EaglePress
asked on
SSH on redhat 6.2 cannot connect
Greeting experts. I have a redhat 6.2 server that I recently had to reinstall the operating system files as a few files were deleted. Seems like most things are up and runnig except for the ssh capability. I have installed the ssh application and it almost works. I say almost because I can connect from another linux server using the command:
ssh server@domain.com
Then I am prompted for a password. When I enter the correct password I get permission denied. I have attempted to create a new user and then connect. No luck either. I can connect using ssh from the 6.2 box to other linux boxes I just canot connect via ssh to the 6.2 box. I am giving good points for this because I need this to work ASAP. Thanks in advance.
Here are the directions that I followed to make/install the app.
http://www.helpdesk.umd.edu/os/linux_redhat_6_2/installation/168/
ssh server@domain.com
Then I am prompted for a password. When I enter the correct password I get permission denied. I have attempted to create a new user and then connect. No luck either. I can connect using ssh from the 6.2 box to other linux boxes I just canot connect via ssh to the 6.2 box. I am giving good points for this because I need this to work ASAP. Thanks in advance.
Here are the directions that I followed to make/install the app.
http://www.helpdesk.umd.edu/os/linux_redhat_6_2/installation/168/
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
/etc/hosts.allow and hosts.deny are files listing the IP address either explicitly allowed or explitchly banned from connecting to your server, but you are not using them so that isn't a problem.
I can't see anything in your sshd debug log.
Can you post the ssh -v -v log from the client?
and your sshd.conf file
Are you using any other user authentification methods other than passwd file (i.e. nis, nis+ or LDAP)?
I can't see anything in your sshd debug log.
Can you post the ssh -v -v log from the client?
and your sshd.conf file
Are you using any other user authentification methods other than passwd file (i.e. nis, nis+ or LDAP)?
ASKER
I did locate sshd.conf...no file found with that name.
As far as I know the only authentication being used is the same as creating a new user and giving the user a password. i.e. regular logon passwords.
This is from the client machine:
[jhawley@atlantis jhawley]$ ssh -v -v eagle.eaglepress.net
OpenSSH_3.1p1, SSH protocols 1.5/2.0, OpenSSL 0x0090602f
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: restore_uid
debug1: ssh_connect: getuid 501 geteuid 0 anon 1
debug1: Connecting to eagle.eaglepress.net [10.10.0.5] port 22.
debug1: temporarily_use_uid: 501/501 (e=0)
debug1: restore_uid
debug1: temporarily_use_uid: 501/501 (e=0)
ssh: connect to address 10.10.0.5 port 22: Connection refused
debug1: restore_uid
debug1: Connecting to eagle.eaglepress.net [65.196.69.69] port 22.
debug1: temporarily_use_uid: 501/501 (e=0)
debug1: restore_uid
debug1: temporarily_use_uid: 501/501 (e=0)
ssh: connect to address 65.196.69.69 port 22: Connection refused
debug1: restore_uid
As far as I know the only authentication being used is the same as creating a new user and giving the user a password. i.e. regular logon passwords.
This is from the client machine:
[jhawley@atlantis jhawley]$ ssh -v -v eagle.eaglepress.net
OpenSSH_3.1p1, SSH protocols 1.5/2.0, OpenSSL 0x0090602f
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: restore_uid
debug1: ssh_connect: getuid 501 geteuid 0 anon 1
debug1: Connecting to eagle.eaglepress.net [10.10.0.5] port 22.
debug1: temporarily_use_uid: 501/501 (e=0)
debug1: restore_uid
debug1: temporarily_use_uid: 501/501 (e=0)
ssh: connect to address 10.10.0.5 port 22: Connection refused
debug1: restore_uid
debug1: Connecting to eagle.eaglepress.net [65.196.69.69] port 22.
debug1: temporarily_use_uid: 501/501 (e=0)
debug1: restore_uid
debug1: temporarily_use_uid: 501/501 (e=0)
ssh: connect to address 65.196.69.69 port 22: Connection refused
debug1: restore_uid
You have to restart sshd (running it in debug mode kills it after each logout).
