Non-member submission from [Keith Baker <ssh at par.dhs.org>] (fwd)

Damien Miller djm at mindrot.org
Sun Apr 9 12:57:54 EST 2000


From: Keith Baker <ssh at par.dhs.org>
To: openssh-unix-dev at mindrot.org
Subject: Password Login Failing...

I am attmepting to install ssh/sshd on my RH6.1 Intel Box.  Everything
seems to be working (not quite smooth sailing - I had to resort to
precompiled RPM for OpenSSL).  I did however get it "working."  I
generated a host key as root and then changed back to joe-user.  I created
a key for joe-user.  I then ssh'd to my own host.  I got a prompt for a
password and was very excited...  except I typed in my password and got
rejected.  Any ideas?  I am using PAM and I believe my passwords are
shadowed...

I would like to better understand the "To disable tunneled clear text
password, change to no here" comment...  Is this "clear text" passwords
which are then encrypted int he tunnel?  and what is an SKey?

#syslog

Apr  8 22:03:27 fuzzball sshd[27946]: Failed password for joe-user from 192.168.1.3 port 753
Apr  8 22:03:29 fuzzball sshd[27946]: Connection closed by 192.168.1.3
Apr  8 22:03:29 fuzzball sshd[27946]: Cannot close PAM session: System error
Apr  8 22:03:29 fuzzball sshd[27946]: Cannot delete credentials: Authentication 

# This is ssh server systemwide configuration file.

Port 22
ListenAddress 0.0.0.0
#ListenAddress :: 
HostKey /usr/local/etc/ssh_host_key
ServerKeyBits 768  
LoginGraceTime 600
KeyRegenerationInterval 3600
PermitRootLogin yes
#
# Don't read ~/.rhosts and ~/.shosts files
IgnoreRhosts yes
# Uncomment if you don't trust ~/.ssh/known_hosts for
RhostsRSAAuthentication
#IgnoreUserKnownHosts yes
StrictModes yes
X11Forwarding no
X11DisplayOffset 10
PrintMotd yes
KeepAlive yes

# Logging
SyslogFacility AUTH
LogLevel INFO
#obsoletes QuietMode and FascistLogging

RhostsAuthentication no
#
# For this to work you will also need host keys in /etc/ssh_known_hosts
RhostsRSAAuthentication no
# 
RSAAuthentication yes

# To disable tunneled clear text passwords, change to no here!
PasswordAuthentication yes
PermitEmptyPasswords no
# Uncomment to disable s/key passwords
#SkeyAuthentication no

# To change Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#AFSTokenPassing no
#KerberosTicketCleanup no
 
# Kerberos TGT Passing does only work with the AFS kaserver
#KerberosTgtPassing yes   
  
CheckMail no
UseLogin no










More information about the openssh-unix-dev mailing list