After 4.6 to 4.9, SSH Lockout

2004-01-30 Thread chael 
Hello,

After upgrading from 4.6-STABLE to 4.9-STABLE (religiously following the Handbook), I 
could not login to a second or another ssh session. I still, however, have my current 
connection to where I performed the make world steps. This is a REMOTE machine and I 
do not want disconnect this current ssh session because of fear that I may not get a 
successful ssh connection again.

Any ideas? Hope anyone can give a straight help. 

I am attaching below my ssh -v result from a local machine I used to try ssh to the 
remote one:

-bash-2.05b$ ssh -v REMOTE_IP
OpenSSH_3.5p1 FreeBSD-20021029, SSH protocols 1.5/2.0, OpenSSL 0x0090607f
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: ssh_connect: needpriv 0
debug1: Connecting to REMOTE_IP [REMOTE_IP] port 22.
debug1: Connection established.
debug1: identity file /home/myusername/.ssh/identity type -1
debug1: identity file /home/myusername/.ssh/id_rsa type -1
debug1: identity file /home/myusername/.ssh/id_dsa type -1
debug1: Remote protocol version 1.99, remote software version OpenSSH_2.9 FreeBSD 
localisations 20011202
debug1: match: OpenSSH_2.9 FreeBSD localisations 20011202 pat 
OpenSSH_2.*,OpenSSH_3.0*,OpenSSH_3.1*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_3.5p1 FreeBSD-20021029
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server-client aes128-cbc hmac-md5 none
debug1: kex: client-server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: dh_gen_key: priv key bits set: 139/256
debug1: bits set: 1033/2049
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'REMOTE_IP' is known and matches the DSA host key.
debug1: Found key in /home/myusername/.ssh/known_hosts:28
debug1: bits set: 1008/2049
debug1: ssh_dss_verify: signature correct
debug1: kex_derive_keys
debug1: newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: waiting for SSH2_MSG_NEWKEYS
debug1: newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: done: ssh_kex2.
debug1: send SSH2_MSG_SERVICE_REQUEST
debug1: service_accept: ssh-userauth
debug1: got SSH2_MSG_SERVICE_ACCEPT
debug1: authentications that can continue: publickey,password,keyboard-interactive
debug1: next auth method to try is publickey
debug1: try privkey: /home/myusername/.ssh/identity
debug1: try privkey: /home/myusername/.ssh/id_rsa
debug1: try privkey: /home/myusername/.ssh/id_dsa
debug1: next auth method to try is keyboard-interactive
otp-md5 279 ka1364 ext
S/Key Password: 
debug1: authentications that can continue: publickey,password,keyboard-interactive
otp-md5 63 ka4161 ext
S/Key Password: 
debug1: authentications that can continue: publickey,password,keyboard-interactive
otp-md5 343 ka9768 ext
S/Key Password: 
debug1: authentications that can continue: publickey,password,keyboard-interactive
debug1: next auth method to try is password
[EMAIL PROTECTED]'s password: 
debug1: authentications that can continue: publickey,password,keyboard-interactive
Permission denied, please try again.
[EMAIL PROTECTED]'s password: 
debug1: authentications that can continue: publickey,password,keyboard-interactive
Permission denied, please try again.
[EMAIL PROTECTED]'s password: 
debug1: authentications that can continue: publickey,password,keyboard-interactive
debug1: no more auth methods to try
Permission denied (publickey,password,keyboard-interactive).
debug1: Calling cleanup 0x804c704(0x0)
-bash-2.05b$


___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: After 4.6 to 4.9, SSH Lockout

2004-01-30 Thread Peter Risdon 
[EMAIL PROTECTED] wrote:

Hello,

After upgrading from 4.6-STABLE to 4.9-STABLE (religiously following the Handbook), I could not login to a second or another ssh session. I still, however, have my current connection to where I performed the make world steps. This is a REMOTE machine and I do not want disconnect this current ssh session because of fear that I may not get a successful ssh connection again.

Any ideas? Hope anyone can give a straight help. 
 

Just an idea, but I've been caught by this before... Are you trying to 
log in as root? If so, you'll probably need to edit /etc/ssh/sshd_config 
to permit root logins again (it'll have been overwritten).

PWR.

___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]

Re: After 4.6 to 4.9, SSH Lockout

2004-01-30 Thread Ruben de Groot 
On Fri, Jan 30, 2004 at 09:49:00PM +0800, [EMAIL PROTECTED] typed:
 Hello,
 
 After upgrading from 4.6-STABLE to 4.9-STABLE (religiously following the Handbook), 
 I could not login to a second or another ssh session. I still, however, have my 
 current connection to where I performed the make world steps. This is a REMOTE 
 machine and I do not want disconnect this current ssh session because of fear that I 
 may not get a successful ssh connection again.

First: did you run mergemaster?

I remember somewhere after 4.6 I was experiencing the same problem.
It had to do with the PAMification of ssh and caused sshd to refuse any
new connections. I believe killing the sshd parent process and restarting
it solved it for me, without losing my existing connection.
Just for cases like this I usually keep another ssh daemon running 
(usually the non-commercial version of www.ssh.org) on a nonstandard port
or I enable a thouroughly wrapped and firewalled telnetd, just in case.

Ruben

___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]