[Bug 3507] Cannot get host-based authentication to work

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Wed Dec 7 22:18:02 AEDT 2022


https://bugzilla.mindrot.org/show_bug.cgi?id=3507

--- Comment #7 from Thomas Koeller <thomas at koeller.dyndns.org> ---
(In reply to Darren Tucker from comment #2)
> The reason is likely in the server side log.  Please run the server
> in debug mode (eg "/path/to/sshd -ddde -p222", connect to it on port
> 222 and attach the log.

Sory, missed the '-ddd' part.

debug2: load_server_config: filename /etc/ssh/sshd_config
debug2: load_server_config: done config len = 3744
debug2: parse_server_config_depth: config /etc/ssh/sshd_config len 3744
debug2: /etc/ssh/sshd_config line 15: new include
/etc/ssh/sshd_config.d/*.conf
debug2: /etc/ssh/sshd_config line 15: including
/etc/ssh/sshd_config.d/40-sshvpn.conf
debug2: load_server_config: filename
/etc/ssh/sshd_config.d/40-sshvpn.conf
debug2: load_server_config: done config len = 272
debug2: parse_server_config_depth: config
/etc/ssh/sshd_config.d/40-sshvpn.conf len 272
debug3: checking syntax for 'Match Host=sshvpn.koeller.dyndns.org'
debug2: /etc/ssh/sshd_config line 15: including
/etc/ssh/sshd_config.d/40-standard-user.conf
debug2: load_server_config: filename
/etc/ssh/sshd_config.d/40-standard-user.conf
debug2: load_server_config: done config len = 537
debug2: parse_server_config_depth: config
/etc/ssh/sshd_config.d/40-standard-user.conf len 537
debug3: checking syntax for 'Match User=thomas'
debug2: /etc/ssh/sshd_config line 15: including
/etc/ssh/sshd_config.d/50-redhat.conf
debug2: load_server_config: filename
/etc/ssh/sshd_config.d/50-redhat.conf
debug2: load_server_config: done config len = 720
debug2: parse_server_config_depth: config
/etc/ssh/sshd_config.d/50-redhat.conf len 720
debug2: /etc/ssh/sshd_config.d/50-redhat.conf line 6: new include
/etc/crypto-policies/back-ends/opensshserver.config
debug2: /etc/ssh/sshd_config.d/50-redhat.conf line 6: including
/etc/crypto-policies/back-ends/opensshserver.config
debug2: load_server_config: filename
/etc/crypto-policies/back-ends/opensshserver.config
debug2: load_server_config: done config len = 1800
debug2: parse_server_config_depth: config
/etc/crypto-policies/back-ends/opensshserver.config len 1800
debug3: /etc/crypto-policies/back-ends/opensshserver.config:1 setting
Ciphers
aes256-gcm at openssh.com,chacha20-poly1305 at openssh.com,aes256-ctr,aes128-gcm at openssh.com,aes128-ctr
debug3: /etc/crypto-policies/back-ends/opensshserver.config:2 setting
MACs
hmac-sha2-256-etm at openssh.com,hmac-sha1-etm at openssh.com,umac-128-etm at openssh.com,hmac-sha2-512-etm at openssh.com,hmac-sha2-256,hmac-sha1,umac-128 at openssh.com,hmac-sha2-512
debug3: /etc/crypto-policies/back-ends/opensshserver.config:3 setting
GSSAPIKexAlgorithms
gss-curve25519-sha256-,gss-nistp256-sha256-,gss-group14-sha256-,gss-group16-sha512-
debug3: gss kex names ok:
[gss-curve25519-sha256-,gss-nistp256-sha256-,gss-group14-sha256-,gss-group16-sha512-]
