| Author |
Message |
Pavel Sukortsev
*nix forums beginner
Joined: 19 Mar 2005
Posts: 10
|
 Posted: Tue Feb 08, 2005 8:14 am Post subject:
FreeBSD 5.3 & ssh
|
|
|
I have installed FreeBSD 5.3 and have started sshd. Then I have check that
ssh login to localhost working fine. But when I have tried to login to
FreeBSD machine from a windows workstation by using two ssh clients
SecureCRT and F-Secure SSH Client - no successes. There is only a message
about key that was stored locally and then a message that it can not login.
Where can be a problem? |
|
| Back to top |
|
 |
Dorian Büttner
*nix forums addict
Joined: 03 Mar 2005
Posts: 63
|
| Posted: Tue Feb 08, 2005 9:26 am Post subject:
Re: FreeBSD 5.3 & ssh
|
|
|
Pavel Sukortsev schrieb:
| Quote: | I have installed FreeBSD 5.3 and have started sshd. Then I have check that
ssh login to localhost working fine. But when I have tried to login to
FreeBSD machine from a windows workstation by using two ssh clients
SecureCRT and F-Secure SSH Client - no successes. There is only a message
about key that was stored locally and then a message that it can not login.
Where can be a problem?
Chances are you trying to login as root which is disabled? |
Can you login as a normal user? |
|
| Back to top |
|
|
J. van der Knaap
*nix forums beginner
Joined: 07 Feb 2005
Posts: 2
|
| Posted: Tue Feb 08, 2005 10:07 am Post subject:
Re: FreeBSD 5.3 & ssh
|
|
|
Pavel Sukortsev wrote:
| Quote: | I have installed FreeBSD 5.3 and have started sshd. Then I have check that
ssh login to localhost working fine. But when I have tried to login to
FreeBSD machine from a windows workstation by using two ssh clients
SecureCRT and F-Secure SSH Client - no successes. There is only a message
about key that was stored locally and then a message that it can not login.
Where can be a problem?
|
With SecureCRT, how did you configure the authentication?
You could try setting the Primary to 'Keyboard Interactive'.
Joost |
|
| Back to top |
|
|
Pavel Sukortsev
*nix forums beginner
Joined: 19 Mar 2005
Posts: 10
|
| Posted: Tue Feb 08, 2005 10:32 am Post subject:
Re: FreeBSD 5.3 & ssh
|
|
|
"Dorian Büttner" <dorian.buettner@gmx.de> wrote in message
news:cua42l$ls3$05$1@news.t-online.com...
| Quote: | Pavel Sukortsev schrieb:
I have installed FreeBSD 5.3 and have started sshd. Then I have check
that
ssh login to localhost working fine. But when I have tried to login to
FreeBSD machine from a windows workstation by using two ssh clients
SecureCRT and F-Secure SSH Client - no successes. There is only a
message
about key that was stored locally and then a message that it can not
login.
Where can be a problem?
Chances are you trying to login as root which is disabled?
Can you login as a normal user?
|
Yes I have set 'PermitRootLogin' to yes in sshd_config. Connecting ssh to
localhost permit user root to login.
I can not login as normal user as well user root from workstation.
In SecureCRT I have set 'Authendication', 'Primary' to 'password'. I have no
option 'Keyboard Interactive'. |
|
| Back to top |
|
|
Dorian Büttner
*nix forums addict
Joined: 03 Mar 2005
Posts: 63
|
| Posted: Tue Feb 08, 2005 11:01 am Post subject:
Re: FreeBSD 5.3 & ssh
|
|
|
Pavel Sukortsev schrieb:
| Quote: | Yes I have set 'PermitRootLogin' to yes in sshd_config. Connecting ssh to
localhost permit user root to login.
I can not login as normal user as well user root from workstation.
I'd suggest, as I don't know the clients you are working with, you could |
get the putty.exe from
http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html
for testing purposes, it's standalone and I know it to work out of the
box, with BSD.
| Quote: | In SecureCRT I have set 'Authendication', 'Primary' to 'password'. I have no
option 'Keyboard Interactive'.
|
If you didn't fiddle the pam.d configs, it should work then. One thing
to be
investigated is the dns reverse lookup, which if not properly setup
might cause ssh
to take a long time to enable login, I don't know how different client
software takes care of.
regards,
Dorian |
|
| Back to top |
|
|
Mookstah
*nix forums beginner
Joined: 20 Feb 2005
Posts: 8
|
| Posted: Tue Feb 08, 2005 11:21 am Post subject:
Re: FreeBSD 5.3 & ssh
|
|
|
"Pavel Sukortsev" <pavel.sukortsev@ericsson.com> wrote in message news:cua7vt$ndo$1@aken.eed.ericsson.se...
| Quote: |
"Dorian Büttner" <dorian.buettner@gmx.de> wrote in message
news:cua42l$ls3$05$1@news.t-online.com...
Pavel Sukortsev schrieb:
I have installed FreeBSD 5.3 and have started sshd. Then I have check
that
ssh login to localhost working fine. But when I have tried to login to
FreeBSD machine from a windows workstation by using two ssh clients
SecureCRT and F-Secure SSH Client - no successes. There is only a
message
about key that was stored locally and then a message that it can not
login.