Typo config file should be sshd_config
it could be in /etc or /usr/local/etc
Typo config file should be sshd_config
it could be in /etc or /usr/local/etc
ASKER
found it in /etc/ssh
[root@eagle ssh]# vi sshd_config
# $OpenBSD: sshd_config,v 1.48 2002/02/19 02:50:59 deraadt Exp $
# This is the sshd server system-wide configuration file. See sshd(8)
# for more information.
# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sb
# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented. Uncommented options change a
# default value.
#Port 22
#Protocol 2,1
#ListenAddress 0.0.0.0
#ListenAddress ::
# HostKey for protocol version 1
#HostKey /etc/ssh/ssh_host_key
# HostKeys for protocol version 2
#HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/ssh_host_dsa_key
# Lifetime and size of ephemeral version 1 server key
#KeyRegenerationInterval 3600
#ServerKeyBits 768
# Logging
#obsoletes QuietMode and FascistLogging
#SyslogFacility AUTH
SyslogFacility AUTHPRIV
#LogLevel INFO
# Authentication:
#LoginGraceTime 600
#PermitRootLogin yes
#StrictModes yes
#RSAAuthentication yes
#PubkeyAuthentication yes
#AuthorizedKeysFile .ssh/authorized_keys
# rhosts authentication should not be used
#RhostsAuthentication no
# Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes
# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
#RhostsRSAAuthentication no
# similar for protocol version 2
#HostbasedAuthentication no
# Change to yes if you don't trust ~/.ssh/known_hosts for
# RhostsRSAAuthentication and HostbasedAuthentication
#IgnoreUserKnownHosts no
# To disable tunneled clear text passwords, change to no here!
#PasswordAuthentication yes
#PermitEmptyPasswords no
# Change to no to disable s/key passwords
#ChallengeResponseAuthenti
# Kerberos options
# KerberosAuthentication automatically enabled if keyfile exists
#KerberosAuthentication yes
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
# AFSTokenPassing automatically enabled if k_hasafs() is true
#AFSTokenPassing yes
# Kerberos TGT Passing only works with the AFS kaserver
#KerberosTgtPassing no
# Set this to 'yes' to enable PAM keyboard-interactive authentication
# Warning: enabling this may bypass the setting of 'PasswordAuthentication'
#PAMAuthenticationViaKbdIn
#X11Forwarding no
X11Forwarding yes
#X11DisplayOffset 10
#X11UseLocalhost yes
#PrintMotd yes
#PrintLastLog yes
#KeepAlive yes
#UseLogin no
#MaxStartups 10
# no default banner path
#Banner /some/path
#VerifyReverseMapping no
# override default of no subsystems
Subsystem sftp /usr/libexec/openssh/sftp-
END OF FILE
[root@eagle ssh]# vi sshd_config
# $OpenBSD: sshd_config,v 1.48 2002/02/19 02:50:59 deraadt Exp $
# This is the sshd server system-wide configuration file. See sshd(8)
# for more information.
# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sb
# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented. Uncommented options change a
# default value.
#Port 22
#Protocol 2,1
#ListenAddress 0.0.0.0
#ListenAddress ::