debug3: /etc/crypto-policies/back-ends/opensshserver.config:4 setting
KexAlgorithms
curve25519-sha256,curve25519-sha256 at libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512
debug3: kex names ok:
[curve25519-sha256,curve25519-sha256 at libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512]
debug3: /etc/crypto-policies/back-ends/opensshserver.config:5 setting
HostKeyAlgorithms
ecdsa-sha2-nistp256,ecdsa-sha2-nistp256-cert-v01 at openssh.com,sk-ecdsa-sha2-nistp256 at openssh.com,sk-ecdsa-sha2-nistp256-cert-v01 at openssh.com,ecdsa-sha2-nistp384,ecdsa-sha2-nistp384-cert-v01 at openssh.com,ecdsa-sha2-nistp521,ecdsa-sha2-nistp521-cert-v01 at openssh.com,ssh-ed25519,ssh-ed25519-cert-v01 at openssh.com,sk-ssh-ed25519 at openssh.com,sk-ssh-ed25519-cert-v01 at openssh.com,rsa-sha2-256,rsa-sha2-256-cert-v01 at openssh.com,rsa-sha2-512,rsa-sha2-512-cert-v01 at openssh.com
debug3: /etc/crypto-policies/back-ends/opensshserver.config:6 setting
PubkeyAcceptedAlgorithms
ecdsa-sha2-nistp256,ecdsa-sha2-nistp256-cert-v01 at openssh.com,sk-ecdsa-sha2-nistp256 at openssh.com,sk-ecdsa-sha2-nistp256-cert-v01 at openssh.com,ecdsa-sha2-nistp384,ecdsa-sha2-nistp384-cert-v01 at openssh.com,ecdsa-sha2-nistp521,ecdsa-sha2-nistp521-cert-v01 at openssh.com,ssh-ed25519,ssh-ed25519-cert-v01 at openssh.com,sk-ssh-ed25519 at openssh.com,sk-ssh-ed25519-cert-v01 at openssh.com,rsa-sha2-256,rsa-sha2-256-cert-v01 at openssh.com,rsa-sha2-512,rsa-sha2-512-cert-v01 at openssh.com
debug3: /etc/crypto-policies/back-ends/opensshserver.config:7 setting
CASignatureAlgorithms
ecdsa-sha2-nistp256,sk-ecdsa-sha2-nistp256 at openssh.com,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,sk-ssh-ed25519 at openssh.com,rsa-sha2-256,rsa-sha2-512
debug3: /etc/crypto-policies/back-ends/opensshserver.config:8 setting
RSAMinSize 2048
debug3: /etc/ssh/sshd_config.d/50-redhat.conf:8 setting SyslogFacility
AUTHPRIV
debug3: /etc/ssh/sshd_config.d/50-redhat.conf:10 setting
ChallengeResponseAuthentication no
debug3: /etc/ssh/sshd_config.d/50-redhat.conf:12 setting
GSSAPIAuthentication yes
debug3: /etc/ssh/sshd_config.d/50-redhat.conf:13 setting
GSSAPICleanupCredentials no
debug3: /etc/ssh/sshd_config.d/50-redhat.conf:15 setting UsePAM yes
debug3: /etc/ssh/sshd_config.d/50-redhat.conf:17 setting X11Forwarding
yes
debug3: /etc/ssh/sshd_config.d/50-redhat.conf:21 setting PrintMotd no
debug3: /etc/ssh/sshd_config:25 setting ListenAddress 192.168.0.1:22
debug3: /etc/ssh/sshd_config:26 setting ListenAddress
[fd46:1ffa:d8e0::1]:22
debug3: /etc/ssh/sshd_config:28 setting HostKey
/etc/ssh/ssh_host_ed25519_key
debug3: /etc/ssh/sshd_config:30 setting HostKeyAlgorithms
ssh-ed25519,ssh-ed25519-cert-v01 at openssh.com
debug3: /etc/ssh/sshd_config:37 setting LogLevel DEBUG
debug3: /etc/ssh/sshd_config:52 setting AuthorizedKeysFile
.ssh/authorized_keys
debug3: /etc/ssh/sshd_config:60 setting HostbasedAuthentication yes
debug3: /etc/ssh/sshd_config:63 setting IgnoreUserKnownHosts yes
debug3: /etc/ssh/sshd_config:65 setting IgnoreRhosts yes
