Mailing List Archive

Mate--

På 2000-Jan-14 klokka 12:51:01 -0600 skrivet Mate Wierdl:

: Please tell me where I can ask questions on ssh's use.

For openssh, this list will work.

: I installed openssh on two Linux boxes, one is RedHat 6.0 the other is
: RedHat 6.1. I used the rpms at

[...]

: >From one machine, I have no problems connecting to the other machine,
: but does not work the other way around. [...]
:
: On the RH 6.0 box, I have problems connectiong to the 6.1 box:
:
: ssh -v moni
: SSH Version OpenSSH-1.2.1, protocol version 1.5.
: Compiled with SSL (RSAref version).
: debug: Reading configuration data /etc/ssh/ssh_config
: debug: ssh_connect: getuid 0 geteuid 0 anon 0
: debug: Connecting to wierdlmpc.msci.memphis.edu [141.225.11.87] port
: 22.
: debug: Allocated local port 1023.
: debug: Connection established.
: ssh_exchange_identification: read: No such file or directory
/^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

This looks as if the remote server doesn't have a host key. Can you
confirm?

: debug: Calling cleanup 0x8054c80(0x0)

Have you tried running the remote server with debugging messages
enabled as well? That ought to tell you more.

--
jim knoble
jmknoble@pobox.com

: >From one machine, I have no problems connecting to the other machine,
: but does not work the other way around. [...]

My question is cancelled: I had an `ALL: ALL' entry in /etc/hosts.deny
on the machine I could not connect to, and I did not realize that the
rpm was compiled with tcpwrappers support.

But here is another bit: On one machine, I ran ssh-keygen on box A,
and copied ~mw/.ssh/identity.pub to box B as
~mw/.ssh/authorized_keys. I expected that typing `ssh B' on box A
would immediately connect me to box B, but I was still prompted for a
password. Am I reading the man page for ssh incorrectly:

The user should then copy the identity.pub to
.ssh/authorized_keys in his/her home directory on the remote machine (the
authorized_keys file corresponds to the conventional .rhosts file, and
has one key per line, though the lines can be very long). After this,
the user can log in without giving the password.

A reminder: I have installed ssh* from the rpms for US users.

Thx,

Mate
---
Mate Wierdl | Dept. of Math. Sciences | University of Memphis

Sounds like you're understanding the man page properly to me.

Check the permissions of the ~/.ssh/authorized_keys on the remote host.
Also check the StrictModes setting in /etc/ssh/sshd_config on that
machine.

Does the debug/verbose output from the client or server tell you
anything?

--
jim knoble
jmknoble@pobox.com

På 2000-Jan-15 klokka 15:18:32 -0600 skrivet Mate Wierdl:

: But here is another bit: On one machine, I ran ssh-keygen on box A,
: and copied ~mw/.ssh/identity.pub to box B as
: ~mw/.ssh/authorized_keys. I expected that typing `ssh B' on box A
: would immediately connect me to box B, but I was still prompted for a
: password. Am I reading the man page for ssh incorrectly:

[...]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Sat, 15 Jan 2000, Mate Wierdl wrote:

> But here is another bit: On one machine, I ran ssh-keygen on box A,
> and copied ~mw/.ssh/identity.pub to box B as
> ~mw/.ssh/authorized_keys. I expected that typing `ssh B' on box A
> would immediately connect me to box B, but I was still prompted for a
> password. Am I reading the man page for ssh incorrectly:

Check your permissions on your home and .ssh directories. They
should be mode 0600.

Regards,
Damien Miller

- --
| "Bombay is 250ms from New York in the new world order" - Alan Cox
| Damien Miller - http://www.mindrot.org/
| Email: djm@mindrot.org (home) -or- djm@ibs.com.au (work)


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.0 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE4gP8PormJ9RG1dI8RAhz9AJ9QbD/zCDZGBnLrZHAOZgIr2WA6BQCdFvUP
41Vu8JD83op/ZmRM0CK+ygM=
=C3ZR
-----END PGP SIGNATURE-----