Can't get in without a password

Wed Aug 9 07:39:21 EST 2000

On Tue, 08 Aug 2000, Rachit Siamwalla wrote:
>I have wrestled with similar problems, and the easiest way to figure it
>out is to run the sshd server in debug mode (-d i think) and try it out.

I get this:

debug: sshd version OpenSSH_2.1.1
debug: Seeding random number generator
debug: read DSA private key done
debug: Seeding random number generator
debug: Bind to port 2222 on 0.0.0.0.
Server listening on 0.0.0.0 port 2222.
Generating 768 bit RSA key.
debug: Seeding random number generator
debug: Seeding random number generator
RSA key generation complete.
debug: Server will not fork when running in debugging mode.
Connection from 207.15.133.8 port 61028
debug: Client protocol version 1.5; client software version OpenSSH_2.1.1
debug: Local version string SSH-1.99-OpenSSH_2.1.1
debug: Sent 768 bit public key and 1024 bit host key.
debug: Encryption type: 3des
debug: Received session key; encryption turned on.
debug: Installing crc compensation attack detector.
debug: Starting up PAM with username "phma"
debug: Attempting authentication for phma.
Failed rsa for phma from 207.15.133.8 port 61028
debug: PAM Password authentication accepted for user "phma"
Accepted password for phma from 207.15.133.8 port 61028
debug: PAM setting rhost to "i008-1.clt-nc.oltronics.net"
debug: session_new: init
debug: session_new: session 0
debug: Allocating pty.
debug: Received request for X11 forwarding with auth spoofing.
debug: Socket family 10 not supported [X11 disp create]
debug: fd 8 setting O_NONBLOCK
debug: channel 0: new [X11 inet listener]
debug: PAM setting tty to "/dev/pts/0"
debug: PAM establishing creds
debug: Entering interactive session.
debug: Setting controlling tty using TIOCSCTTY.
debug: no set_nonblock for tty fd 3
debug: no set_nonblock for tty fd 7
debug: server_init_dispatch_13
debug: server_init_dispatch_15
debug: tvp!=NULL kid 0 mili 10

I also tried with the -2 flag and got this, with the rest being the same:

debug: Client protocol version 2.0; client software version OpenSSH_2.1.1
Enabling compatibility mode for protocol 2.0
debug: Local version string SSH-1.99-OpenSSH_2.1.1
debug: send KEXINIT
debug: done
debug: wait KEXINIT
debug: got kexinit: diffie-hellman-group1-sha1
debug: got kexinit: ssh-dss
debug: got kexinit: 3des-cbc,blowfish-cbc,arcfour,cast128-cbc
debug: got kexinit: 3des-cbc,blowfish-cbc,arcfour,cast128-cbc
debug: got kexinit: hmac-sha1,hmac-md5,hmac-ripemd160 at openssh.com
debug: got kexinit: hmac-sha1,hmac-md5,hmac-ripemd160 at openssh.com
debug: got kexinit: none
debug: got kexinit: none
debug: got kexinit:
debug: got kexinit:
debug: first kex follow: 0
debug: reserved: 0
debug: done
debug: kex: client->server 3des-cbc hmac-sha1 none
debug: kex: server->client 3des-cbc hmac-sha1 none
debug: Wait SSH2_MSG_KEXDH_INIT.
debug: bits set: 531/1024
debug: bits set: 502/1024
debug: sig size 20 20
debug: send SSH2_MSG_NEWKEYS.
debug: done: send SSH2_MSG_NEWKEYS.
debug: Wait SSH2_MSG_NEWKEYS.
debug: GOT SSH2_MSG_NEWKEYS.
debug: done: KEX2.
debug: userauth-request for user phma service ssh-connection method none
debug: Starting up PAM with username "phma"
Failed none for phma from 207.15.133.8 port 61030 ssh2
debug: userauth-request for user phma service ssh-connection method publickey
debug: keytype ssh-dss
Failed publickey for phma from 207.15.133.8 port 61030 ssh2
debug: userauth-request for user phma service ssh-connection method password
debug: PAM Password authentication accepted for user "phma"

I have checked that both keys on the remote host match the ones in my
identity.pub and id_dsa.pub. I also notice that every time I try to ssh in, a
line appears in /var/log/messages: "can't locate module net-pf-10". I have no
idea what a kernel module could have to do with public key ssh authentication.

phma