debug3: /etc/ssh/sshd_config:68 setting PasswordAuthentication no
debug3: /etc/ssh/sshd_config:72 setting KbdInteractiveAuthentication no
debug3: /etc/ssh/sshd_config:99 setting UsePAM yes
debug3: /etc/ssh/sshd_config:108 setting PrintMotd no
debug3: /etc/ssh/sshd_config:118 setting PermitTunnel yes
debug3: /etc/ssh/sshd_config:126 setting Subsystem sftp
/usr/libexec/openssh/sftp-server
debug1: sshd version OpenSSH_8.8, OpenSSL 3.0.5 5 Jul 2022
debug1: private host key #0: ssh-ed25519
SHA256:csWU9fi5IWZ7AOmRGcYQJgHi5jk2jEG6x3Nl+EkadHk
debug1: rexec_argv[0]='/usr/sbin/sshd'
debug1: rexec_argv[1]='-ddd'
debug3: oom_adjust_setup
debug1: Set /proc/self/oom_score_adj from 200 to -1000
debug2: fd 3 setting O_NONBLOCK
debug3: sock_set_v6only: set socket 3 IPV6_V6ONLY
debug1: Bind to port 22 on fd46:1ffa:d8e0::1.
Server listening on fd46:1ffa:d8e0::1 port 22.
debug2: fd 4 setting O_NONBLOCK
debug1: Bind to port 22 on 192.168.0.1.
Server listening on 192.168.0.1 port 22.
debug3: fd 5 is not O_NONBLOCK
debug1: Server will not fork when running in debugging mode.
debug3: send_rexec_state: entering fd = 8 config len 3744
debug3: ssh_msg_send: type 0
debug3: send_rexec_state: done
debug1: rexec start in 5 out 5 newsock 5 pipe -1 sock 8
debug3: recv_rexec_state: entering fd = 5
debug3: ssh_msg_recv entering
debug3: recv_rexec_state: done
debug2: parse_server_config_depth: config rexec len 3744
debug2: parse_server_config_depth: config
/etc/ssh/sshd_config.d/40-sshvpn.conf len 272
debug3: checking syntax for 'Match Host=sshvpn.koeller.dyndns.org'
debug2: parse_server_config_depth: config
/etc/ssh/sshd_config.d/40-standard-user.conf len 537
debug3: checking syntax for 'Match User=thomas'
debug2: parse_server_config_depth: config
/etc/ssh/sshd_config.d/50-redhat.conf len 720
debug2: parse_server_config_depth: config
/etc/crypto-policies/back-ends/opensshserver.config len 1800
debug3: /etc/crypto-policies/back-ends/opensshserver.config:1 setting
Ciphers
aes256-gcm at openssh.com,chacha20-poly1305 at openssh.com,aes256-ctr,aes128-gcm at openssh.com,aes128-ctr
debug3: /etc/crypto-policies/back-ends/opensshserver.config:2 setting
MACs
hmac-sha2-256-etm at openssh.com,hmac-sha1-etm at openssh.com,umac-128-etm at openssh.com,hmac-sha2-512-etm at openssh.com,hmac-sha2-256,hmac-sha1,umac-128 at openssh.com,hmac-sha2-512
debug3: /etc/crypto-policies/back-ends/opensshserver.config:3 setting
GSSAPIKexAlgorithms
gss-curve25519-sha256-,gss-nistp256-sha256-,gss-group14-sha256-,gss-group16-sha512-
debug3: gss kex names ok:
[gss-curve25519-sha256-,gss-nistp256-sha256-,gss-group14-sha256-,gss-group16-sha512-]
debug3: /etc/crypto-policies/back-ends/opensshserver.config:4 setting
KexAlgorithms
curve25519-sha256,curve25519-sha256 at libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512
debug3: kex names ok:
[curve25519-sha256,curve25519-sha256 at libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512]
debug3: /etc/crypto-policies/back-ends/opensshserver.config:5 setting
