Greetings -
Yesterday I installed ssh-1.2.27 with little problem and this works.
Today I've been beating my head against a brick wall trying to install
ssh-2.0.13 on our Solaris 2.6 machine (I'll call this machine "fred" for
the purposes of this message)...
I have installed the daemon on fred, configured it (I believe correctly),
and got it running.
Then I eorked my way through each of the following scenarios by first
logging on to fred, and then trying ssh'ing to fred in various setups...
I can login under my ordinary username and then give the command:
ssh fred
This prompts me to enter my password for fred. When I do it connects me
and gives me a shell session. So far, so good.
Next I set up a public/private key pair for myself, along with
"identification" and "authorization" files. When I now:
ssh fred
I'm asked to enter my pass-phrase, after which I'm connected OK. Excellent.
Next I tried the ssh-agent and ssh-add to pre-load my keys. A
ssh fred
This let me in without needing to enter my pass-phrase or password. Even
better.
Now I want to turn on hostname authentication and here is where I'm getting
stuck.
I have modified the sshd's configuration file to have:
AllowedAuthentications publickey,password,hostbased
I also have set up my $HOME/.rhosts file to include:
fred.york.ac.uk
This file is read+write to myself and nothing to group or others.
If I now:
ssh fred
it asks me to enter my pass-phrase. If I (deliberately) mistype this (or
press Return) it falls back to asking me for my password on fred. If I
again deliberately mis-type this or just press Return it then hangs.
I've rummaged through the list's archives and stumbled across a reference
to changing the order of these tests by re-ordering the authentication
methods in the files:
apps/ssh/{sshauthmethodc,sshauthmethods}.c
This sort-of "improved" things in that it ssh'ing to fred now DOESN'T ask
me for a pass-phrase and password before hanging ... instead it just hangs
straight away! :-}
It looks as if there is something funny in the area of hostname
authentication (at least in how I've got ssh built and configured on our
system!).
I've tried re-compiling with "--with-debug" and running both server and
client with "-d 99" options. Unfortunately this (copious) output doesn't
seem to give me any clues as to the problem.
Can anyone suggest what may be wrong, please?
Many thanks,
Mike Brudenell
--
The Computing Service, University of York, Heslington, York Yo10 5DD, UK
Tel:+44-1904-433811 FAX:+44-1904-433740
Web: http://www-users.york.ac.uk/~pmb1/
* Unsolicited commercial e-mail is NOT welcome at this e-mail address. *
