Re: OpenSSH 3, DEBIAN 2.2 and PAM authentication
Thus spake Benoît MARTINET, on Mon, Nov 12, 2001 at 02:52:15PM +0100: > > > I've just compiled & installed openssh-3.0p1 on my Debian 2.2 but > > > failed to login using root and users' passwords. Password > > > authentication failed all the time and it prompted "Permission Denied" > > [...] > > > Have you configured it with: > > > > --with-md5-passwords ? > > Thanks, that solve the problem... > > Ben. > You're welcome. Check to see if you /etc/shadow password entries start with $1$, if so they are MD5, and md5 isn't enabled by the default ./configure on openssh-3.0p1 so... Best regards. -- Jose Celestino <[EMAIL PROTECTED]> - "Not only is God dead, but just try to find a plumber on weekends." --Woody Allen
Re: OpenSSH 3, DEBIAN 2.2 and PAM authentication
Thus spake Benoît MARTINET, on Mon, Nov 12, 2001 at 02:52:15PM +0100: > > > I've just compiled & installed openssh-3.0p1 on my Debian 2.2 but > > > failed to login using root and users' passwords. Password > > > authentication failed all the time and it prompted "Permission Denied" > > [...] > > > Have you configured it with: > > > > --with-md5-passwords ? > > Thanks, that solve the problem... > > Ben. > You're welcome. Check to see if you /etc/shadow password entries start with $1$, if so they are MD5, and md5 isn't enabled by the default ./configure on openssh-3.0p1 so... Best regards. -- Jose Celestino <[EMAIL PROTECTED]> - "Not only is God dead, but just try to find a plumber on weekends." --Woody Allen -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: OpenSSH 3, DEBIAN 2.2 and PAM authentication
Have you configured it with: --with-md5-passwords ? Thus spake Benoît MARTINET, on Mon, Nov 12, 2001 at 12:00:12PM +0100: > (Sorry, I've already post this message, but without subject...) > > Hi, > > I've just compiled & installed openssh-3.0p1 on my Debian 2.2 but failed > to login using root and users' passwords. Password authentication failed all > the time and it prompted "Permission Denied" on the command line. > > A message, "Failed password for [user] from .." was logged in > auth.log. but i'm sure the password is correct. i wonder if the > configuration > for PAM is incorrect. Below is the content of /etc/pam.d/ssh: > > #%PAM-1.0 > auth required /lib/security/pam_unix.so shadow nodelay > auth required /lib/security/pam_nologin.so > accountrequired /lib/security/pam_unix.so > password required /lib/security/pam_cracklib.so > password required /lib/security/pam_unix.so shadow nullok > use_authtok > sessionrequired /lib/security/pam_unix.so > sessionrequired /lib/security/pam_limits.so > > all the paths and PAM modules are installed. Do anyone has any idea about > all these? > > At this time, I can connect using a DSA Key, but I would also like to > connect > using password... > > Please CC me in private, cause I don't subscribe to this list... > Thanks in advance. > > - > Benoît MARTINET - [EMAIL PROTECTED] > ----- > > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > -- Jose Celestino <[EMAIL PROTECTED]> Systems Administration SAPO.pt http://www.sapo.pt
Re: OpenSSH 3, DEBIAN 2.2 and PAM authentication
Have you configured it with: --with-md5-passwords ? Thus spake Benoît MARTINET, on Mon, Nov 12, 2001 at 12:00:12PM +0100: > (Sorry, I've already post this message, but without subject...) > > Hi, > > I've just compiled & installed openssh-3.0p1 on my Debian 2.2 but failed > to login using root and users' passwords. Password authentication failed all > the time and it prompted "Permission Denied" on the command line. > > A message, "Failed password for [user] from .." was logged in > auth.log. but i'm sure the password is correct. i wonder if the > configuration > for PAM is incorrect. Below is the content of /etc/pam.d/ssh: > > #%PAM-1.0 > auth required /lib/security/pam_unix.so shadow nodelay > auth required /lib/security/pam_nologin.so > accountrequired /lib/security/pam_unix.so > password required /lib/security/pam_cracklib.so > password required /lib/security/pam_unix.so shadow nullok > use_authtok > sessionrequired /lib/security/pam_unix.so > sessionrequired /lib/security/pam_limits.so > > all the paths and PAM modules are installed. Do anyone has any idea about > all these? > > At this time, I can connect using a DSA Key, but I would also like to > connect > using password... > > Please CC me in private, cause I don't subscribe to this list... > Thanks in advance. > > - > Benoît MARTINET - [EMAIL PROTECTED] > ----- > > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > -- Jose Celestino <[EMAIL PROTECTED]> Systems Administration SAPO.pt http://www.sapo.pt -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Help needed on MASQUERADE
On Sun, Jun 03, 2001 at 11:39:29PM +0200, Luc MAIGNAN wrote: > HI all, > > I have an internet connection on eth0 (10.0.0.1) and a private network > connection on eth1 (192.168.0.1). > > I put the masquerade configuration on a kernel 2.4.4 : > > iptables -t nat -s 192.168.0.0/24 -o ppp0 -j MASQUERADE > echo 1>/proc/sys/net/ipv4/ip_forward > And this gave you no error? Try: # iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -o eth0 -j MASQUERADE -o eth0 because "an internet connection on eth0 (10.0.0.1)"... Byes. > A workstation on my network succeeded to ping both eth0 and eth1, but didn't > succeed to go out of my network to reach the internet. > > Anyone can help me ? > > Best regards > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > -- Jose Celestino <[EMAIL PROTECTED]> - "The paradox render and the merge in complete, Nothing but the process is infinite" -- Borknagar - Colossus pgpPl9UEvqJ6P.pgp Description: PGP signature
Re: MASQUERADE problem
As modules? Have you loaded them? On Sat, Jun 02, 2001 at 12:02:04AM +0200, Luc MAIGNAN wrote: > Hi, > > I did : 'netstat -M' and netstat told me : there is no support for > ip_masquerade on this system'. > > But I have compiled my kernel with FULL NAT - including all masquerade > options - (but I don't see any file named /proc/sys/net/ipv4/ip_masquerade) > > Anyone have an idea of what can happen ? > > > Best regards > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > -- Jose Celestino <[EMAIL PROTECTED]> - "The stream of mortality flows uncontrolled, A boundless downward spiral to prospective void" -- Borknagar - Colossus pgplM0h5fziKg.pgp Description: PGP signature
Re: Help needed on MASQUERADE
On Sun, Jun 03, 2001 at 11:39:29PM +0200, Luc MAIGNAN wrote: > HI all, > > I have an internet connection on eth0 (10.0.0.1) and a private network > connection on eth1 (192.168.0.1). > > I put the masquerade configuration on a kernel 2.4.4 : > > iptables -t nat -s 192.168.0.0/24 -o ppp0 -j MASQUERADE > echo 1>/proc/sys/net/ipv4/ip_forward > And this gave you no error? Try: # iptables -t nat -A POSTROUTING -s 192.168.0.0/24 -o eth0 -j MASQUERADE -o eth0 because "an internet connection on eth0 (10.0.0.1)"... Byes. > A workstation on my network succeeded to ping both eth0 and eth1, but didn't > succeed to go out of my network to reach the internet. > > Anyone can help me ? > > Best regards > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > -- Jose Celestino <[EMAIL PROTECTED]> - "The paradox render and the merge in complete, Nothing but the process is infinite" -- Borknagar - Colossus PGP signature
Re: MASQUERADE problem
As modules? Have you loaded them? On Sat, Jun 02, 2001 at 12:02:04AM +0200, Luc MAIGNAN wrote: > Hi, > > I did : 'netstat -M' and netstat told me : there is no support for > ip_masquerade on this system'. > > But I have compiled my kernel with FULL NAT - including all masquerade > options - (but I don't see any file named /proc/sys/net/ipv4/ip_masquerade) > > Anyone have an idea of what can happen ? > > > Best regards > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] > -- Jose Celestino <[EMAIL PROTECTED]> - "The stream of mortality flows uncontrolled, A boundless downward spiral to prospective void" -- Borknagar - Colossus PGP signature