HostKeyAlgorithms
ecdsa-sha2-nistp256,ecdsa-sha2-nistp256-cert-v01 at openssh.com,sk-ecdsa-sha2-nistp256 at openssh.com,sk-ecdsa-sha2-nistp256-cert-v01 at openssh.com,ecdsa-sha2-nistp384,ecdsa-sha2-nistp384-cert-v01 at openssh.com,ecdsa-sha2-nistp521,ecdsa-sha2-nistp521-cert-v01 at openssh.com,ssh-ed25519,ssh-ed25519-cert-v01 at openssh.com,sk-ssh-ed25519 at openssh.com,sk-ssh-ed25519-cert-v01 at openssh.com,rsa-sha2-256,rsa-sha2-256-cert-v01 at openssh.com,rsa-sha2-512,rsa-sha2-512-cert-v01 at openssh.com
debug3: /etc/crypto-policies/back-ends/opensshserver.config:6 setting
PubkeyAcceptedAlgorithms
ecdsa-sha2-nistp256,ecdsa-sha2-nistp256-cert-v01 at openssh.com,sk-ecdsa-sha2-nistp256 at openssh.com,sk-ecdsa-sha2-nistp256-cert-v01 at openssh.com,ecdsa-sha2-nistp384,ecdsa-sha2-nistp384-cert-v01 at openssh.com,ecdsa-sha2-nistp521,ecdsa-sha2-nistp521-cert-v01 at openssh.com,ssh-ed25519,ssh-ed25519-cert-v01 at openssh.com,sk-ssh-ed25519 at openssh.com,sk-ssh-ed25519-cert-v01 at openssh.com,rsa-sha2-256,rsa-sha2-256-cert-v01 at openssh.com,rsa-sha2-512,rsa-sha2-512-cert-v01 at openssh.com
debug3: /etc/crypto-policies/back-ends/opensshserver.config:7 setting
CASignatureAlgorithms
ecdsa-sha2-nistp256,sk-ecdsa-sha2-nistp256 at openssh.com,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519,sk-ssh-ed25519 at openssh.com,rsa-sha2-256,rsa-sha2-512
debug3: /etc/crypto-policies/back-ends/opensshserver.config:8 setting
RSAMinSize 2048
debug3: /etc/ssh/sshd_config.d/50-redhat.conf:8 setting SyslogFacility
AUTHPRIV
debug3: /etc/ssh/sshd_config.d/50-redhat.conf:10 setting
ChallengeResponseAuthentication no
debug3: /etc/ssh/sshd_config.d/50-redhat.conf:12 setting
GSSAPIAuthentication yes
debug3: /etc/ssh/sshd_config.d/50-redhat.conf:13 setting
GSSAPICleanupCredentials no
debug3: /etc/ssh/sshd_config.d/50-redhat.conf:15 setting UsePAM yes
debug3: /etc/ssh/sshd_config.d/50-redhat.conf:17 setting X11Forwarding
yes
debug3: /etc/ssh/sshd_config.d/50-redhat.conf:21 setting PrintMotd no
debug3: rexec:25 setting ListenAddress 192.168.0.1:22
debug3: rexec:26 setting ListenAddress [fd46:1ffa:d8e0::1]:22
debug3: rexec:28 setting HostKey /etc/ssh/ssh_host_ed25519_key
debug3: rexec:30 setting HostKeyAlgorithms
ssh-ed25519,ssh-ed25519-cert-v01 at openssh.com
debug3: rexec:37 setting LogLevel DEBUG
debug3: rexec:52 setting AuthorizedKeysFile .ssh/authorized_keys
debug3: rexec:60 setting HostbasedAuthentication yes
debug3: rexec:63 setting IgnoreUserKnownHosts yes
debug3: rexec:65 setting IgnoreRhosts yes
debug3: rexec:68 setting PasswordAuthentication no
debug3: rexec:72 setting KbdInteractiveAuthentication no
debug3: rexec:99 setting UsePAM yes
debug3: rexec:108 setting PrintMotd no
debug3: rexec:118 setting PermitTunnel yes
debug3: rexec:126 setting Subsystem sftp       
/usr/libexec/openssh/sftp-server
debug1: sshd version OpenSSH_8.8, OpenSSL 3.0.5 5 Jul 2022
debug1: private host key #0: ssh-ed25519
SHA256:csWU9fi5IWZ7AOmRGcYQJgHi5jk2jEG6x3Nl+EkadHk
debug1: inetd sockets after dupping: 3, 3
