Forwarding this to the list, where it ought to have been all along. Sorry, Kelly.
Lisi ---------- Forwarded Message ---------- Subject: Re: ssh connection Date: Tuesday 02 October 2012, 21:49:32 From: Lisi Reisz <lisi.re...@gmail.com> To: Kelly Clowers <kelly.clow...@gmail.com> On 2 October 2012 17:46, Kelly Clowers <kelly.clow...@gmail.com> wrote: > On Tue, Oct 2, 2012 at 7:17 AM, Lisi Reisz <hants...@googlemail.com> > wrote: > > I am trying to set up a small network of three machines to > intercommunicate > > via ssh. Machines B and C are running Squeeze with Trinity DE, machine > A is > > running Lenny with KDE3. (The other Squeeze machine turned up its toes > and > > died this morning. :-( So I had to bring poor old Lenny back on stream.) > > > > I have been using Google to good effect for almost the whole process, > about > > which I am a total ignoramus, but I have hit an impasse from which much > > Googling cannot extricate me. > > > > I have machines A, B, C. All three can ping each other and the router. > > > > Machine A can ssh into both the other machines. Machine C can ssh into > both > > the other machines. Machine B can ssh into Machine C, but not into > Machine > > A. > > > > I am now reluctant to do anything too drastic in case I kibosh even what > I > > have got. > > > > Anyone got any suggestions what I could try? Could I supply more helpful > > data? I have done a ssh -v and the result is below. > > What does your sshd config file look like on A? Are you using RSA > certs for authentication? > > Thanks, Kelly. Herewith. > Lisi > > # Package generated configuration file > > # See the sshd(8) manpage for details > > >> # What ports, IPs and protocols we listen for > > Port 22 > > # Use these options to restrict which interfaces/protocols sshd will bind >> to > > #ListenAddress :: > > #ListenAddress 0.0.0.0 > > Protocol 2 > > # HostKeys for protocol version 2 > > HostKey /etc/ssh/ssh_host_rsa_key > > HostKey /etc/ssh/ssh_host_dsa_key > > #Privilege Separation is turned on for security > > UsePrivilegeSeparation yes > > >> # Lifetime and size of ephemeral version 1 server key > > KeyRegenerationInterval 3600 > > ServerKeyBits 768 > > >> # Logging > > SyslogFacility AUTH > > LogLevel INFO > > >> # Authentication: > > LoginGraceTime 120 > > PermitRootLogin yes > > StrictModes yes > > >> RSAAuthentication yes > > PubkeyAuthentication yes > > #AuthorizedKeysFile %h/.ssh/authorized_keys > > >> # Don't read the user's ~/.rhosts and ~/.shosts files > > IgnoreRhosts yes > > # For this to work you will also need host keys in /etc/ssh_known_hosts > > RhostsRSAAuthentication no > > # similar for protocol version 2 > > HostbasedAuthentication no > > # Uncomment if you don't trust ~/.ssh/known_hosts for >> RhostsRSAAuthentication > > #IgnoreUserKnownHosts yes > > >> # To enable empty passwords, change to yes (NOT RECOMMENDED) > > PermitEmptyPasswords no > > >> # Change to yes to enable challenge-response passwords (beware issues with > > # some PAM modules and threads) > > ChallengeResponseAuthentication no > > >> # Change to no to disable tunnelled clear text passwords > > #PasswordAuthentication yes > > >> # Kerberos options > > #KerberosAuthentication no > > #KerberosGetAFSToken no > > #KerberosOrLocalPasswd yes > > #KerberosTicketCleanup yes > > >> # GSSAPI options > > #GSSAPIAuthentication no > > #GSSAPICleanupCredentials yes > > >> X11Forwarding yes > > X11DisplayOffset 10 > > PrintMotd no > > PrintLastLog yes > > TCPKeepAlive yes > > #UseLogin no > > >> #MaxStartups 10:30:60 > > #Banner /etc/issue.net > > >> # Allow client to pass locale environment variables > > AcceptEnv LANG LC_* > > >> Subsystem sftp /usr/lib/openssh/sftp-server > > >> UsePAM yes > > -- > To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org > with a subject of "unsubscribe". Trouble? Contact > listmas...@lists.debian.org > Archive: > http://lists.debian.org/CAFoWM=8w1poumvafbfh+hl0q5f5ntqymibk8avbsqlhoj6j...@mail.gmail.com > > ------------------------------------------------------- -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/201210030847.58594.lisi.re...@gmail.com