Re: ssh issues

2007-07-18 Thread BartlebyScrivener 
On Jul 17, 7:00 am, Rob Bochan <[EMAIL PROTECTED]> wrote:
> On Monday 16 July 2007 08:02:44 pm Casey T. Deccio wrote:
>
> > Does /etc/hosts contain a valid entry for your hostname?
>
> > Casey
>

On Jul 17, 7:00 am, Rob Bochan <[EMAIL PROTECTED]> wrote:
> On Monday 16 July 2007 08:02:44 pm Casey T. Deccio wrote:

> > Does /etc/hosts contain a valid entry for your hostname?
>
> - begin hosts --
> 127.0.0.1   localhost
> 127.0.1.1   hostname

Leave those as is.

then on the client do

$>sudo ifconfig

to get the ip address of the client; then log into the server and add
a line in
/etc/hosts with the client's ip address hostname and alias

http://www.faqs.org/docs/securing/chap9sec95.html

Also helps to check /etc/hosts.deny and /etc/hosts.allow to see if you
have blocked yourself somehow, e.g. if you do hosts.deny ALL then
nobody gets in without an entry in hosts.allow

Lots of documentation available on this as it's a security matter,
just google on /etc/hosts and hosts.allow

rd


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: ssh issues

2007-07-17 Thread Rob Bochan 
OK, this is a bit crazy. However, after rebooting the machine, ssh is working 
properly.
Go figure.

...Rob

-- 
Security isn't something you download.


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: ssh issues

2007-07-17 Thread Rob Bochan 
On Tuesday 17 July 2007 10:17:26 am Steve Kemp wrote:
>   The only time I've seen similar issues is when the host had
>  no ssh key in /etc/ssh - the server didn't have them and I had
>  to regenerate them.
>
>   Have you tried searching google for the error message(s) you see
>  when connecting with -v -v -v ?

I have, that's how I came across that other thread, along with a ton of issues 
on OSX. I've tried the solutions mentioned there as well.
I'm a little baffled... I just set up anther machine, and I'm not having the 
issue on that in the least. The config (aside from some different hardware) 
and package selections are identical.

...Rob

-- 
When life gives you a leg, hump it.


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: ssh issues

2007-07-17 Thread Steve Kemp 

  The only time I've seen similar issues is when the host had
 no ssh key in /etc/ssh - the server didn't have them and I had
 to regenerate them.

  Have you tried searching google for the error message(s) you see
 when connecting with -v -v -v ?

Steve
-- 
http://www.steve.org.uk/


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: ssh issues

2007-07-17 Thread Rob Bochan 
On Monday 16 July 2007 08:02:44 pm Casey T. Deccio wrote:
>
> Does /etc/hosts contain a valid entry for your hostname?
>
> Casey

The hosts file for the trouble machine:

- begin hosts --
127.0.0.1   localhost
127.0.1.1   hostname

# The following lines are desirable for IPv6 capable hosts
::1 ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
ff02::3 ip6-allhosts
- end hosts -

I'm not sure what the '127.0.1.1' line is for. it's not the IP of the machine, 
which receives it's IP via DHCP served from a Debian (Etch) router/firewall. 
I tried commenting out that line and adding the dynamic IP, but it had the 
same result. 

...Rob 

-- 
Woody Guthrie sang about b-e-e-t-s, not b-e-a-t-s.


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: ssh issues

2007-07-16 Thread Casey T. Deccio 
On Mon, 2007-07-16 at 17:07 -0400, Rob Bochan wrote:
> I'm having some ssh issues issues on a fresh Etch install. I'm unable to ssh 
> into the machine at all. On the client end, with just having removed the 
> user's .ssh directory, what I'm seeing is as follows:

> debug1: An invalid name was supplied
> Cannot determine realm for numeric host address
> 
> debug1: An invalid name was supplied
> A parameter was malformed
> Validation error
> 
> debug1: An invalid name was supplied
> Cannot determine realm for numeric host address
> 
> debug1: An invalid name was supplied
> A parameter was malformed
> Validation error
> 
> 

Does /etc/hosts contain a valid entry for your hostname?

