Платформа: SunOS stat 5.9 Generic_112233-10 sun4u sparc SUNW,Ultra-2
Версия SSH: SSH Version Sun_SSH_1.0, protocol versions 1.5/2.0.
Пытаюсь настроить HostbasedAuthentication для того, чтобы соединятся через PuTTY. Ничего не выходит, хотя через PasswordAuthentication, например, соединяюсь нормально.
Вот лог попытки соединения:
bash-2.05# $(which sshd) -d
debug1: sshd version OpenSSH_4.2p1
debug1: private host key: #0 type 0 RSA1
debug1: read PEM private key done: type RSA
debug1: private host key: #1 type 1 RSA
debug1: read PEM private key done: type DSA
debug1: private host key: #2 type 2 DSA
debug1: rexec_argv[0]='/usr/local/sbin/sshd'
debug1: rexec_argv[1]='-d'
debug1: Bind to port 22 on ::.
Server listening on :: port 22.
debug1: Bind to port 22 on 0.0.0.0.
Server listening on 0.0.0.0 port 22.
Generating 768 bit RSA key.
RSA key generation complete.
debug1: fd 6 clearing O_NONBLOCK
debug1: Server will not fork when running in debugging mode.
debug1: rexec start in 6 out 6 newsock 6 pipe -1 sock 11
debug1: inetd sockets after dupping: 4, 4
Connection from 82.179.2.3 port 3248
debug1: Client protocol version 2.0; client software version PuTTY-Release-0.53b
debug1: no match: PuTTY-Release-0.53b
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-1.99-OpenSSH_4.2
debug1: permanently_set_uid: 102/100
debug1: list_hostkey_types: ssh-rsa,ssh-dss
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: client->server aes256-cbc hmac-sha1 none
debug1: kex: server->client aes256-cbc hmac-sha1 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST_OLD received
debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_INIT
debug1: SSH2_MSG_KEX_DH_GEX_REPLY sent
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: KEX done
debug1: userauth-request for user demid service ssh-connection method none
debug1: attempt 0 failures 0
Failed none for demid from 82.179.2.3 port 3248 ssh2
Received disconnect from 82.179.2.3: 11: No supported authentication methods available
debug1: do_cleanup
debug1: do_cleanup
Вот настройки:
bash-2.05# cat shosts.equiv
+ nik.kemsu.ru demid
bash-2.05# cat ssh_known_hosts
nik.kemsu.ru ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAIBJfz0lJFHnVnyvGSFD4q4eo8WcCq0ibJfL/229tMmY2hwox3YpUPV1 r2iqueCYJ3x3EqCViXFh4Q2XRypwJ8H0mAWR10b6EbLvbAN9caM3IOkFXVJNuzGJD0zoKqgabyvXKfJ8 EU/0Cy0NPdPNsqV4BIXElbNn4Zauml5rr+/aXw== nik.kemsu.ru
bash-2.05# cat sshd_config
# $OpenBSD: sshd_config,v 1.56 2002/06/20 23:37:12 markus Exp $
# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.
# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin
# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented. Uncommented options change a
# default value.
#Port 22
#Protocol 2,1
#ListenAddress 0.0.0.0
#ListenAddress ::
# HostKey for protocol version 1
#HostKey /usr/local/etc/ssh_host_key
# HostKeys for protocol version 2
#HostKey /usr/local/etc/ssh_host_rsa_key
#HostKey /usr/local/etc/ssh_host_dsa_key
# Lifetime and size of ephemeral version 1 server key
#KeyRegenerationInterval 3600
#ServerKeyBits 768
# Logging
#obsoletes QuietMode and FascistLogging
#SyslogFacility AUTH
#LogLevel INFO
# Authentication:
#LoginGraceTime 600
#PermitRootLogin yes
#StrictModes yes
RSAAuthentication no
PubkeyAuthentication no
#AuthorizedKeysFile .ssh/authorized_keys
# Don't read the user's ~/.rhosts and ~/.shosts files
IgnoreRhosts yes
# For this to work you will also need host keys in /usr/local/etc/ssh_known_hosts
RhostsRSAAuthentication no
# similar for protocol version 2
HostbasedAuthentication yes
# Change to yes if you don't trust ~/.ssh/known_hosts for
# RhostsRSAAuthentication and HostbasedAuthentication
IgnoreUserKnownHosts yes
# To disable tunneled clear text passwords, change to no here!
PermitEmptyPasswords no
PasswordAuthentication no
# Change to no to disable s/key passwords
#ChallengeResponseAuthentication yes
ChallengeResponseAuthentication no
#AFSTokenPassing no
# Kerberos TGT Passing only works with the AFS kaserver
#KerberosTgtPassing no
X11Forwarding no
X11DisplayOffset 10
X11UseLocalhost yes
#PrintMotd yes
#PrintLastLog yes
#KeepAlive yes
#UseLogin no
#UsePrivilegeSeparation yes
#Compression yes
#MaxStartups 10
# no default banner path
#Banner /some/path
#VerifyReverseMapping no
# override default of no subsystems
Subsystem sftp /usr/local/libexec/sftp-server
Ответ на:
комментарий
от Harmont
Ответ на:
комментарий
от kilolife
Вы не можете добавлять комментарии в эту тему. Тема перемещена в архив.