OpenSSH 3.4p1 hostbased auth - howto?
Kevin DeGraaf
kevin at kevindegraaf.net
Sat Jul 20 04:59:01 EST 2002
How do you enable hostbased authentication in OpenSSH?
I have two Red Hat 7.3 machines running openssh-3.4p1, and I would like to
be able to ssh from either of the machines to the other, as any user,
without using passwords or per-user keys.
My /etc/ssh/sshd_config contains:
[...]
IgnoreRhosts no
HostbasedAuthentication yes
[...]
My /etc/ssh/ssh_config contains:
[...]
HostbasedAuthentication yes
[...]
I created the known hosts file like so:
box1# cd /etc/ssh
box1# cp ssh_host_dsa_key.pub ssh_known_hosts2
I replicated the config directory:
box2# rm -rf /etc/ssh
box2# mkdir /etc/ssh
box2# chown 0755 /etc/ssh
box2# rcp box1:/etc/ssh/* /etc/ssh
I restarted the daemons:
box1# /sbin/service sshd restart
box2# /sbin/service sshd restart
Here's the client debugging output:
[...]
debug1: authentications that can continue: publickey,password,hostbased
debug1: next auth method to try is hostbased
debug1: Remote: Accepted by .rhosts.
debug1: Remote: Accepted host ohm-master1 ip 192.168.1.1 client_user root
server_user root
debug1: authentications that can continue: publickey,password,hostbased
debug1: Remote: Accepted by .rhosts.
debug1: Remote: Accepted host ohm-master1 ip 192.168.1.1 client_user root
server_user root
debug1: authentications that can continue: publickey,password,hostbased
debug1: userauth_hostbased: no more client hostkeys
debug1: next auth method to try is publickey
debug1: try privkey: /root/.ssh/identity
debug1: try privkey: /root/.ssh/id_rsa
debug1: try privkey: /root/.ssh/id_dsa
debug1: next auth method to try is password
root at m2's password:
What did I miss?
--
Kevin DeGraaf
More information about the openssh-unix-dev
mailing list