# HostKey for protocol version 1
#HostKey /etc/ssh/ssh_host_key
# HostKeys for protocol version 2
#HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/ssh_host_dsa_key
# Lifetime and size of ephemeral version 1 server key
#KeyRegenerationInterval 3600
#ServerKeyBits 768
# Logging
#obsoletes QuietMode and FascistLogging
#SyslogFacility AUTH
SyslogFacility AUTHPRIV
#LogLevel INFO
# Authentication:
#LoginGraceTime 600
#PermitRootLogin yes
#StrictModes yes
#RSAAuthentication yes
#PubkeyAuthentication yes
#AuthorizedKeysFile .ssh/authorized_keys
# rhosts authentication should not be used
#RhostsAuthentication no
# Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes
# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
#RhostsRSAAuthentication no
# similar for protocol version 2
#HostbasedAuthentication no
# Change to yes if you don't trust ~/.ssh/known_hosts for
# RhostsRSAAuthentication and HostbasedAuthentication
#IgnoreUserKnownHosts no
# To disable tunneled clear text passwords, change to no here!
#PasswordAuthentication yes
#PermitEmptyPasswords no
# Change to no to disable s/key passwords
#ChallengeResponseAuthenti
# Kerberos options
# KerberosAuthentication automatically enabled if keyfile exists
#KerberosAuthentication yes
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
# AFSTokenPassing automatically enabled if k_hasafs() is true
#AFSTokenPassing yes
# Kerberos TGT Passing only works with the AFS kaserver
#KerberosTgtPassing no
# Set this to 'yes' to enable PAM keyboard-interactive authentication
# Warning: enabling this may bypass the setting of 'PasswordAuthentication'
#PAMAuthenticationViaKbdIn
#X11Forwarding no
X11Forwarding yes
#X11DisplayOffset 10
#X11UseLocalhost yes
#PrintMotd yes
#PrintLastLog yes
#KeepAlive yes
#UseLogin no
#MaxStartups 10
# no default banner path
#Banner /some/path
#VerifyReverseMapping no
# override default of no subsystems
Subsystem sftp /usr/libexec/openssh/sftp-
END OF FILE
I'd uncomment (i.e get rid of the#) in this line
#PasswordAuthentication yes
#PasswordAuthentication yes
ASKER
I uncommeted as you suggested. Still receiving the same message "permission denied".
How about trying to log in locally. Make sure you're sshd is running on the server (with the -d -d option) then in another window on the same server type ssh -v -v 0, this should connect you to the local sshd server.
Post both the ssh & the sshd logs and I'll have a look
Post both the ssh & the sshd logs and I'll have a look
ASKER
server posting:
[root@eagle ssh]# /usr/local/sbin/sshd -d -d
debug1: Seeding random number generator
debug1: sshd version OpenSSH_2.9p2
debug1: private host key: #0 type 0 RSA1
debug1: read PEM private key done: type DSA
debug1: private host key: #1 type 2 DSA
socket: Invalid argument
debug1: Bind to port 22 on 0.0.0.0.
Server listening on 0.0.0.0 port 22.
Generating 768 bit RSA key.
RSA key generation complete.
debug1: Server will not fork when running in debugging mode.
Connection from 127.0.0.1 port 1813
debug1: Client protocol version 2.0; client software version OpenSSH_2.9p2
debug1: match: OpenSSH_2.9p2 pat ^OpenSSH
Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-1.99-OpenSSH_2.9p2
debug1: Rhosts Authentication disabled, originating port not trusted.
debug1: list_hostkey_types: ssh-dss
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: diffie-hellman-group-excha
debug2: kex_parse_kexinit: ssh-dss
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfi
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfi
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ri
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ri
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: diffie-hellman-group-excha
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfi
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfi
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ri
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ri
debug2: kex_parse_kexinit: none
debug2: kex_parse_kexinit: none
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_init: found hmac-md5
debug1: kex: client->server aes128-cbc hmac-md5 none
debug2: mac_init: found hmac-md5
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUES
debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent
debug1: dh_gen_key: priv key bits set: 128/256
debug1: bits set: 1072/2049
debug1: expecting SSH2_MSG_KEX_DH_GEX_INIT
debug1: bits set: 1039/2049
debug1: sig size 20 20
debug1: SSH2_MSG_KEX_DH_GEX_REPLY sent
debug1: kex_derive_keys
debug1: newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: waiting for SSH2_MSG_NEWKEYS
debug1: newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: KEX done
debug1: userauth-request for user jhawley service ssh-connection method none
debug1: attempt 0 failures 0
debug2: input_userauth_request: setting up authctxt for jhawley
debug2: input_userauth_request: try method none
Failed none for jhawley from 127.0.0.1 port 1813 ssh2
debug1: userauth-request for user jhawley service ssh-connection method password
debug1: attempt 1 failures 1
debug2: input_userauth_request: try method password
Failed password for jhawley from 127.0.0.1 port 1813 ssh2
[root@eagle ssh]# /usr/local/sbin/sshd -d -d
debug1: Seeding random number generator
debug1: sshd version OpenSSH_2.9p2
debug1: private host key: #0 type 0 RSA1
debug1: read PEM private key done: type DSA
debug1: private host key: #1 type 2 DSA
socket: Invalid argument
debug1: Bind to port 22 on 0.0.0.0.
Server listening on 0.0.0.0 port 22.
Generating 768 bit RSA key.
RSA key generation complete.
debug1: Server will not fork when running in debugging mode.
