[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[cobalt-security] can TELNET can NOT SSH?
- Subject: [cobalt-security] can TELNET can NOT SSH?
- From: Warren Daly <warren.daly@xxxxxxxxx>
- Date: Fri, 30 Nov 2001 10:17:10 -0000
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
> Hello,
I have freshly installed a COBALT RAQ 4i. I have installed SSL and then
compiled/installed SSH 3.0.1
> I can telnet to the machine and gain access.
> I can SSH to the box and get prompted for username and password I input
> the correct password but it will not allow me access. The password is
> correct!! I did read something about copying a file sshd.pam to
> /etc/pam.d and renaming it to sshd. Which I did but this does not work. I
> have also added the line to sshd_config which is
AllowUsers username
> This didn't work either!!! I cannot find anything else. I have compiled
> with and without PAM. Did you have the same problems! please help?
> thanks,
> warren
>
>
> ****SSHD****
> [root sbin]# ./sshd -d
> debug1: Seeding random number generator
> debug1: sshd version OpenSSH_3.0p1
> debug1: private host key: #0 type 0 RSA1
> debug1: read PEM private key done: type RSA
> debug1: private host key: #1 type 1 RSA
> debug1: read PEM private key done: type DSA
> debug1: private host key: #2 type 2 DSA
> socket: Invalid argument
> debug1: Bind to port 22 on 0.0.0.0.
> Server listening on 0.0.0.0 port 22.
> Generating 768 bit RSA key.
> RSA key generation complete.
> debug1: Server will not fork when running in debugging mode.
> Connection from 193.x.x.x port 2553
> debug1: Client protocol version 1.5; client software version PuTTY
> debug1: no match: PuTTY
> debug1: Local version string SSH-1.99-OpenSSH_3.0p1
> debug1: Rhosts Authentication disabled, originating port not trusted.
> debug1: Sent 768 bit server key and 1024 bit host key.
> debug1: Encryption type: 3des
> debug1: Received session key; encryption turned on.
> debug1: Installing crc compensation attack detector.
> debug1: Attempting authentication for admin.
> Failed password for admin from 193.x.x.x port 2553
> Failed password for admin from 193.x.x.x port 2553
> Failed password for admin from 193.x.x.x port 2553
> Failed password for admin from 193.x.x.x port 2553
> Read from socket failed: Connection reset by peer
> debug1: Calling cleanup 0x806678c(0x0)
>
> ***my sshd_config file ***
>
> Port 22
> #Protocol 2,1
> #ListenAddress 0.0.0.0
> #ListenAddress ::
>
> # HostKey for protocol version 1
> HostKey /usr/local/etc/ssh_host_key
> # HostKeys for protocol version 2
> HostKey /usr/local/etc/ssh_host_rsa_key
> HostKey /usr/local/etc/ssh_host_dsa_key
>
> # Lifetime and size of ephemeral version 1 server key
> KeyRegenerationInterval 3600
> ServerKeyBits 768
>
> # Logging
> SyslogFacility AUTH
> LogLevel INFO
> #obsoletes QuietMode and FascistLogging
>
> # Authentication:
>
> LoginGraceTime 600
> PermitRootLogin yes
> StrictModes yes
>
> RSAAuthentication yes
> PubkeyAuthentication yes
> #AuthorizedKeysFile %h/.ssh/authorized_keys
>
> # rhosts authentication should not be used
> RhostsAuthentication no
> # Don't read the user's ~/.rhosts and ~/.shosts files
> IgnoreRhosts yes
> # For this to work you will also need host keys in
> /usr/local/etc/ssh_known_hosts
> RhostsRSAAuthentication no
> # similar for protocol version 2
> HostbasedAuthentication no
> # Uncomment if you don't trust ~/.ssh/known_hosts for
> RhostsRSAAuthentication
> #IgnoreUserKnownHosts yes
>
> # To disable tunneled clear text passwords, change to no here!
> PasswordAuthentication yes
> PermitEmptyPasswords no
>
> # Uncomment to disable s/key passwords
> #ChallengeResponseAuthentication no
> "sshd_config" 80L, 2049C
>
>
>
>
>