Re: [TCLUG:15482] OpenSSH

To: tclug-list@mn-linux.org
Subject: Re: [TCLUG:15482] OpenSSH
From: Adam Maloney <adam@iexposure.com>
Date: Mon, 03 Apr 2000 16:07:27 -0500
References: <38E8EF95.E5FB4669@iexposure.com> <004e01bf9d9b$4d9d2820$dd29680a@tgt.com> <38E90155.7900A71A@iexposure.com> <001601bf9da6$ab6ad320$0100a8c0@veldy.net>
Sender: adam@bilbo.intexp.com

Just tried it, no luck.  But if it does fallback to rsh that would be
unencrypted, and a Very Bad Thing (tm) IMHO.

"Thomas T. Veldhouse" wrote:
> 
> How about "FallBackToRsh yes"?
> 
> Tom Veldhouse
> veldy@veldy.net
> 
> ----- Original Message -----
> From: "Adam Maloney" <adam@iexposure.com>
> To: <tclug-list@mn-linux.org>
> Sent: Monday, April 03, 2000 3:38 PM
> Subject: Re: [TCLUG:15482] OpenSSH
> 
> > It's the same as all the other machines:
> > Host *
> >         ForwardAgent no
> >         ForwardX11 no
> >         FallBackToRsh no
> >
> > I tried setting PasswordAuthentication to yes, but that didn't make any
> > difference.
> >
> > "Thomas T. Veldhouse" wrote:
> > >
> > > Is the default authentication set to RSA instead of text?  You will have
> to
> > > have exchanged RSA keys to make it work - or change the authentication
> > > mechanism
> > >
> > > /usr/local/etc/ssh_config (I took this from my FreeBSD server (3.4) and
> > > everything is commented - and works)
> > >
> > > # This is ssh client systemwide configuration file.  This file provides
> > > # defaults for users, and the values can be changed in per-user
> > > configuration
> > > # files or on the command line.
> > >
> > > # Configuration data is parsed as follows:
> > > #  1. command line options
> > > #  2. user-specific file
> > > #  3. system-wide file
> > > # Any configuration value is only changed the first time it is set.
> > > # Thus, host-specific definitions should be at the beginning of the
> > > # configuration file, and defaults at the end.
> > >
> > > # Site-wide defaults for various options
> > >
> > > # Host *
> > > #   ForwardAgent yes
> > > #   ForwardX11 yes
> > > #   RhostsAuthentication yes
> > > #   RhostsRSAAuthentication yes
> > > #   RSAAuthentication yes
> > > #   PasswordAuthentication yes
> > > #   FallBackToRsh yes
> > > #   UseRsh no
> > > #   BatchMode no
> > > #   CheckHostIP yes
> > > #   StrictHostKeyChecking no
> > > #   IdentityFile ~/.ssh/identity
> > > #   Port 22
> > > #   Cipher blowfish
> > > #   EscapeChar ~
> > >
> > > ----- Original Message -----
> > > From: Adam Maloney <adam@iexposure.com>
> > > To: <tclug-list@mn-linux.org>
> > > Sent: Monday, April 03, 2000 2:23 PM
> > > Subject: [TCLUG:15482] OpenSSH
> > >
> > > > So I'm standardizing all of our servers and workstations to OpenSSH.
> I
> > > > have 2 questions.
> > > >
> > > > First, when I install openssh I have to run ssh-keygen to create the
> > > > server keys.  It asks me for a passphrase.  What is this passphrase
> used
> > > > for?  It apparently happens after the key is generated.  Does it
> matter
> > > > if I enter one or not?  It says I can just leave it blank, and if I do
> > > > it doesn't complain.
> > > >
> > > > Also, I've installed it on about 10 machines so far and it's worked
> > > > flawlessly.  No problems with any of them.  Now I'm installing it on
> one
> > > > more server, similar configuration to the others (Slack-7) and there
> are
> > > > no problems during compile, but when I ssh in after doing keygen and
> > > > running sshd, it says "Permission denied, please try again".  I tried
> it
> > > > with many different accounts, I know it's not an incorrect password
> > > > problem.  When I look at the message logs it says Failed password for
> > > > <user> from <ip>
> > > >
> > > >
> > > > I have no idea how to trace the problem back.  Anyone seen this?
> > > >
> > > > --
> > > > Adam Maloney
> > > > Systems Administrator
> > > > Internet Exposure, Inc.
> > > >
> > > > ---------------------------------------------------------------------
> > > > To unsubscribe, e-mail: tclug-list-unsubscribe@mn-linux.org
> > > > For additional commands, e-mail: tclug-list-help@mn-linux.org
> > > >
> > > >
> > >
> > > ---------------------------------------------------------------------
> > > To unsubscribe, e-mail: tclug-list-unsubscribe@mn-linux.org
> > > For additional commands, e-mail: tclug-list-help@mn-linux.org
> >
> > --
> > Adam Maloney
> > Systems Administrator
> > Internet Exposure, Inc.
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: tclug-list-unsubscribe@mn-linux.org
> > For additional commands, e-mail: tclug-list-help@mn-linux.org
> >
> >
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tclug-list-unsubscribe@mn-linux.org
> For additional commands, e-mail: tclug-list-help@mn-linux.org

-- 
Adam Maloney
Systems Administrator
Internet Exposure, Inc.

Follow-Ups:
- Re: [TCLUG:15482] OpenSSH
  - From: "Thomas T. Veldhouse" <veldy@veldy.net>

References:
- OpenSSH
  - From: Adam Maloney <adam@iexposure.com>
- Re: [TCLUG:15482] OpenSSH
  - From: "Thomas T. Veldhouse" <veldy@veldy.net>
- Re: [TCLUG:15482] OpenSSH
  - From: Adam Maloney <adam@iexposure.com>
- Re: [TCLUG:15482] OpenSSH
  - From: "Thomas T. Veldhouse" <veldy@veldy.net>

Prev by Date: Re: [TCLUG:15481] Faeriedist
Next by Date: Re: [TCLUG:15481] Faeriedist
Prev by thread: Re: [TCLUG:15482] OpenSSH
Next by thread: Re: [TCLUG:15482] OpenSSH
Index(es):
- Date
- Thread