Connection from 127.0.0.1 port 1813
debug1: Client protocol version 2.0; client software version OpenSSH_2.9p2
debug1: match: OpenSSH_2.9p2 pat ^OpenSSH
Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-1.99-OpenSSH_2.9p2
debug1: Rhosts Authentication disabled, originating port not trusted.
debug1: list_hostkey_types: ssh-dss
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: diffie-hellman-group-excha
debug2: kex_parse_kexinit: ssh-dss
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfi
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfi
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ri
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ri
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: diffie-hellman-group-excha
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfi
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfi
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ri
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ri
debug2: kex_parse_kexinit: none
debug2: kex_parse_kexinit: none
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_init: found hmac-md5
debug1: kex: client->server aes128-cbc hmac-md5 none
debug2: mac_init: found hmac-md5
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUES
debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent
debug1: dh_gen_key: priv key bits set: 128/256
debug1: bits set: 1072/2049
debug1: expecting SSH2_MSG_KEX_DH_GEX_INIT
debug1: bits set: 1039/2049
debug1: sig size 20 20
debug1: SSH2_MSG_KEX_DH_GEX_REPLY sent
debug1: kex_derive_keys
debug1: newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: waiting for SSH2_MSG_NEWKEYS
debug1: newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: KEX done
debug1: userauth-request for user jhawley service ssh-connection method none
debug1: attempt 0 failures 0
debug2: input_userauth_request: setting up authctxt for jhawley
debug2: input_userauth_request: try method none
Failed none for jhawley from 127.0.0.1 port 1813 ssh2
debug1: userauth-request for user jhawley service ssh-connection method password
debug1: attempt 1 failures 1
debug2: input_userauth_request: try method password
Failed password for jhawley from 127.0.0.1 port 1813 ssh2
ASKER
trying to connect locally posting:
[jhawley@eagle jhawley]$ ssh -v -v 0
OpenSSH_2.9p2, SSH protocols 1.5/2.0, OpenSSL 0x0090602f
debug1: Reading configuration data /usr/local/etc/ssh_config
debug1: Seeding random number generator
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: restore_uid
debug1: ssh_connect: getuid 507 geteuid 0 anon 1
debug1: Connecting to 0 [0.0.0.0] port 22.
debug1: temporarily_use_uid: 507/509 (e=0)
debug1: restore_uid
debug1: temporarily_use_uid: 507/509 (e=0)
debug1: restore_uid
debug1: Connection established.
debug1: read PEM private key done: type DSA
debug1: read PEM private key done: type RSA
debug1: identity file /home/jhawley/.ssh/identit
debug1: identity file /home/jhawley/.ssh/id_rsa type -1
debug1: identity file /home/jhawley/.ssh/id_dsa type -1
debug1: Remote protocol version 1.99, remote software version OpenSSH_2.9p2
debug1: match: OpenSSH_2.9p2 pat ^OpenSSH
Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_2.9p2
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: diffie-hellman-group-excha
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfi
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfi
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ri
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ri
debug2: kex_parse_kexinit: none
debug2: kex_parse_kexinit: none
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: diffie-hellman-group-excha
debug2: kex_parse_kexinit: ssh-dss
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfi
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfi
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ri
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ri
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_init: found hmac-md5
debug1: kex: server->client aes128-cbc hmac-md5 none
debug2: mac_init: found hmac-md5
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUES
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: dh_gen_key: priv key bits set: 129/256
debug1: bits set: 1039/2049
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host '0' is known and matches the DSA host key.
debug1: Found key in /home/jhawley/.ssh/known_h
debug1: bits set: 1072/2049
debug1: len 55 datafellows 0
debug1: ssh_dss_verify: signature correct
debug1: kex_derive_keys
debug1: newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: waiting for SSH2_MSG_NEWKEYS
debug1: newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: done: ssh_kex2.
debug1: send SSH2_MSG_SERVICE_REQUEST
debug1: service_accept: ssh-userauth
debug1: got SSH2_MSG_SERVICE_ACCEPT
debug1: authentications that can continue: publickey,password,keyboar
debug1: next auth method to try is publickey
debug1: try privkey: /home/jhawley/.ssh/id_rsa
debug1: try privkey: /home/jhawley/.ssh/id_dsa
debug2: we did not send a packet, disable method
debug1: next auth method to try is password
jhawley@0's password:
debug2: packet_inject_ignore: current 60
debug2: packet_inject_ignore: block 16 have 4 nb 4 mini 1 need 4
debug2: we sent a password packet, wait for reply
debug1: authentications that can continue: publickey,password,keyboar
Permission denied, please try again.
