Re: new ssh and "Accepted hostbased" in logs
On Thu, Jun 27, 2002 at 10:22:12AM +0200, Ralf G. R. Bergs wrote: > On Thu, 27 Jun 2002 01:05:08 -0700, Vineet Kumar wrote: > >came from stable/updates/main on security.debian.org . Do you have this > >line in your sources.list: > > > >deb http://security.debian.org/ stable/updates main contrib non-free > > Yup, and when I just re-checked it was there. Strange that there isn't a > version > for testing yet?! > > Ooops, they did it again... ;-) > > Now there's also a testing-version. As it happens, that was there before the stable version. :) -- Colin Watson [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: new ssh and "Accepted hostbased" in logs
On Thu, 27 Jun 2002 01:05:08 -0700, Vineet Kumar wrote: >came from stable/updates/main on security.debian.org . Do you have this >line in your sources.list: > >deb http://security.debian.org/ stable/updates main contrib non-free Yup, and when I just re-checked it was there. Strange that there isn't a version for testing yet?! Ooops, they did it again... ;-) Now there's also a testing-version. Thanks, guys!! -- Sign the EU petition against SPAM: L I N U X .~. http://www.politik-digital.de/spam/The Choice /V\ of a GNU /( )\ Generation ^^-^^ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: new ssh and "Accepted hostbased" in logs
* Ralf G. R. Bergs ([EMAIL PROTECTED]) [020627 00:44]: > On Thu, 27 Jun 2002 00:23:57 -0700, Vineet Kumar wrote: > > >I just upgraded to 3.4p1-0.0potato1, though, and it seems fine there. > > Did you compile it yourself, or where did U get it from? came from stable/updates/main on security.debian.org . Do you have this line in your sources.list: deb http://security.debian.org/ stable/updates main contrib non-free ? that should do it. I'm running sid, but the potato update got chosen due to its higher version number (a very odd situation indeed!) good times, Vineet -- http://www.doorstop.net/ -- "Computer Science is no more about computers than astronomy is about telescopes." -E.W. Dijkstra pgpFjoXt4Om4d.pgp Description: PGP signature
Re: new ssh and "Accepted hostbased" in logs
* Vineet Kumar ([EMAIL PROTECTED]) [020627 00:09]: > * Raghavendra Bhat ([EMAIL PROTECTED]) [020626 21:42]: > > Vineet Kumar posts : > > > > >> since upgrading to the woody/updates ssh package (3.3p10.0woody1) > > ^ > > As of now `ssh_1:3.3p1-0.0woody4_i386.deb' has come up in > > security.debian.org. Does this give a fix to this issue among others ? > > Nope. I just upgraded to 3.4p1-0.0potato1, though, and it seems fine there. good times, Vineet -- http://www.doorstop.net/ -- "Computer Science is no more about computers than astronomy is about telescopes." -E.W. Dijkstra pgpHIs045I1aR.pgp Description: PGP signature
Re: new ssh and "Accepted hostbased" in logs
* Raghavendra Bhat ([EMAIL PROTECTED]) [020626 21:42]: > Vineet Kumar posts : > > >> since upgrading to the woody/updates ssh package (3.3p10.0woody1) > ^ > As of now `ssh_1:3.3p1-0.0woody4_i386.deb' has come up in > security.debian.org. Does this give a fix to this issue among others ? Nope. good times, Vineet -- http://www.doorstop.net/ -- "Computer Science is no more about computers than astronomy is about telescopes." -E.W. Dijkstra pgpI9hFr6ilKJ.pgp Description: PGP signature
Re: new ssh and "Accepted hostbased" in logs
Vineet Kumar posts : >> since upgrading to the woody/updates ssh package (3.3p10.0woody1) ^ As of now `ssh_1:3.3p1-0.0woody4_i386.deb' has come up in security.debian.org. Does this give a fix to this issue among others ? -- ragOO, VU2RGU<->http://gnuhead.dyndns.org/<->GPG: 1024D/F1624A6E Helping to keep the Air-Waves FREE Amateur Radio Helping to keep your Software FREE the GNU Project Helping to keep the W W W FREE Debian GNU/${kernel} -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: new ssh and "Accepted hostbased" in logs
* Ralf G. R. Bergs ([EMAIL PROTECTED]) [020626 11:47]: > On Wed, 26 Jun 2002 11:28:29 -0700, Vineet Kumar wrote: > > >I'll file a bug; I was just curious whether anyone else saw something > >similar. > > ACK. I'm seeing the same on several different systems (Debian 2.2 and > pre-3.0.) Thanks for the confirmation. It's here now: http://bugs.debian.org/151097 good times, Vineet -- http://www.doorstop.net/ -- "Computer Science is no more about computers than astronomy is about telescopes." -E.W. Dijkstra pgp5xZbp80HzM.pgp Description: PGP signature
Re: new ssh and "Accepted hostbased" in logs
On Wed, 26 Jun 2002 11:28:29 -0700, Vineet Kumar wrote: >I'll file a bug; I was just curious whether anyone else saw something >similar. ACK. I'm seeing the same on several different systems (Debian 2.2 and pre-3.0.) -- Sign the EU petition against SPAM: L I N U X .~. http://www.politik-digital.de/spam/The Choice /V\ of a GNU /( )\ Generation ^^-^^ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
new ssh and "Accepted hostbased" in logs
Hey everybody, I've noticed that since upgrading to the woody/updates ssh package (3.3p10.0woody1) My logs show "Accepted hostbased" instead of "Accepted publickey" whenever a user logs in with a public key. This is using protocol version 2, with clients of the same version (running on sid), and also for other users whose client versions I haven't yet checked. I've never used hostbased authentication before, and I'm wondering if this is just a logging error, or if I've somehow mucked up the configs so that it is using hostbased. When I connect without an agent, it does ask for my key passphrase, and ssh -v looks to me like it is using public key: debug1: authentications that can continue: publickey,password,keyboard-interactive debug1: next auth method to try is publickey debug1: userauth_pubkey_agent: testing agent key /home/vineet/.ssh/identity debug1: input_userauth_pk_ok: pkalg ssh-rsa blen 149 lastkey 0x8094400 hint -1 debug1: ssh-userauth2 successful: method publickey And here's excerpts from sshd_config on the server: # rhosts authentication should not be used RhostsAuthentication no # Don't read the user's ~/.rhosts and ~/.shosts files IgnoreRhosts yes # For this to work you will also need host keys in /etc/ssh_known_hosts RhostsRSAAuthentication no # similar for protocol version 2 HostbasedAuthentication no # Uncomment if you don't trust ~/.ssh/known_hosts for # RhostsRSAAuthentication #IgnoreUserKnownHosts yes Also, this is happening on 3 different machines (but all with the same version). So that leads me to guess that it's less likely a configuration error. So it looks to me like it's just logging it incorrectly. Has anyone else noticed this behavior? Any other incorrectly-reported auth methods you've seen? I just tried password (just to test) and it does show up as "Accepted password" in auth.log . I'll file a bug; I was just curious whether anyone else saw something similar. good times, Vineet -- http://www.doorstop.net/ -- "Computer Science is no more about computers than astronomy is about telescopes." -E.W. Dijkstra pgpiLnHjHRqsj.pgp Description: PGP signature