10 : deny ALL : [2001:db8:2:1:2:3:4:3fe1] : deny ALL : [2001:db8:2:1::]/64 : allow sendmail : localhost : allow sendmail : .nice.guy.example.com : allow sendmail : .evil.cracker.example.com : deny sendmail : ALL : allow exim : localhost : allow exim : .nice.guy.example.com : allow exim : .evil.cracker.example.com : deny exim : ALL : allow rpcbind : 192.0.2.32/255.255.255.224 : allow rpcbind : 192.0.2.96/255.255.255.224 : allow rpcbind : ALL : deny ypserv : localhost : allow ypserv : .unsafe.my.net.example.com : deny ypserv : .my.net.example.com : allow ypserv : ALL : deny ftpd : localhost : allow ftpd : .nice.guy.example.com : allow ftpd : .evil.cracker.example.com : deny ftpd : ALL : allow fingerd : ALL \ : spawn (echo Finger. | \ /usr/bin/mail -s tcpd\: [EMAIL PROTECTED] fingered me! root) \ : deny ALL : ALL \ : severity auth.info \ : twist /bin/echo You are not welcome to use %d from %h. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: NEW: cannot ssh to my computer
On Mon, 22 Nov 2004 00:05:33 -0500 Ivan Georgiev [EMAIL PROTECTED] wrote: Just another thing ... If I remove myself from the group wheel then I CAN ssh to my computer; if I put myself back to wheel - then CANNOT ssh to the computer. How can I ssh and be a member of the wheel group? hello ivan, it might be worth your while to check /etc/login.access to see if you have refused remote logins by wheel. hth, epi Ivan ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: NEW: cannot ssh to my computer
Just another thing ... If I remove myself from the group wheel then I CAN ssh to my computer; if I put myself back to wheel - then CANNOT ssh to the computer. How can I ssh and be a member of the wheel group? hello ivan, it might be worth your while to check /etc/login.access to see if you have refused remote logins by wheel. hth, epi Thank you so very much Epi !!! I guess I have put this -:wheel:ALL EXCEPT LOCAL in /etc/login.access but had no recollection of doing it. After commenting it out the problem is gone. Many thanks to all that helped solving my mysterious/trivial problem ! Regards, Ivan ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: NEW: cannot ssh to my computer
On Mon, 22 Nov 2004 22:37:19 -0500 Ivan Georgiev [EMAIL PROTECTED] wrote: Just another thing ... If I remove myself from the group wheel then I CAN ssh to my computer; if I put myself back to wheel - then CANNOT ssh to the computer. How can I ssh and be a member of the wheel group? hello ivan, it might be worth your while to check /etc/login.access to see if you have refused remote logins by wheel. hth, epi Thank you so very much Epi !!! I guess I have put this -:wheel:ALL EXCEPT LOCAL in /etc/login.access but had no recollection of doing it. After commenting it out the problem is gone. hello again ivan, fwiw, your 'problem' may actually be better than your 'solution'. with all the script kiddies who are running ssh brute force attempts against the root user account (check your logs), it is wise to use 'su' or 'sudo' to elevate your priveleges on that box, rather than logging in as root. naturally, you can harden ssh somewhat and even restrict logins by ip addy in login.access, but if you're not doing that, i humbly suggest that you think twice about enabling root ssh to your box. cheers, epi Many thanks to all that helped solving my mysterious/trivial problem ! Regards, Ivan ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: NEW: cannot ssh to my computer
I guess I have put this -:wheel:ALL EXCEPT LOCAL in /etc/login.access but had no recollection of doing it. After commenting it out the problem is gone. hello again ivan, fwiw, your 'problem' may actually be better than your 'solution'. with all the script kiddies who are running ssh brute force attempts against the root user account (check your logs), it is wise to use 'su' or 'sudo' to elevate your priveleges on that box, rather than logging in as root. naturally, you can harden ssh somewhat and even restrict logins by ip addy in login.access, but if you're not doing that, i humbly suggest that you think twice about enabling root ssh to your box. I have AllowUsers in /etc/ssh/sshd_config and root in not one of them. So, even though the members of the wheel group are allowed to ssh remotely, the root account is not compromised. Is that right? I tried, just to check, to ssh as root but cannot, the log says User root not allowed because not listed in AllowUsers Let me know if I am wrong. Thanks again, Ivan ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: NEW: cannot ssh to my computer
Just another thing ... If I remove myself from the group wheel then I CAN ssh to my computer; if I put myself back to wheel - then CANNOT ssh to the computer. How can I ssh and be a member of the wheel group? Ivan ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
NEW: cannot ssh to my computer