[jhawley@eagle jhawley]$ ssh -v -v 0
OpenSSH_2.9p2, SSH protocols 1.5/2.0, OpenSSL 0x0090602f
debug1: Reading configuration data /usr/local/etc/ssh_config
debug1: Seeding random number generator
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: restore_uid
debug1: ssh_connect: getuid 507 geteuid 0 anon 1
debug1: Connecting to 0 [0.0.0.0] port 22.
debug1: temporarily_use_uid: 507/509 (e=0)
debug1: restore_uid
debug1: temporarily_use_uid: 507/509 (e=0)
debug1: restore_uid
debug1: Connection established.
debug1: read PEM private key done: type DSA
debug1: read PEM private key done: type RSA
debug1: identity file /home/jhawley/.ssh/identit
debug1: identity file /home/jhawley/.ssh/id_rsa type -1
debug1: identity file /home/jhawley/.ssh/id_dsa type -1
debug1: Remote protocol version 1.99, remote software version OpenSSH_2.9p2
debug1: match: OpenSSH_2.9p2 pat ^OpenSSH
Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_2.9p2
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: diffie-hellman-group-excha
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfi
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfi
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ri
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ri
debug2: kex_parse_kexinit: none
debug2: kex_parse_kexinit: none
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: diffie-hellman-group-excha
debug2: kex_parse_kexinit: ssh-dss
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfi
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfi
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ri
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ri
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_init: found hmac-md5
debug1: kex: server->client aes128-cbc hmac-md5 none
debug2: mac_init: found hmac-md5
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUES
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: dh_gen_key: priv key bits set: 129/256
debug1: bits set: 1039/2049
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host '0' is known and matches the DSA host key.
debug1: Found key in /home/jhawley/.ssh/known_h
debug1: bits set: 1072/2049
debug1: len 55 datafellows 0
debug1: ssh_dss_verify: signature correct
debug1: kex_derive_keys
debug1: newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: waiting for SSH2_MSG_NEWKEYS
debug1: newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: done: ssh_kex2.
debug1: send SSH2_MSG_SERVICE_REQUEST
debug1: service_accept: ssh-userauth
debug1: got SSH2_MSG_SERVICE_ACCEPT
debug1: authentications that can continue: publickey,password,keyboar
debug1: next auth method to try is publickey
debug1: try privkey: /home/jhawley/.ssh/id_rsa
debug1: try privkey: /home/jhawley/.ssh/id_dsa
debug2: we did not send a packet, disable method
debug1: next auth method to try is password
jhawley@0's password:
debug2: packet_inject_ignore: current 60
debug2: packet_inject_ignore: block 16 have 4 nb 4 mini 1 need 4
debug2: we sent a password packet, wait for reply
debug1: authentications that can continue: publickey,password,keyboar
Permission denied, please try again.
Comparing your sshd_config to mine (OpenSSH_3.7.1p2 on Solaris)
I've got
HostKey /usr/local/etc/ssh_host_rs
HostKey /usr/local/etc/ssh_host_ds
SyslogFacility AUTH
LogLevel INFO
LoginGraceTime 600
PermitRootLogin no
StrictModes yes
PubkeyAuthentication yes
PrintMotd yes
KeepAlive yes
UseLogin no
UsePrivilegeSeparation yes
Compression no
You might want to set yours the same and see if it works. ALso if you can enable telnet and see whether it is a general remote authentification error, or just ssh.
I'm off home now, so don't expect a response from me for a couple of hours
Good luck ;-)
I've got
HostKey /usr/local/etc/ssh_host_rs
HostKey /usr/local/etc/ssh_host_ds
SyslogFacility AUTH
LogLevel INFO
LoginGraceTime 600
PermitRootLogin no
StrictModes yes
PubkeyAuthentication yes
PrintMotd yes
KeepAlive yes
UseLogin no
UsePrivilegeSeparation yes
Compression no
You might want to set yours the same and see if it works. ALso if you can enable telnet and see whether it is a general remote authentification error, or just ssh.