Casey



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

ssh issues

2007-07-16 Thread Rob Bochan 
I'm having some ssh issues issues on a fresh Etch install. I'm unable to ssh 
into the machine at all. On the client end, with just having removed the 
user's .ssh directory, what I'm seeing is as follows:

- begin output -
$ ssh [EMAIL PROTECTED]
The authenticity of host '192.168.1.25 (192.168.1.25)' can't be established.
RSA key fingerprint is a2:7d:a3:75:fa:82:db:ae:38:9f:73:83:b7:02:d5:32.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.1.25' (RSA) to the list of known hosts.
Connection closed by 192.168.1.25
$ ssh -v [EMAIL PROTECTED]
OpenSSH_4.3p2 Debian-9, OpenSSL 0.9.8c 05 Sep 2006
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to 192.168.1.25 [192.168.1.25] port 22.
debug1: Connection established.
debug1: identity file /home/user/.ssh/identity type -1
debug1: identity file /home/user/.ssh/id_rsa type -1
debug1: identity file /home/user/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_4.3p2 
Debian-9
debug1: match: OpenSSH_4.3p2 Debian-9 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.3p2 Debian-9
debug1: An invalid name was supplied
Cannot determine realm for numeric host address

debug1: An invalid name was supplied
A parameter was malformed
Validation error

debug1: An invalid name was supplied
Cannot determine realm for numeric host address

debug1: An invalid name was supplied
A parameter was malformed
Validation error

debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
The authenticity of host '192.168.1.25 (192.168.1.25)' can't be established.
RSA key fingerprint is a2:7d:a3:75:fa:82:db:ae:38:9f:73:83:b7:02:d5:32.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.1.25' (RSA) to the list of known hosts.
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
Connection closed by 192.168.1.25
- end output -

This happens no matter what username I try. It also happens when I try to ssh 
to localhost on the machine in question. I've purged and reinstalled the ssh 
server on the machine, and set the ssh server on the machine to log level 
DEBUG (the rest of the sshd_config is stock), which outputs the following to 
the auth.log, the first line being the tail end of restarting the ssh daemon:

- begin log -
Jul 16 16:29:23 hostname sshd[4222]: debug1: Bind to port 22 on 0.0.0.0.
Jul 16 16:29:32 hostname sshd[4224]: debug1: rexec start in 4 out 4 newsock 4 
pipe 6 sock 7
Jul 16 16:29:32 hostname sshd[4222]: debug1: Forked child 4224.
Jul 16 16:29:32 hostname sshd[4224]: debug1: inetd sockets after dupping: 3, 3
Jul 16 16:29:32 hostname sshd[4224]: Connection from 192.168.1.1 port 3507
Jul 16 16:29:32 hostname sshd[4224]: debug1: Client protocol version 2.0; 
client software version OpenSSH_4.3p2 Debian-9
Jul 16 16:29:32 hostname sshd[4224]: debug1: match: OpenSSH_4.3p2 Debian-9 pat 
OpenSSH*
Jul 16 16:29:32 hostname sshd[4224]: debug1: Enabling compatibility mode for 
protocol 2.0
Jul 16 16:29:32 hostname sshd[4224]: debug1: Local version string 
SSH-2.0-OpenSSH_4.3p2 Debian-9
Jul 16 16:29:34 hostname sshd[4224]: debug1: PAM: initializing for "user"
- log -

It just ends there. 
I am able to ssh and scp out of the machine in question with no problems. The 
machine is pretty bare bones, with nothing but a base install, along with 
apache and ssh.
I did find this thread from earlier this month:
http://lists.debian.org/debian-user/2007/07/thrd2.html#00450
that seems to have some similar issues, but the resolution ultimately had 
nothing to do with my situation.

If anyone could provide some insight as to where I should head with this, I'd 
appreciate it.

...Rob

-- 
This Machine Kills Fascists


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED] 
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]