hostbased failing and can't derive reason of failure in debugging output

Marc Owen mowen at gmx.net
Sun Dec 7 17:05:58 EST 2003 

Hello,

I've troubles getting the hostbased method to work. I've given up on
system-to-system for now (different versions), and I'm just trying to
debug localhost. As far as I can see, the key is accepted, but then a
sudden "Failed hostbased" is returned:

[...]
debug3: mm_answer_keyallowed: key 0x8099bc0 is disallowed
debug3: mm_append_debug: Appending debug messages for child
debug3: mm_request_send entering: type 21
debug3: mm_request_receive entering
debug3: mm_key_allowed: waiting for MONITOR_ANS_KEYALLOWED
debug3: mm_request_receive_expect entering: type 21
debug3: mm_request_receive entering
debug3: mm_send_debug: Sending debug: Accepted for hostname.domainname.tld
[192.168.1.5] by /etc/ssh/shosts.equiv. debug2: userauth_hostbased:
authenticated 0 Failed hostbased for anna from 192.168.1.5 port 33148 ssh2
[...]


The full output is in the attachment, if I've been snipping too much (I
hope it doesn't get stripped off by the mailing list software).


Some basic configuration info:

ssh_config (stripped):
Host hostname.domainname.tld
  PreferredAuthentications hostbased,publickey,password
  HostbasedAuthentication yes
  GlobalKnownHostsFile /etc/ssh/ssh_known_hosts2
  CheckHostIP yes
  StrictHostKeyChecking ask
  Protocol 2

sshd_config (stripped):
  Protocol 2
  HostbasedAuthentication yes
  IgnoreRhosts no   

shosts.equiv (stripped):
  192.168.1.5
  hostname.domainname.tld
  + +
  (Last line just for testing, obviously.)

ls /etc/ssh/:
  ssh_host_dsa_key
  ssh_host_dsa_key.pub
  ssh_host_key
  ssh_host_key.pub
  ssh_host_rsa_key
  ssh_host_rsa_key.pub
  ssh_known_hosts@
  ssh_known_hosts2
  [...]

ssh-keysign is setuid root; ssh version is 3.4p1/3.6.1p2-10(tried both).


Thanks for any help...

-------------- next part --------------
A non-text attachment was scrubbed...
Name: delme
Type: application/octet-stream
Size: 12360 bytes
Desc: not available
Url : http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20031207/7eb93ed1/attachment.obj

More information about the openssh-unix-dev mailing list