Connection from fd46:1ffa:d8e0::1 port 37486 on fd46:1ffa:d8e0::1 port
22 rdomain ""
debug1: Local version string SSH-2.0-OpenSSH_8.8
debug1: Remote protocol version 2.0, remote software version
OpenSSH_8.8
debug1: compat_banner: match: OpenSSH_8.8 pat OpenSSH* compat
0x04000000
debug2: fd 3 setting O_NONBLOCK
debug3: ssh_sandbox_init: preparing seccomp filter sandbox
debug2: Network child is on pid 63940
debug3: preauth child monitor started
debug1: SELinux support enabled [preauth]
debug1: ssh_selinux_change_context: setting context from
'unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023' to
'unconfined_u:unconfined_r:sshd_net_t:s0-s0:c0.c1023' [preauth]
debug3: ssh_selinux_change_context: setcon
unconfined_u:unconfined_r:sshd_net_t:s0-s0:c0.c1023 from
unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 failed with
Invalid argument [preauth]
debug3: privsep user:group 74:74 [preauth]
debug1: permanently_set_uid: 74/74 [preauth]
debug3: ssh_sandbox_child: setting PR_SET_NO_NEW_PRIVS [preauth]
debug3: ssh_sandbox_child: attaching seccomp filter program [preauth]
debug1: list_hostkey_types: ssh-ed25519 [preauth]
debug3: send packet: type 20 [preauth]
debug1: SSH2_MSG_KEXINIT sent [preauth]
debug3: receive packet: type 20 [preauth]
debug1: SSH2_MSG_KEXINIT received [preauth]
debug2: local server KEXINIT proposal [preauth]
debug2: KEX algorithms:
curve25519-sha256,curve25519-sha256 at libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512
[preauth]
debug2: host key algorithms: ssh-ed25519 [preauth]
debug2: ciphers ctos:
aes256-gcm at openssh.com,chacha20-poly1305 at openssh.com,aes256-ctr,aes128-gcm at openssh.com,aes128-ctr
[preauth]
debug2: ciphers stoc:
aes256-gcm at openssh.com,chacha20-poly1305 at openssh.com,aes256-ctr,aes128-gcm at openssh.com,aes128-ctr
[preauth]
debug2: MACs ctos:
hmac-sha2-256-etm at openssh.com,hmac-sha1-etm at openssh.com,umac-128-etm at openssh.com,hmac-sha2-512-etm at openssh.com,hmac-sha2-256,hmac-sha1,umac-128 at openssh.com,hmac-sha2-512
[preauth]
debug2: MACs stoc:
hmac-sha2-256-etm at openssh.com,hmac-sha1-etm at openssh.com,umac-128-etm at openssh.com,hmac-sha2-512-etm at openssh.com,hmac-sha2-256,hmac-sha1,umac-128 at openssh.com,hmac-sha2-512
[preauth]
debug2: compression ctos: none,zlib at openssh.com [preauth]
debug2: compression stoc: none,zlib at openssh.com [preauth]
debug2: languages ctos:  [preauth]
debug2: languages stoc:  [preauth]
debug2: first_kex_follows 0  [preauth]
debug2: reserved 0  [preauth]
debug2: peer client KEXINIT proposal [preauth]
debug2: KEX algorithms:
curve25519-sha256,curve25519-sha256 at libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,ext-info-c
[preauth]
debug2: host key algorithms:
ssh-ed25519-cert-v01 at openssh.com,ecdsa-sha2-nistp256-cert-v01 at openssh.com,ecdsa-sha2-nistp384-cert-v01 at openssh.com,ecdsa-sha2-nistp521-cert-v01 at openssh.com,sk-ssh-ed25519-cert-v01 at openssh.com,sk-ecdsa-sha2-nistp256-cert-v01 at openssh.com,rsa-sha2-512-cert-v01 at openssh.com,rsa-sha2-256-cert-v01 at openssh.com,ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,sk-ssh-ed25519 at openssh.com,sk-ecdsa-sha2-nistp256 at openssh.com,rsa-sha2-512,rsa-sha2-256
