To LUGNET HomepageTo LUGNET News HomepageTo LUGNET Guide Homepage
 Help on Searching
 
Post new message to lugnet.off-topic.geekOpen lugnet.off-topic.geek in your NNTP NewsreaderTo LUGNET News Traffic PageSign In (Members)
 Off-Topic / Geek / 1612
1611  |  1613
Subject: 
Re: Installing sshd?
Newsgroups: 
lugnet.off-topic.geek
Date: 
Fri, 12 May 2000 18:51:54 GMT
Reply-To: 
MATTDM@MATTDMnospam.ORG
Viewed: 
124 times
  
Sproaticus <jsproat@io.com> wrote:
debug: Received session key; encryption turned on.
debug: Installing crc compensation attack detector.
Faking authloop for illegal user jsproat from 137.65.xxx.xxx port xxx
Connection closed by 137.65.xxx.xxx

That part about "illegal user" concerns me; the docs don't exactly explain
this.  Am I putting user jsproat into the wrong group or ACL?  Arg.  Does

Yeah, that's weird.

Here's my config (for openssh 1.2.3):

  -----
# This is ssh server systemwide configuration file.

Port 22
ListenAddress 0.0.0.0
#ListenAddress ::
HostKey /etc/ssh/ssh_host_key
ServerKeyBits 768
LoginGraceTime 600
KeyRegenerationInterval 3600
PermitRootLogin no
IgnoreRhosts yes
StrictModes yes
X11Forwarding yes
X11DisplayOffset 10
PrintMotd yes
KeepAlive yes

# Logging
SyslogFacility AUTH
LogLevel INFO
#obsoletes QuietMode and FascistLogging

RhostsAuthentication no
#
# For this to work you will also need host keys in /etc/ssh_known_hosts
RhostsRSAAuthentication no
# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
IgnoreUserKnownHosts yes


#
RSAAuthentication yes

# To disable tunneled clear text passwords, change to no here!
PasswordAuthentication yes
PermitEmptyPasswords no

# To change Kerberos options
#
# We use pam_kafs for authentication instead of compiling kerberos support
# directly into openssh. (We may add it in later releases, for forwarding.)
#

#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#AFSTokenPassing no
#KerberosTicketCleanup no

# Kerberos TGT Passing does only work with the AFS kaserver
#KerberosTgtPassing yes

CheckMail no
UseLogin no
-----

Do you have a proper pam config? Something like:
-----
#%PAM-1.0
auth       required     /lib/security/pam_nologin.so
auth       required     /lib/security/pam_pwdb.so shadow nodelay
account    required     /lib/security/pam_pwdb.so
password   required     /lib/security/pam_cracklib.so
password   required     /lib/security/pam_pwdb.so shadow nullok use_authtok
session    required     /lib/security/pam_pwdb.so
session    required     /lib/security/pam_limits.so
-----

--
Matthew Miller                      --->                  mattdm@mattdm.org
Quotes 'R' Us                     --->               http://quotes-r-us.org/
Boston University Linux             --->                http://linux.bu.edu/



Message has 2 Replies:
  Re: Installing sshd?
 
(...) Thanks. I'll diff this against mine when I can login tonight. (...) D'oh! Dunno pam. What is it? Is there a manpage for it? Cheers, - jsproat (25 years ago, 12-May-00, to lugnet.off-topic.geek)
  Re: Installing sshd?
 
(...) Okay, I matched mine up with yours, but it didn't work. Investigating pam... (...) I know I'm coming off as a complete goofball, but I can't find one per se. I have a directory /etc/pam.d , with a bunch of config files in there. Do I create a (...) (25 years ago, 12-May-00, to lugnet.off-topic.geek)

Message is in Reply To:
  Installing sshd?
 
Hey all, I've built and installed sshd (1) on my Red Hat 6.2 box, and the client seems to work just fine, but the server won't accept connections. I've tried "AllowUsers x,y" and "AllowGroups x,y" in sshd_config, and I've played with about every (...) (25 years ago, 12-May-00, to lugnet.off-topic.geek)

18 Messages in This Thread:




Entire Thread on One Page:
Nested:  All | Brief | Compact | Dots
Linear:  All | Brief | Compact

This Message and its Replies on One Page:
Nested:  All | Brief | Compact | Dots
Linear:  All | Brief | Compact
    

Custom Search

©2005 LUGNET. All rights reserved. - hosted by steinbruch.info GbR