I'm off home now, so don't expect a response from me for a couple of hours
Good luck ;-)
ASKER
I figured it out. I went back and re-compiled from scratch. (refer to:)
http://www.helpdesk.umd.edu/os/linux_redhat_6_2/installation/168/
but i added:
--with-md5-passwords
to the ./configure script.
It works now. I will still give you the points. Thanks for your help.
http://www.helpdesk.umd.edu/os/linux_redhat_6_2/installation/168/
but i added:
--with-md5-passwords
to the ./configure script.
It works now. I will still give you the points. Thanks for your help.
Thanks
Hi Eagle,
i proposed this thing a long time back on this thread.
https://www.experts-exchange.com/questions/20804384/SSH-on-redhat-6-2.html
anyway good to know u got this working.
-Shiv
i proposed this thing a long time back on this thread.
https://www.experts-exchange.com/questions/20804384/SSH-on-redhat-6-2.html
anyway good to know u got this working.
-Shiv
ASKER
Shiv.
You sure did. I was a bit confused and did not realize the solution was right in front of me a week ago when I was posting to the other section. Sorry! I went back to the original posting and gave you the points for that as well. It is only fair. Thanks.
You sure did. I was a bit confused and did not realize the solution was right in front of me a week ago when I was posting to the other section. Sorry! I went back to the original posting and gave you the points for that as well. It is only fair. Thanks.
ASKER
#
# hosts.allow This file describes the names of the hosts which are
# allowed to use the local INET services, as decided
# by the '/usr/sbin/tcpd' server.
Basically the same in the /etc/hosts.deny file. I am not really sure what should be in these files?????
here is the output from sshd -d -d
Again, I am not sure what should be here. Any help is appreciated.
STARTS HERE
[root@eagle /etc]# /usr/local/sbin/sshd -d -d
debug1: Seeding random number generator
debug1: sshd version OpenSSH_2.9p2
debug1: private host key: #0 type 0 RSA1
debug1: read PEM private key done: type DSA
debug1: private host key: #1 type 2 DSA
socket: Invalid argument
debug1: Bind to port 22 on 0.0.0.0.
Server listening on 0.0.0.0 port 22.
Generating 768 bit RSA key.
RSA key generation complete.
debug1: Server will not fork when running in debugging mode.
Connection from 10.10.0.4 port 48280
debug1: Client protocol version 2.0; client software version OpenSSH_3.1p1
debug1: match: OpenSSH_3.1p1 pat ^OpenSSH
Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-1.99-OpenSSH_2.9p2
debug1: Rhosts Authentication disabled, originating port not trusted.
debug1: list_hostkey_types: ssh-dss
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: diffie-hellman-group-excha
debug2: kex_parse_kexinit: ssh-dss
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfi
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfi
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ri
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ri
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: diffie-hellman-group-excha
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfi
debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfi
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ri
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ri
debug2: kex_parse_kexinit: none
debug2: kex_parse_kexinit: none
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_init: found hmac-md5
debug1: kex: client->server aes128-cbc hmac-md5 none
debug2: mac_init: found hmac-md5
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUES
debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent
debug1: dh_gen_key: priv key bits set: 132/256
debug1: bits set: 984/2049
debug1: expecting SSH2_MSG_KEX_DH_GEX_INIT
debug1: bits set: 1075/2049
debug1: sig size 20 20
debug1: SSH2_MSG_KEX_DH_GEX_REPLY sent
debug1: kex_derive_keys
debug1: newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: waiting for SSH2_MSG_NEWKEYS
debug1: newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: KEX done
debug1: userauth-request for user jhawley service ssh-connection method none
debug1: attempt 0 failures 0
debug2: input_userauth_request: setting up authctxt for jhawley
debug2: input_userauth_request: try method none
Failed none for jhawley from 10.10.0.4 port 48280 ssh2
debug1: userauth-request for user jhawley service ssh-connection method keyboard-interactive
debug1: attempt 1 failures 1
debug2: input_userauth_request: try method keyboard-interactive
debug1: keyboard-interactive language devs
Failed keyboard-interactive for jhawley from 10.10.0.4 port 48280 ssh2
debug1: userauth-request for user jhawley service ssh-connection method password
debug1: attempt 2 failures 2
debug2: input_userauth_request: try method password
Failed password for jhawley from 10.10.0.4 port 48280 ssh2
ENDS HERE