hostbased authentication

Michael Bruns Mon, 27 Aug 2001 02:45:52 -0700

Hello,

i have problems to activate hostbased authentication for
the ssh version 3.0.1 compiled from source on Solaris 2.6.
I have read all the FAQ's about setting up hostbased
authentication and so the ssh2_config and sshd2_config
contains the hostbased option for the AllowedAuthentications
keyword. There is also the right DefaultDomain configured
and there is also a correct /etc/shosts.equiv.

The server offers auth methods 'hostbased,publickey,password'
but the client debug states:

debug: Ssh2AuthClient/sshauthc.c:316: Method 'hostbased' disabled.

Any hints are welcome.
Greetings,
M.Bruns

PS: I don't see that the ssh server/client accesses the pub keys in the
    /etc/ssh2/knownhosts directory (e.g. xxx.mpae.gwdg.de.ssh-dss.pub)
    it uses the ones i saved in the /etc/ssh2/hostkeys directory (e.g.
    key_22_xxx.pub).
    
--

Michael Bruns
Max-Planck-Institut fuer Aeronomie
Max-Planck-Strasse 2
37191 Katlenburg-Lindau (Germany)

debug: SshAppCommon/sshappcommon.c:154: Allocating global SshRegex context.
debug: SshConfig/sshconfig.c:2268: Configuration file version 1.1.
debug: SshConfig/sshconfig.c:2291: Metaconfig specifies regex style 'EGREP'.
debug: SshConfig/sshconfig.c:2357: Found heading '.*:'.
debug: SshConfig/sshconfig.c:2184: Unable to open /home/xxx/.ssh2/ssh2_config
debug: Ssh2/ssh2.c:1396: remote host = "consun2"
debug: Connecting to consun2, port 22...
debug: Ssh2Client/sshclient.c:1330: Creating transport protocol.
debug: Ssh2Transport/trcommon.c:2335: Allocating cipher: name: none, key_len: 16.
debug: Ssh2Transport/trcommon.c:2335: Allocating cipher: name: none, key_len: 16.
debug: SshAuthMethodClient/sshauthmethodc.c:137: Added "hostbased" to usable methods.
debug: Ssh2Client/sshclient.c:1362: Creating userauth protocol.
debug: client supports 1 auth methods: 'hostbased'
debug: Ssh2Common/sshcommon.c:496: local ip = 134.76.237.10, local port = 65227
debug: Ssh2Common/sshcommon.c:498: remote ip = 134.76.237.10, remote port = 22
debug: Ssh2Common/sshcommon.c:369: remote hostname is "134.76.237.10".
debug: SshConnection/sshconn.c:1889: Wrapping...
debug: Ssh2/ssh2.c:1956: Entering event loop.
debug: Remote version: SSH-1.99-3.0.1 SSH Secure Shell (non-commercial)
debug: Major: 3 Minor: 0 Revision: 1
debug: SshProtoTrKex/trkex.c:457: Making first key exchange packet.
debug: Ssh2Transport/trcommon.c:1528: Computing algorithms from key exchange.
debug: Ssh2Transport/trcommon.c:1717: lang s to c: `', lang c to s: `'
debug: Ssh2Transport/trcommon.c:1783: c_to_s: cipher aes128-cbc, mac hmac-sha1, 
compression none
debug: Ssh2Transport/trcommon.c:1786: s_to_c: cipher aes128-cbc, mac hmac-sha1, 
compression none
debug: SshProtoTrKex/trkex.c:457: Making first key exchange packet.
debug: SshKeyFile/sshkeyfile.c:353: file /home/xxx/.ssh2/hostkeys/key_22_consun2.pub 
does not exist.
debug: Remote host key found from database.
debug: Ssh2Transport/trcommon.c:2335: Allocating cipher: name: aes128-cbc, key_len: 
16.
debug: Ssh2Transport/trcommon.c:2335: Allocating cipher: name: aes128-cbc, key_len: 
16.
debug: Ssh2Common/sshcommon.c:291: Received SSH_CROSS_STARTUP packet from connection 
protocol.
debug: Ssh2Common/sshcommon.c:341: Received SSH_CROSS_ALGORITHMS packet from 
connection protocol.
debug: server offers auth methods 'hostbased,publickey,password'.
debug: SshConfig/sshconfig.c:2268: Configuration file version 1.1.
debug: SshConfig/sshconfig.c:2291: Metaconfig specifies regex style 'EGREP'.
debug: SshHostKeyIO/sshhostkeyio.c:220: Host key algorithms: ssh-dss
debug: Ssh2AuthHostBasedClient/authc-hostbased.c:672: Child: Execing 
ssh-signer...(path: /opt/this/bin/ssh-signer2)
debug: Ssh2AuthHostBasedClient/authc-hostbased.c:116: Trying "hostbased" 
authentication with `ssh-dss' key.
debug: Ssh2AuthHostBasedClient/authc-hostbased.c:290: Sending packet...
debug: Ssh2AuthHostBasedClient/authc-hostbased.c:390: ssh-signer returned 
SSH_AUTH_HOSTBASED_SIGNATURE
debug: server offers auth methods 'hostbased,publickey,password'.
debug: Ssh2AuthClient/sshauthc.c:316: Method 'hostbased' disabled.
debug: Ssh2AuthHostBasedClient/authc-hostbased.c:91: No more keys to try.
debug: ssh_pipe_stream_destroy
debug: ssh_sigchld_real_callback
debug: ssh_sigchld_process_pid: no handler for pid 14451 code 0
debug: server offers auth methods 'hostbased,publickey,password'.
debug: Ssh2Common/sshcommon.c:137: DISCONNECT received: No further authentication 
methods available.
warning: Authentication failed.
debug: Ssh2/ssh2.c:117: locally_generated = TRUE
Disconnected; no more authentication methods available (No further authentication 
methods available.).
debug: Ssh2Client/sshclient.c:1395: Destroying client.
debug: SshConnection/sshconn.c:1937: Destroying SshConn object.
debug: Ssh2Transport/trcommon.c:532: Destroying SshTransportCommon object.
debug: SshAuthMethodClient/sshauthmethodc.c:155: Calling notification callback.
debug: Ssh2Client/sshclient.c:1448: Destroying client completed.
debug: SshAuthMethodClient/sshauthmethodc.c:162: Destroying authentication method 
array.
debug: SshEventLoop/sshunixeloop.c:769: Reissuing signal for which callback was not 
yet delivered.

