Alright, the workaround was to create a new keypair and have local
stuff install the public key as ~/.ssh/authorized_hosts
I now have access to the machine but haven't had the time to do
serious troubleshooting (and honestly, I don't want to push it too
much for fear of being locked out again).
On Fri, May 23, 2008 at 12:28 AM, Karl Goetz [EMAIL PROTECTED] wrote:
On Thu, 2008-05-22 at 07:49 +0100, Alexandros Papadopoulos wrote:
Hi all, thanks for the suggestions so far.
I talked local staff through backing up the sshd configuration file,
purging the openssh-server package and then
I'd suggest posting your sshd_config your ssh -v output.
Mike Stone
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Michel Messerschmidt schrieb:
1) Create a new temporary keypair on a non-vulnerable system and
protect the key with a good passphrase.
2) Install the temporary public key on the vulnerable system *before*
the upgrade. Because it is no weak key, it won't be blacklisted.
Note: You
Hi all, thanks for the suggestions so far.
I talked local staff through backing up the sshd configuration file,
purging the openssh-server package and then reinstalling openssh.
I'm quite frustrated to say this didn't fix anything. Had exactly the
same behaviour:
snip
debug1: Next
* Alexandros Papadopoulos [EMAIL PROTECTED] [2008-05-22 07:49 +0100]:
2. tail -f /var/log/auth.log on the server - staff reported no new
entries while I was attempting to login
You can try to get more information by running sshd -d (stop the
normal daemon before).
Nicolas
--
On Thu, 2008-05-22 at 07:49 +0100, Alexandros Papadopoulos wrote:
Hi all, thanks for the suggestions so far.
I talked local staff through backing up the sshd configuration file,
purging the openssh-server package and then reinstalling openssh.
I'm quite frustrated to say this didn't fix
On Tue, May 20, 2008 at 08:45:20PM +0100, Alexandros Papadopoulos wrote:
a) How/why were my active connections to the server killed right after
upgrading and
Don't know, I've never seen this behaviour on a debian system.
b) Why I am not allowed access now that I try to utilise the simplest
I administer a couple of remote Debian servers and must say the latest
security update has left me stranded. My only access to these machines
was over SSH, using keys. So I logged in the other night and this was
the series of events:
+ I enabled password authentication in sshd_config
On Tue, 20 May 2008 08:20:04 +0100
Alexandros Papadopoulos [EMAIL PROTECTED] wrote:
I administer a couple of remote Debian servers and must say the latest
security update has left me stranded. My only access to these machines
was over SSH, using keys. So I logged in the other night and this
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Alexandros Papadopoulos said:
+ I enabled password authentication in sshd_config
(PasswordAuthentication yes)
+ aptitude update aptitude dist-upgrade, which updated the packages
and restarted the openssh daemon
+ shortly thereafter my SSH
On Tue, May 20, 2008 at 08:20:04AM +0100, Alexandros Papadopoulos wrote:
+ I enabled password authentication in sshd_config (PasswordAuthentication
yes)
+ aptitude update aptitude dist-upgrade, which updated the packages
and restarted the openssh daemon
+ shortly thereafter my SSH
On Tue, 2008-05-20 at 08:20 +0100, Alexandros Papadopoulos wrote:
I administer a couple of remote Debian servers and must say the latest
security update has left me stranded. My only access to these machines
was over SSH, using keys. So I logged in the other night and this was
the series of
Unfortunately my question has still not been answered.
1. What's the information in /usr/share/doc/openssh-server that is so
enlightening? I don't have access to a debian machine right now so
would be nice to know. Tried downloading from
http://packages.debian.org/etch/openssh-server to no avail.
OoO En ce début de soirée du mardi 20 mai 2008, vers 21:45, Alexandros
Papadopoulos [EMAIL PROTECTED] disait:
3. Testing to see if you can still get on to a server is exactly what
I would have done, if my connection had not been killed by the server
itself a few seconds after upgrading the
On Tue, 20 May 2008 20:45:20 +0100
Alexandros Papadopoulos [EMAIL PROTECTED] wrote:
3. Testing to see if you can still get on to a server is exactly what
I would have done, if my connection had not been killed by the server
itself a few seconds after upgrading the packages. This happened on
16 matches
Mail list logo
