Im am testing SSH-2.0.13 on Solaris 2.6. I am trying to get hostbased
authentication to work.
I have created a $HOME/.rhosts, $HOME/.shosts a /etc/hosts.equiv, and
/etc/shosts.equiv. each of these files say:
"myhost.mydomain"
then in /etc/ssh2/knownhosts I put the public key of myhost in it.
it has the title key.22_myhost.pub
then I set the SUID bit on ssh-sig ner2
r-s--x--x /usr/local/sbin/ssh-signer2
When I use ssh. it hangs while trying to use ssh-signer2.
Please help and post a solution on the mailing archive.
many thanks.
this is the output I got from run try to log into my own machine from my
own machine.
myhost% ~ > ssh -v myhost
debug: hostname is 'myhost'.
debug: Unable to open $HOME/.ssh2/ssh2_config
debug: connecting to myhost...
debug: ssh_client_wrap: creating transport protocol
debug: ssh_client_wrap: creating userauth protocol
debug: entering event loop
debug: Ssh2Transport/trcommon.c:592/ssh_tr_input_version: Remote version:
SSH-2.
0-2.0.13 (non-commercial)
debug: Host key found from the database.
debug: Ssh2Common/sshcommon.c:155/ssh_common_special: special packet
received fr
om connection protocol: 3
debug: Ssh2Common/sshcommon.c:155/ssh_common_special: special packet
received fr
om connection protocol: 4
debug:
Ssh2AuthHostBasedClient/authc-hostbased.c:329/ssh_client_auth_hostbased:
Child: Execing ssh-signer...(path: /usr/local/bin/ssh-signer2)
This is my ssh2_config file.
# ssh2_config
# SSH 2.0 Client Configuration File
*:
Port 22
Ciphers AnyStdCipher
IdentityFile identification
AuthorizationFile authorization
RandomSeedFile random_seed
VerboseMode no
#PasswordPrompt "%U@%H's password: "
PasswordPrompt "%U's password: "
#LocalForward "110:pop3.ssh.fi:110"
#RemoteForward "3000:foobar:22"
Ssh1AgentCompatibility none
#Ssh1AgentCompatibility traditional
#Ssh1AgentCompatibility ssh2
SshSignerPath /usr/local/bin/ssh-signer2
NoDelay no
KeepAlive yes
this is my sshd2_config file
sshd2_config
# SSH 2.0 Server Configuration File
*:
Port 22
ListenAddress 0.0.0.0
Ciphers AnyStd
# Ciphers AnyCipher
# Ciphers AnyStdCipher
# Ciphers 3des
IdentityFile identification
AuthorizationFile authorization
HostKeyFile hostkey
PublicHostKeyFile hostkey.pub
RandomSeedFile random_seed
ForwardAgent yes
ForwardX11 yes
# DEPRECATED PasswordAuthentication yes
PasswordGuesses 3
# MaxConnections 50
# 0 == number of connections not limited
MaxConnections 0
# PermitRootLogin nopwd
PermitRootLogin yes
# DEPRECATED PubkeyAuthentication yes
# AllowedAuthentications publickey,password,hostbased
AllowedAuthentications hostbased
# RequiredAuthentications publickey,password
ForcePTTYAllocation no
VerboseMode no
PrintMotd yes
CheckMail yes
UserConfigDirectory "%D/.ssh2"
# UserConfigDirectory "/etc/ssh2/auth/%U"
SyslogFacility AUTH
# SyslogFacility LOCAL7
Ssh1Compatibility yes
# Sshd1Path <set by configure>
# AllowHosts localhost, foobar.com,
friendly.org
# DenyHosts evil.org, aol.com
# AllowSHosts trusted.host.org
# DenySHosts not.quite.trusted.org
# NoDelay yes
# KeepAlive yes
RequireReverseMapping yes
UserKnownHosts yes
# subsystem definitions
subsystem-sftp sftp-server