[preauth]
debug2: ciphers ctos:
aes256-gcm at openssh.com,chacha20-poly1305 at openssh.com,aes256-ctr,aes128-gcm at openssh.com,aes128-ctr
[preauth]
debug2: ciphers stoc:
aes256-gcm at openssh.com,chacha20-poly1305 at openssh.com,aes256-ctr,aes128-gcm at openssh.com,aes128-ctr
[preauth]
debug2: MACs ctos:
hmac-sha2-256-etm at openssh.com,hmac-sha1-etm at openssh.com,umac-128-etm at openssh.com,hmac-sha2-512-etm at openssh.com,hmac-sha2-256,hmac-sha1,umac-128 at openssh.com,hmac-sha2-512
[preauth]
debug2: MACs stoc:
hmac-sha2-256-etm at openssh.com,hmac-sha1-etm at openssh.com,umac-128-etm at openssh.com,hmac-sha2-512-etm at openssh.com,hmac-sha2-256,hmac-sha1,umac-128 at openssh.com,hmac-sha2-512
[preauth]
debug2: compression ctos: none,zlib at openssh.com,zlib [preauth]
debug2: compression stoc: none,zlib at openssh.com,zlib [preauth]
debug2: languages ctos:  [preauth]
debug2: languages stoc:  [preauth]
debug2: first_kex_follows 0  [preauth]
debug2: reserved 0  [preauth]
debug1: kex: algorithm: curve25519-sha256 [preauth]
debug1: kex: host key algorithm: ssh-ed25519 [preauth]
debug1: kex: client->server cipher: aes256-gcm at openssh.com MAC:
<implicit> compression: none [preauth]
debug1: kex: server->client cipher: aes256-gcm at openssh.com MAC:
<implicit> compression: none [preauth]
debug1: kex: curve25519-sha256 need=32 dh_need=32 [preauth]
debug3: mm_request_send: entering, type 120 [preauth]
debug3: mm_request_receive_expect: entering, type 121 [preauth]
debug3: mm_request_receive: entering [preauth]
debug3: mm_request_receive: entering
debug3: monitor_read: checking request 120
debug3: mm_request_send: entering, type 121
debug1: kex: curve25519-sha256 need=32 dh_need=32 [preauth]
debug3: mm_request_send: entering, type 120 [preauth]
debug3: mm_request_receive_expect: entering, type 121 [preauth]
debug3: mm_request_receive: entering [preauth]
debug3: mm_request_receive: entering
debug3: monitor_read: checking request 120
debug3: mm_request_send: entering, type 121
debug1: expecting SSH2_MSG_KEX_ECDH_INIT [preauth]
debug3: receive packet: type 30 [preauth]
debug1: SSH2_MSG_KEX_ECDH_INIT received [preauth]
debug3: mm_sshkey_sign: entering [preauth]
debug3: mm_request_send: entering, type 6 [preauth]
debug3: mm_sshkey_sign: waiting for MONITOR_ANS_SIGN [preauth]
debug3: mm_request_receive_expect: entering, type 7 [preauth]
debug3: mm_request_receive: entering [preauth]
debug3: mm_request_receive: entering
debug3: monitor_read: checking request 6
debug3: mm_answer_sign: entering
debug3: mm_answer_sign: ssh-ed25519 KEX signature len=83
debug3: mm_request_send: entering, type 7
debug2: monitor_read: 6 used once, disabling now
debug3: send packet: type 31 [preauth]
debug3: send packet: type 21 [preauth]
debug2: set_newkeys: mode 1 [preauth]
