Hello, I have set up sshd to authenticate via pam_opie. When logging in with a secure shell the challenge is only displayed AFTER successfull authentication (challenge manually picked from opiekeys-file). I'm using OpenSSH 2.3.0p1 and have "KbdInteractiveAuthentication yes" set in server and client config. any ideas ?? thanks in advance bjoern "# ssh -2 192.168.1.61 -v" shows the following SSH Version OpenSSH_2.3.0p1, protocol versions 1.5/2.0. Compiled with SSL (0x0090581f). debug: Reading configuration data /etc/ssh/ssh_config debug: Applying options for * debug: ssh_connect: getuid 0 geteuid 0 anon 0 debug: Connecting to 192.168.1.61 [192.168.1.61] port 22. debug: Seeding random number generator debug: Allocated local port 963. debug: Connection established. debug: Remote protocol version 1.99, remote software version OpenSSH_2.3.0p1 debug: no match: OpenSSH_2.3.0p1 Enabling compatibility mode for protocol 2.0 debug: Local version string SSH-2.0-OpenSSH_2.3.0p1 debug: send KEXINIT debug: done debug: wait KEXINIT debug: got kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 debug: got kexinit: ssh-dss debug: got kexinit: 3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes128-cbc,aes192-cb c,aes256-cbc,rijndael128-cbc,rijndael192-cbc,rijndael256-cbc,rijndael-cbc@ly sator. liu.se debug: got kexinit: 3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes128-cbc,aes192-cb c,aes256-cbc,rijndael128-cbc,rijndael192-cbc,rijndael256-cbc,rijndael-cbc@ly sator. liu.se debug: got kexinit: hmac-sha1,hmac-md5,[EMAIL PROTECTED] debug: got kexinit: hmac-sha1,hmac-md5,[EMAIL PROTECTED] debug: got kexinit: none,zlib debug: got kexinit: none,zlib debug: got kexinit: debug: got kexinit: debug: first kex follow: 0 debug: reserved: 0 debug: done debug: kex: server->client 3des-cbc hmac-sha1 none debug: kex: client->server 3des-cbc hmac-sha1 none debug: Sending SSH2_MSG_KEX_DH_GEX_REQUEST. debug: Wait SSH2_MSG_KEX_DH_GEX_GROUP. debug: Got SSH2_MSG_KEX_DH_GEX_GROUP. debug: bits set: 485/1024 debug: Sending SSH2_MSG_KEX_DH_GEX_INIT. debug: Wait SSH2_MSG_KEX_DH_GEX_REPLY. debug: Got SSH2_MSG_KEXDH_REPLY. debug: Host '192.168.1.61' is known and matches the DSA host key. debug: bits set: 534/1024 debug: len 55 datafellows 0 debug: dsa_verify: signature correct debug: Wait SSH2_MSG_NEWKEYS. debug: GOT SSH2_MSG_NEWKEYS. debug: send SSH2_MSG_NEWKEYS. debug: done: send SSH2_MSG_NEWKEYS. debug: done: KEX2. debug: send SSH2_MSG_SERVICE_REQUEST debug: service_accept: ssh-userauth debug: got SSH2_MSG_SERVICE_ACCEPT debug: authentications that can continue: publickey,keyboard-interactive,password debug: next auth method to try is publickey debug: key does not exist: /root/.ssh/id_dsa debug: next auth method to try is keyboard-interactive debug: authentications that can continue: publickey,keyboard-interactive,password debug: next auth method to try is keyboard-interactive debug: authentications that can continue: publickey,keyboard-interactive,password debug: next auth method to try is keyboard-interactive debug: authentications that can continue: publickey,keyboard-interactive,password debug: next auth method to try is keyboard-interactive debug: next auth method to try is password [EMAIL PROTECTED]'s password:
