sslug-teknik team mailing list archive

Thread
Date

SSH og PAM

To: <sslug-teknik@xxxxxxxx>
From: "Nicolaj Ottsen" <no@xxxxxxxxxx>
Date: Thu, 15 Jun 2000 14:28:58 +0200
Delivered-to: mailing list sslug-teknik@xxxxxxxx
Mailing-list: contact sslug-teknik-help@xxxxxxxx; run by ezmlm
Organization: Tjantik A/S

Hej allesammen

Jeg har lige installeret openSSH på en ny installeret Redhat 6.2. Det gik
helt fint, men jeg har lidt problemer med at forbinde til serveren.

Min klient, SECURE-CRT (Windows) siger at serveren ikke kan genkede min
publickey. Jeg har ellers kopieret den til /root/.ssh/authorized_keys2

syslog siger:

Jun 10 18:06:54 linux sshd[798]: Received disconnect: 11: Unable to
authenticate using any of the configured authentication methods
Jun 10 18:06:54 linux PAM_pwdb[798]: (sshd) session closed for user root

Min /etc/pam.d/sshd fil ser således ud:

#%PAM-1.0
auth       required     /lib/security/pam_pwdb.so shadow nodelay
auth       required     /lib/security/pam_nologin.so
account    required     /lib/security/pam_pwdb.so
password   required     /lib/security/pam_cracklib.so
password   required     /lib/security/pam_pwdb.so shadow nullok use_authtok
session    required     /lib/security/pam_pwdb.so
session    required     /lib/security/pam_limits.so

og sshd -d rapportere følgende:

[root@linux /root]# sshd -d
debug: sshd version OpenSSH_2.1.1
debug: Seeding random number generator
debug: read DSA private key done
debug: Seeding random number generator
debug: Bind to port 22 on 0.0.0.0.
Server listening on 0.0.0.0 port 22.
Generating 768 bit RSA key.
debug: Seeding random number generator
debug: Seeding random number generator
RSA key generation complete.
debug: Server will not fork when running in debugging mode.
Connection from 10.0.0.101 port 3257
debug: Client protocol version 2.0; client software version 3.0 SecureCRT
(tm), a product of Van Dyke Technologies, Inc.
Enabling compatibility mode for protocol 2.0
debug: Local version string SSH-1.99-OpenSSH_2.1.1
debug: send KEXINIT
debug: done
debug: wait KEXINIT
debug: got kexinit: diffie-hellman-group1-sha1
debug: got kexinit: ssh-dss
debug: got kexinit: 3des-cbc
debug: got kexinit: 3des-cbc
debug: got kexinit: hmac-md5
debug: got kexinit: hmac-md5
debug: got kexinit: none
debug: got kexinit: none
debug: got kexinit:
debug: got kexinit:
debug: first kex follow: 0
debug: reserved: 0
debug: done
debug: kex: client->server 3des-cbc hmac-md5 none
debug: kex: server->client 3des-cbc hmac-md5 none
debug: Wait SSH2_MSG_KEXDH_INIT.
debug: bits set: 514/1024
debug: bits set: 518/1024
debug: sig size 20 20
debug: send SSH2_MSG_NEWKEYS.
debug: done: send SSH2_MSG_NEWKEYS.
debug: Wait SSH2_MSG_NEWKEYS.
debug: GOT SSH2_MSG_NEWKEYS.
debug: done: KEX2.
debug: userauth-request for user root service ssh-connection method
publickey
debug: Starting up PAM with username "root"
debug: keytype ssh-dss
debug: test key...
Failed publickey for ROOT from 10.0.0.101 port 3257 ssh2
Received disconnect: 11: Unable to authenticate using any of the configured
authentication methods
debug: Calling cleanup 0x804f230(0x0)
debug: Calling cleanup 0x805f2b0(0x0)


Er det et PAM konfigurations problem eller et sshd problem ?

PS, jeg er helt ny til ssh og linux, så bær over med mig hvis det er et dumt
spørgsmål

På forhånd tak for hjælpen

Nicolaj Ottsen

Follow ups

Re: SSH og PAM
From: Peter Toft, 2000-06-20