You need to setup pam.d to allow login roles. There should be a file in
the distro of SSH with a file called ssh in a folder called pam. Move
that file to /etc/pam.d and you should be good to go.
Ben Ricker
Senior Systems Administrator
US-Rx, Inc.
Thomas Deliduka wrote:
> It's possible I am.
>
> I'm running redhat 6.1 I have openssh-2.3.0 installed in /usr/local/openssh
> and it is running. I run it with this command:
>
> /usr/local/openssh/sbin/sshd -b 1024 -h /usr/local/openssh/etc/ssh_host_key
> -g 180
>
> When I try to connect to it with my client, it asks for my password for the
> username. I put in that password and it fails.
>
> I read the manual about what files to put where. I re-read it after sending
> my first message and it says the authorized_keys should have a copy of the
> identity.pub file. Well, I'll quote it... At this location:
>
> http://www.openbsd.org/cgi-bin/man.cgi?query=ssh#F%3c%2fB%3e%3cB%3eI%3c%2fB%
> 3e%3cB%3eL%3c%2fB%3e%3cB%3eE%3c%2fB%3e%3cB%3eS
> (I know, long url, it's encoded)
>
> It says here:
>
> $HOME/.ssh/identity.pub, $HOME/.ssh/id_dsa.pub
> Contains the public key for authentication (public part of the identity file
> in human-readable form). The contents of the $HOME/.ssh/identity.pub file
> should be added to $HOME/.ssh/authorized_keys on all machines where you wish
> to log in using RSA authentication. The contents of the
> $HOME/.ssh/id_dsa.pub file should be added to $HOME/.ssh/authorized_keys2 on
> all machines where you wish to log in using DSA authentication. These files
> are not sensitive and can (but need not) be readable by anyone. These files
> are never used automatically and are not necessary; they is only provided
> for the convenience of the user.
>
> And under authorized_keys it says:
>
> $HOME/.ssh/authorized_keys
> Lists the RSA keys that can be used for logging in as this user. The format
> of this file is described in the sshd(8) manual page. In the simplest form
> the format is the same as the .pub identity files (that is, each line
> contains the number of bits in modulus, public exponent, modulus, and
> comment fields, separated by spaces). This file is not highly sensitive,
> but the recommended permissions are read/write for the user, and not
> accessible by others.
>
> My identity.pub file looks like this:
>
> ---- BEGIN SSH2 PUBLIC KEY ----
> Comment: "1024-bit rsa"
> AAAAB3NzaC1yc2EAAACBAMgWU7Ndd/wRMWxVmzdPYBGjcvZGullbOhWCOO/qLovqstXnBZ
> x6qlwaV0tOh8e/R38vL+jiUXiffoyg2ytHAj5P8+JimA51SlwHuVr0zHOVz1lGJ2cAVnXh
> +jbGW6PLTwcp7w/yRrvCaR7QyeS3qTAfKD8D5D0mq+zj7B4XkC5BAAAABBQuUJk=
> ---- END SSH2 PUBLIC KEY ----
>
> Nothing like what it describes there or what it describes in the sshd(8) man
> file.
>
> In fact, the sshd(8) man says that the key will start with a number whereas
> mine starts with a letter which, in it's description, means that it's the
> beginning of the comment section of that line. This may very well be the
> root of my problem but I don't know how to get my public key into the format
> called for by the authorized_keys file.
>
> When I turn debug on the server, it definitely fails when trying my RSA key
> authentication.
>
> On 1/29/01 11:06 PM this was written:
>
>> You are most likely making this too hard. Since you did not say what linux
>> distro you are using I cannot be too specific. However I will assume you
>> want to ssh from the mac into the linux box. In order to do this you need
>> to have an ssh server running on the linux box. The packages that I am used
>> to (eg: redhat) have an open-ssh, open-ssh-client and open-ssh-server.
>> I install all 3 and make sure the server is running. At that point it
>> just works. You can then read the manual or for that matter last months
>> and this months Linux Journal and find out other cool things todo with it.
>> For the inital setup you do NOT need to put anything in .ssh. The packages
>> will usually populate them for you.
>