Hello, Please excuse my re-posting of the same problem but, simply, I have no clue how to fix my account. Below you can see the previous postings. What puzzles me is that if I create a new user this user can connect trough ssh with no problems. Only my account is rejected. Thank you for your help, Ivan Ivan Georgiev [EMAIL PROTECTED] writes: On Thursday 18 November 2004 07:08 pm, Lowell Gilbert wrote: Ivan Georgiev [EMAIL PROTECTED] writes: On Thursday 18 November 2004 06:00 pm, Sebastian Holmqvist wrote: On Thu, 18 Nov 2004 17:44:05 -0500, Ivan Georgiev [EMAIL PROTECTED] wrote: On Thursday 18 November 2004 08:42 am, Sebastian Holmqvist wrote: On Thu, 18 Nov 2004 13:26:05 +, Daniel Bye [EMAIL PROTECTED] wrote: On Thu, Nov 18, 2004 at 07:49:03AM -0500, Ivan Georgiev wrote: I changed PasswordAuthentication to 'yes' and this time it asks me 6 times for my password (3 times beginning with Password: You can disable these first three by changing ChallengeResponseAuthentication to no. and another 3 times with Password for [EMAIL PROTECTED]) and rejects me again with the same message from sshd. Sounds like a silly question, I know, but are you typing your password correctly? For example, is your local keymap sending the right characters to the server? Adding more verbosity didn't help me to understand the problem. I also noticed that my ida_dsa.pub key ends with ivan@ . Usualy I have seen it ending with [EMAIL PROTECTED]. Is this a problem? No, I don't think so. It is just a convenient identifier for human consumption - it's somewhat easier to use the last little bit of the key than to try and remember the whole keyblock! Have you copied ida_dsa.pub from the client machine to your ~/.ssh/authorized_keys file on the server? Dan -- Daniel Bye PGP Key: ftp://ftp.slightlystrange.org/pgpkey/dan.asc PGP Key fingerprint: 3B9D 8BBB EB03 BA83 5DB4 3B88 86FC F03A 90A1 BE8F _ ASCII ribbon campaign ( ) - against HTML, vCards and X - proprietary attachments in e-mail / \ Sure you have changed your keymap? And sorry if I misunderstood, are you trying to ssh to the computer you're sitting on? I do not think I have done any changes to the keymap. And, yes, I am trying to connect to the computer I am sitting on plus have tried to connect from my office computer. In both cases no luck. I will appreciate if you can help me to resolve the issue. Thanks, Ivan When you connect from the office-computer, what happends? As I said - rejects with Permission denied and a message the log: sshd[25413]: Failed password for ivan from MY_OFFICE_COMPUTER_ADDRESS port 44517 ssh2 Try ssh -v (and if that doesn't tell you enough, ssh -vv) and look at the debug output when it asks for and rejects the password. If that doesn't give you more of a clue, try doing the equivalent with sshd. I have tried that already but cannot understand where the problem is. Here is small part of the sshd log: debug1: userauth-request for user ivan service ssh-connection method password debug1: attempt 5 failures 4 debug2: input_userauth_request: try method password debug3: mm_auth_password entering debug3: mm_request_send entering: type 10 debug3: monitor_read: checking request 10 debug3: mm_answer_authpassword: sending result 1 debug3: mm_request_send entering: type 11 debug3: mm_request_receive_expect entering: type 46 debug3: mm_request_receive entering debug3: mm_auth_password: waiting for MONITOR_ANS_AUTHPASSWORD debug3: mm_request_receive_expect entering: type 11 debug3: mm_request_receive entering debug3: mm_auth_password: user authenticated debug3: mm_do_pam_account entering debug3: mm_request_send entering: type 46 debug3: mm_request_send entering: type 47 Failed password for ivan from XXX.XXX.XXX.XXX port 55958 ssh2 debug3: mm_request_receive entering debug3: mm_request_receive_expect entering: type 47 debug3: mm_request_receive entering debug3: mm_do_pam_account returning 0 Failed password for ivan from XXX.XXX.XXX.XXX port 55958 ssh2 Connection closed by XXX.XXX.XXX.XXX debug1: do_cleanup debug1: PAM: cleanup debug3: PAM: sshpam_thread_cleanup entering debug1: do_cleanup debug1: PAM: cleanup debug3: PAM: sshpam_thread_cleanup entering and from ssh -vvv [EMAIL PROTECTED]'s password: debug3: packet_send2: adding 64 (len 59 padlen 5 extra_pad 64) debug2: we sent a password packet, wait for reply debug1: Authentications that can continue:
Re: NEW: cannot ssh to my computer
Ivan Georgiev wrote: Hello, Please excuse my re-posting of the same problem but, simply, I have no clue how to fix my account. Below you can see the previous postings. What puzzles me is that if I create a new user this user can connect trough ssh with no problems. Only my account is rejected. As far as I know, ssh stores the user's ssh files in ~/.ssh/. How about moving this .ssh out of the way by mv .ssh ssh_copy and try again? If that solves your problem, you should inspect the files in that ssh directory. Rob. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: NEW: cannot ssh to my computer