debug: SshAppCommon/sshappcommon.c:154: Allocating global SshRegex context.
debug: SshConfig/sshconfig.c:2268: Configuration file version 1.1.
debug: SshConfig/sshconfig.c:2291: Metaconfig specifies regex style 'EGREP'.
sshd2: SSH Secure Shell 3.0.1 (non-commercial version) on sparc-sun-solaris2.6
debug: SshHostKeyIO/sshhostkeyio.c:220: Host key algorithms: ssh-dss
debug: Becoming server.
debug: Creating listener
debug: Listener created
debug: no udp listener created.
debug: Running event loop
debug: Sshd2/sshd2.c:1062: new_connection_callback
debug: Sshd2/sshd2.c:1214: Wrapping stream with ssh_server_wrap...
debug: ssh_server_wrap: creating transport protocol
debug: Ssh2Transport/trcommon.c:2335: Allocating cipher: name: none, key_len: 16.
debug: Ssh2Transport/trcommon.c:2335: Allocating cipher: name: none, key_len: 16.
debug: SshAuthMethodServer/sshauthmethods.c:118: Added "hostbased" to usable methods.
debug: SshAuthMethodServer/sshauthmethods.c:118: Added "publickey" to usable methods.
debug: SshAuthMethodServer/sshauthmethods.c:118: Added "password" to usable methods.
debug: SshAuthMethodServer/sshauthmethods.c:133: Added "[EMAIL PROTECTED]" to usable 
methods.
debug: ssh_server_wrap: creating userauth protocol
debug: Ssh2Common/sshcommon.c:496: local ip = 134.76.237.10, local port = 22
debug: Ssh2Common/sshcommon.c:498: remote ip = 134.76.237.10, remote port = 65227
debug: Ssh2Common/sshcommon.c:369: remote hostname is "consun2.mpae.gwdg.de".
debug: SshConnection/sshconn.c:1889: Wrapping...
debug: Sshd2/sshd2.c:1232: done.
debug: new_connection_callback returning
debug: Remote version: SSH-1.99-3.0.1 SSH Secure Shell (non-commercial)
debug: Major: 3 Minor: 0 Revision: 1
debug: Ssh2Transport/trcommon.c:1528: Computing algorithms from key exchange.
debug: Ssh2Transport/trcommon.c:1717: lang s to c: `', lang c to s: `'
debug: Ssh2Transport/trcommon.c:1783: c_to_s: cipher aes128-cbc, mac hmac-sha1, 
compression none
debug: Ssh2Transport/trcommon.c:1786: s_to_c: cipher aes128-cbc, mac hmac-sha1, 
compression none
debug: Ssh2Transport/trcommon.c:2335: Allocating cipher: name: aes128-cbc, key_len: 
16.
debug: Ssh2Transport/trcommon.c:2335: Allocating cipher: name: aes128-cbc, key_len: 
16.
debug: Sshd2/sshd2.c:593: user 'xxx' service 'ssh-connection' client_ip 
'134.76.237.10' client_port '65227' completed ''
debug: Sshd2/sshd2.c:901: output: hostbased,publickey,password
debug: Ssh2AuthHostBasedRhosts/auths-hostbased-rhosts.c:370: hostbased-authentication 
(rhosts) refused: client user 'xxx', server user 'xxx', client host 
'consun2.mpae.gwdg.de'.
debug: ssh_sigchld_real_callback
debug: Ssh2Transport/trcommon.c:991: Disconnecting: reason code: 14 message: 'No 
further authentication methods available.'
debug: Ssh2Common/sshcommon.c:137: DISCONNECT received: No further authentication 
methods available.
debug: Sshd2/sshd2.c:184: locally_generated = FALSE
debug: SshServer/sshserver.c:187: Destroying server.
debug: SshConnection/sshconn.c:1937: Destroying SshConn object.
debug: SshAuthMethodServer/sshauthmethods.c:150: Calling notification callback.
debug: SshServer/sshserver.c:209: Destroying server completed.
debug: SshAuthMethodServer/sshauthmethods.c:157: Destroying authentication method 
array.
debug: Ssh2Transport/trcommon.c:532: Destroying SshTransportCommon object.
debug: Exiting event loop
debug: SshAppCommon/sshappcommon.c:168: Freeing global SshRegex context.

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

hostbased authentication

Reply via email to