ssh -vvv

Lumpkin, Buddy Buddy.Lumpkin at nordstrom.com
Sat Apr 12 12:26:51 EST 2003


Hello All,

I just had an interesting experience tracking down a bug on Solaris 8, and ssh -vvv was of no help which is part of the reason why I write this email.

When DSA public/private keys fail to authenticate me without a password, it just falls thru to the next authentication type and I can't see a way to see why it happened.

The extra debug levels don't tell me "Hey you idiot, the permissions are wrong on the home directory", or "sorry dummy, but the PAM library (or whatever API it relies on) said I can't authenticate you and I don't know why

Is there a way to try and get this kind of information?

Usually I can track down problems, but in this case, we had a userid that we intentionally set to no passwd "*LK*" in Solaris. We had keys setup so that ssh could be used to run rsync with no pass phrase and after adding a patch cluster to Solaris it broke.

It turned out that setting a password fixes the problem, but it would have been nice if debug output told me that.

Is there a debug option to sshd that might have found this?

Thanks in advance for any tips on debugging future ssh authentication problems,

--Buddy




More information about the openssh-unix-dev mailing list