On Saturday 20 November 2004 07:51 pm, Rob wrote: Ivan Georgiev wrote: Hello, Please excuse my re-posting of the same problem but, simply, I have no clue how to fix my account. Below you can see the previous postings. What puzzles me is that if I create a new user this user can connect trough ssh with no problems. Only my account is rejected. As far as I know, ssh stores the user's ssh files in ~/.ssh/. How about moving this .ssh out of the way by mv .ssh ssh_copy and try again? If that solves your problem, you should inspect the files in that ssh directory. Rob. I already did that, i.e. removed my ~/.ssh directory and tried again. Unfortunately this didn't solve the problem. Ivan ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: NEW: cannot ssh to my computer - Found word(s) XXX in the Text body
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ivan Georgiev Sent: Saturday, November 20, 2004 4:21 PM To: [EMAIL PROTECTED] Subject: [KEYWORD GFI SPAM] - NEW: cannot ssh to my computer - Found word(s) XXX in the Text body Hello, Please excuse my re-posting of the same problem but, simply, I have no clue how to fix my account. Below you can see the previous postings. What puzzles me is that if I create a new user this user can connect trough ssh with no problems. Only my account is rejected. Thank you for your help, Ivan - Hello Ivan: Have you confirmed that all of your local files have the correct permissions *and* ownership? Are you the appropriate owner of your own directory? Mike ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: NEW: cannot ssh to my computer
Hello, Please excuse my re-posting of the same problem but, simply, I have no clue how to fix my account. Below you can see the previous postings. What puzzles me is that if I create a new user this user can connect trough ssh with no problems. Only my account is rejected. Thank you for your help, Ivan - Hello Ivan: Have you confirmed that all of your local files have the correct permissions *and* ownership? Are you the appropriate owner of your own directory? Mike Hi Mike, Yes, all of the files/directories in my home directory have the right ownership. I do not know what you mean by right permission since each type of file can have different permissions. If you meant the permissions in my ~/.ssh directory they are: bash-2.05b$ ll total 234 drwx-- 2 ivan ivan 512 Nov 19 22:05 . drwxr-xr-x 28 ivan ivan 198656 Nov 20 21:04 .. -rw-r--r-- 1 ivan ivan 595 Nov 19 22:05 authorized_keys -rw--- 1 ivan ivan 668 Nov 19 22:00 id_dsa -rw-r--r-- 1 ivan ivan 595 Nov 19 22:00 id_dsa.pub -rw-r--r-- 1 ivan ivan1817 Nov 20 14:20 known_hosts Another interesting thing that I missed before in var/log/messages is : sshd[45489]: error: PAM: success for ivan from while in /var/log/auth.log I see: sshd[45489]: Failed keyboard-interactive/pam for ivan from ... port 56269 ssh2 Thanks for your help, Ivan ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: NEW: cannot ssh to my computer
-Original Message- From: Ivan Georgiev [mailto:[EMAIL PROTECTED] Sent: Saturday, November 20, 2004 6:11 PM To: [EMAIL PROTECTED] Cc: Michael Smith Subject: Re: NEW: cannot ssh to my computer Hello, Please excuse my re-posting of the same problem but, simply, I have no clue how to fix my account. Below you can see the previous postings. What puzzles me is that if I create a new user this user can connect trough ssh with no problems. Only my account is rejected. Thank you for your help, Ivan - Hello Ivan: Have you confirmed that all of your local files have the correct permissions *and* ownership? Are you the appropriate owner of your own directory? Mike Hi Mike, Yes, all of the files/directories in my home directory have the right ownership. I do not know what you mean by right permission since each type of file can have different permissions. If you meant the permissions in my ~/.ssh directory they are: bash-2.05b$ ll total 234 drwx-- 2 ivan ivan 512 Nov 19 22:05 . drwxr-xr-x 28 ivan ivan 198656 Nov 20 21:04 .. -rw-r--r-- 1 ivan ivan 595 Nov 19 22:05 authorized_keys -rw--- 1 ivan ivan 668 Nov 19 22:00 id_dsa -rw-r--r-- 1 ivan ivan 595 Nov 19 22:00 id_dsa.pub -rw-r--r-- 1 ivan ivan1817 Nov 20 14:20 known_hosts Another interesting thing that I missed before in var/log/messages is : sshd[45489]: error: PAM: success for ivan from while in /var/log/auth.log I see: sshd[45489]: Failed keyboard-interactive/pam for ivan from ... port 56269 ssh2 Thanks for your help, Ivan - This may be a stretch but I know that SSH can be quite finicky about directory permissions. Try setting your .ssh directory to 0700. I think the go+x on the directory itself may be causing you problems. Mike ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]