Where can be a problem?
Chances are you trying to login as root which is disabled?
Can you login as a normal user?
Yes I have set 'PermitRootLogin' to yes in sshd_config. Connecting ssh to
localhost permit user root to login.
I can not login as normal user as well user root from workstation.
In SecureCRT I have set 'Authendication', 'Primary' to 'password'. I have no
option 'Keyboard Interactive'.
|
Try to add:
PasswordAuthentication yes
|
|
| Back to top |
|
|
Per Hedeland
*nix forums Guru Wannabe
Joined: 20 Feb 2005
Posts: 182
|
| Posted: Tue Feb 08, 2005 10:43 pm Post subject:
Re: FreeBSD 5.3 & ssh
|
|
|
In article <cua7vt$ndo$1@aken.eed.ericsson.se> "Pavel Sukortsev"
<pavel.sukortsev@ericsson.com> writes:
| Quote: |
In SecureCRT I have set 'Authendication', 'Primary' to 'password'. I have no
option 'Keyboard Interactive'.
|
Then you must, as suggested in another followup, turn on
PasswordAuthentication - it is off by default in the 5.3 sshd. You may
also want to note that in this version of OpenSSH (3.8.1p1),
PasswordAuthentication and UsePAM are mutually exclusive - if you turn
on PasswordAuthentication, PAM will be ignored, regardless of the UsePAM
setting. This is fixed in the current version, 3.9p1 - from the release
notes:
* Portable OpenSSH: Re-introduce support for PAM password authentication, in
addition to the keyboard-interactive driver. PAM password authentication
is less flexible, and doesn't support pre-authentication password expiry but
runs in-process so Kerberos tokens, etc are retained
I believe 3.9p1 is in FreeBSD-CURRENT.
--Per Hedeland
per@hedeland.org |
|
| Back to top |
|
|
Vlad D. Markov
*nix forums beginner
Joined: 14 Mar 2005
Posts: 24
|
| Posted: Wed Feb 09, 2005 1:06 am Post subject:
Re: FreeBSD 5.3 & ssh
|
|
|
On Tue, 8 Feb 2005 12:14:39 +0300
"Pavel Sukortsev" <pavel.sukortsev@ericsson.com> wrote:
| Quote: | I have installed FreeBSD 5.3 and have started sshd. Then I have check that
ssh login to localhost working fine. But when I have tried to login to
FreeBSD machine from a windows workstation by using two ssh clients
SecureCRT and F-Secure SSH Client - no successes. There is only a message
about key that was stored locally and then a message that it can not login.
Where can be a problem?
ok, I use F-Secure SSH Client on Windows98 to log into a FreeBSD 5.3 box. My setup is pretty much vanilla. A normal user using a password works "out of the box". |
My problem was with keys. F-Secure does them one way and Openssh another. If you look at the man page for the ssh-keygen that comes with Openssh, the "-i" and "-e" options are used to translate formats. I had to use this tool to make keys work between the two products.
How the public keys are stored between F-Secure and Openssh is very different. The gui in F-Secure for uploading keys assumes an F-Secure implementation on the other side so it doesn't really pass your public key correctly for Openssh. You will have to get your public key from the F-Secure box onto the Openssh box, import it into Openssh format, and append the translated public key to your authorized_keys file.
Its all kind of tedious. Good luck! |
|
| Back to top |
|
|
Pavel.Sukortsev
*nix forums beginner
Joined: 03 Apr 2005
Posts: 18
|
| Posted: Wed Feb 09, 2005 5:14 am Post subject:
Re: FreeBSD 5.3 & ssh
|
|
|
"Per Hedeland" <per@hedeland.org> wrote in message
news:cubfar$6f3$4@hedeland.org...
| Quote: | In article <cua7vt$ndo$1@aken.eed.ericsson.se> "Pavel Sukortsev"
pavel.sukortsev@ericsson.com> writes:
In SecureCRT I have set 'Authendication', 'Primary' to 'password'. I have
no
option 'Keyboard Interactive'.
Then you must, as suggested in another followup, turn on
PasswordAuthentication - it is off by default in the 5.3 sshd. You may
also want to note that in this version of OpenSSH (3.8.1p1),
PasswordAuthentication and UsePAM are mutually exclusive - if you turn
on PasswordAuthentication, PAM will be ignored, regardless of the UsePAM
setting. This is fixed in the current version, 3.9p1 - from the release
notes:
* Portable OpenSSH: Re-introduce support for PAM password authentication,
in
addition to the keyboard-interactive driver. PAM password authentication
is less flexible, and doesn't support pre-authentication password expiry
but
runs in-process so Kerberos tokens, etc are retained
I believe 3.9p1 is in FreeBSD-CURRENT.
--Per Hedeland
per@hedeland.org
|
Thanks to all! Right now it's working! |
|
| Back to top |
|
|
Google
|
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
Forum index
»
*nix
»
BSD
»
FreeBSD