debug1: rekey out after 4294967296 blocks [preauth]
debug1: SSH2_MSG_NEWKEYS sent [preauth]
debug1: Sending SSH2_MSG_EXT_INFO [preauth]
debug3: send packet: type 7 [preauth]
debug1: expecting SSH2_MSG_NEWKEYS [preauth]
debug3: receive packet: type 21 [preauth]
debug1: SSH2_MSG_NEWKEYS received [preauth]
debug2: set_newkeys: mode 0 [preauth]
debug1: rekey in after 4294967296 blocks [preauth]
debug1: KEX done [preauth]
debug3: receive packet: type 5 [preauth]
debug3: send packet: type 6 [preauth]
debug3: receive packet: type 50 [preauth]
debug1: userauth-request for user thomas service ssh-connection method
none [preauth]
debug1: attempt 0 failures 0 [preauth]
debug3: mm_getpwnamallow: entering [preauth]
debug3: mm_request_send: entering, type 8 [preauth]
debug3: mm_getpwnamallow: waiting for MONITOR_ANS_PWNAM [preauth]
debug3: mm_request_receive_expect: entering, type 9 [preauth]
debug3: mm_request_receive: entering [preauth]
debug3: mm_request_receive: entering
debug3: monitor_read: checking request 8
debug3: mm_answer_pwnamallow: entering
debug2: parse_server_config_depth: config reprocess config len 3744
debug2: parse_server_config_depth: config
/etc/ssh/sshd_config.d/40-sshvpn.conf len 272
debug3: checking match for 'Host=sshvpn.koeller.dyndns.org' user thomas
host fd46:1ffa:d8e0::1 addr fd46:1ffa:d8e0::1 laddr fd46:1ffa:d8e0::1
lport 22
debug3: match not found
debug2: parse_server_config_depth: config
/etc/ssh/sshd_config.d/40-standard-user.conf len 537
debug3: checking match for 'User=thomas' user thomas host
fd46:1ffa:d8e0::1 addr fd46:1ffa:d8e0::1 laddr fd46:1ffa:d8e0::1 lport
22
debug1: user thomas matched 'User thomas' at line 1
debug3: match found
debug3: /etc/ssh/sshd_config.d/40-standard-user.conf:4 setting
AuthenticationMethods hostbased
debug3: /etc/ssh/sshd_config.d/40-standard-user.conf:6 setting
AllowUsers thomas
debug3: /etc/ssh/sshd_config.d/40-standard-user.conf:7 setting
DenyUsers none
debug3: /etc/ssh/sshd_config.d/40-standard-user.conf:8 setting
ForceCommand none
debug3: /etc/ssh/sshd_config.d/40-standard-user.conf:9 setting
GSSAPIAuthentication no
debug3: /etc/ssh/sshd_config.d/40-standard-user.conf:10 setting
HostbasedAcceptedAlgorithms
ssh-ed25519-cert-v01 at openssh.com,ssh-ed25519
debug3: /etc/ssh/sshd_config.d/40-standard-user.conf:11 setting
HostbasedAuthentication yes
debug3: /etc/ssh/sshd_config.d/40-standard-user.conf:12 setting
HostbasedUsesNameFromPacketOnly yes
debug3: /etc/ssh/sshd_config.d/40-standard-user.conf:13 setting
IgnoreRhosts yes
debug3: /etc/ssh/sshd_config.d/40-standard-user.conf:14 setting
KerberosAuthentication no
debug3: /etc/ssh/sshd_config.d/40-standard-user.conf:15 setting
PasswordAuthentication no
debug3: /etc/ssh/sshd_config.d/40-standard-user.conf:16 setting
PermitRootLogin no
debug3: /etc/ssh/sshd_config.d/40-standard-user.conf:17 setting
PermitTTY yes
debug3: /etc/ssh/sshd_config.d/40-standard-user.conf:18 setting
PermitTunnel no
debug3: /etc/ssh/sshd_config.d/40-standard-user.conf:19 setting
PermitUserRC yes
