Also, you might want to be careful which ssh you downloaded. The version of openssh you describe on openbsd.org and several mirrors was found to be trojaned:
http://online.securityfocus.com/news/560 doug On Thu, 1 Aug 2002, Daniel Brown wrote: > i upgraded openssl and consequently had to recompile openssh, so i > figured i would just compile+install the newest version of it (openssh). > ive done this on 2 of my 3 machines, and now i cannot ssh into them > (have to run telnet for the time being) > > when i attempt to `ssh host` (into a new (3.4p1) sshd), it: > > might complain if ~/.ssh/known_hosts lists a key different than the one > that host is providing (due to recurring reinstallation), and this is > remedied by taking that hosts entry out of the known_hosts file > > prompts for authentication, lets me try 3 times (the default), but wont > authenticate my password. this occurs when trying to login to both > updated hosts with multiple user accounts. my remaining un-updated box > will still allow logins > > ive looked (and am still looking) thru the sshd_config file, and cant > find the DenyUserRegardlessOfPassword option. any insights? > > thanks > > -- > daniel brown > UT CS undergrad > > _______________________________________________ > Siglinux mailing list > [EMAIL PROTECTED] > http://www.utacm.org/mailman/listinfo/siglinux > _______________________________________________ Siglinux mailing list [EMAIL PROTECTED] http://www.utacm.org/mailman/listinfo/siglinux