debug3: /etc/ssh/sshd_config.d/40-standard-user.conf:20 setting
PubkeyAuthentication no
debug3: /etc/ssh/sshd_config.d/40-standard-user.conf:21 setting
PubkeyAcceptedAlgorithms ssh-ed25519,ssh-ed25519-cert-v01 at openssh.com
debug2: parse_server_config_depth: config
/etc/ssh/sshd_config.d/50-redhat.conf len 720
debug2: parse_server_config_depth: config
/etc/crypto-policies/back-ends/opensshserver.config len 1800
debug3: auth2_setup_methods_lists: checking methods
debug1: authentication methods list 0: hostbased
debug3: mm_answer_pwnamallow: sending MONITOR_ANS_PWNAM: 1
debug3: mm_request_send: entering, type 9
debug2: monitor_read: 8 used once, disabling now
debug2: input_userauth_request: setting up authctxt for thomas
[preauth]
debug3: mm_start_pam entering [preauth]
debug3: mm_request_send: entering, type 100 [preauth]
debug3: mm_inform_authserv: entering [preauth]
debug3: mm_request_send: entering, type 4 [preauth]
debug3: mm_inform_authrole: entering [preauth]
debug3: mm_request_send: entering, type 80 [preauth]
debug3: auth2_setup_methods_lists: checking methods [preauth]
debug1: authentication methods list 0: hostbased [preauth]
debug2: Unrecognized authentication method name: none [preauth]
debug3: user_specific_delay: user specific delay 0.000ms [preauth]
debug3: ensure_minimum_time_since: elapsed 0.747ms, delaying 6.577ms
(requested 7.323ms) [preauth]
debug3: mm_request_receive: entering
debug3: monitor_read: checking request 100
debug1: PAM: initializing for "thomas"
debug1: PAM: setting PAM_RHOST to "fd46:1ffa:d8e0::1"
debug1: PAM: setting PAM_TTY to "ssh"
debug2: monitor_read: 100 used once, disabling now
debug3: mm_request_receive: entering
debug3: monitor_read: checking request 4
debug3: mm_answer_authserv: service=ssh-connection, style=
debug2: monitor_read: 4 used once, disabling now
debug3: mm_request_receive: entering
debug3: monitor_read: checking request 80
debug3: mm_answer_authrole: role=
debug2: monitor_read: 80 used once, disabling now
debug3: userauth_finish: failure partial=0 next methods="hostbased"
[preauth]
debug3: send packet: type 51 [preauth]
debug3: mm_request_send: entering, type 122 [preauth]
debug3: mm_request_receive_expect: entering, type 123 [preauth]
debug3: mm_request_receive: entering [preauth]
debug3: mm_request_receive: entering
debug3: monitor_read: checking request 122
debug3: mm_request_send: entering, type 123
Connection closed by authenticating user thomas fd46:1ffa:d8e0::1 port
37486 [preauth]
debug1: do_cleanup [preauth]
debug3: PAM: sshpam_thread_cleanup entering [preauth]
debug3: mm_request_send: entering, type 124 [preauth]
debug3: mm_request_receive: entering
debug3: monitor_read: checking request 124
debug1: monitor_read_log: child log fd closed
debug3: mm_request_receive: entering
debug1: do_cleanup
debug1: PAM: cleanup
debug3: PAM: sshpam_thread_cleanup entering
debug1: Killing privsep child 63940
[

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.


More information about the openssh-bugs mailing list