[ale] ssh help?

Nomad the Wanderer nomad at orci.com
Mon Jan 18 00:00:39 EST 1999 

Thus spake Mike Kachline (kachline at cc.gatech.edu):

> -----BEGIN PGP SIGNED MESSAGE-----
> 
> On Sun, 17 Jan 1999, Nomad the Wanderer wrote:
> >I did all this.  I can ssh from remote to local and use the RSA,
> >but I still can't go from local to remote.
> <snip>
> 	Hmm. What does "ssh -v remote.box" tell you, and is sshd running on
> remote.box?
> 

This is neat..  It refuses the authentication.  Any ideas why?

{0}:dogbert:/home/nomad>ssh -v dudley
SSH Version 1.2.26 [i686-unknown-linux], protocol version 1.5.
Standard version.  Does not use RSAREF.
dogbert: Reading configuration data /etc/ssh_config
dogbert: ssh_connect: getuid 1000 geteuid 0 anon 0
dogbert: Connecting to dudley [206.168.154.1] port 22.
dogbert: Allocated local port 1023.
dogbert: Connection established.
dogbert: Remote protocol version 1.5, remote software version 1.2.22
dogbert: Waiting for server public key.
dogbert: Received server public key (768 bits) and host key (1024 bits).
dogbert: Host 'dudley' is known and matches the host key.
dogbert: Initializing random; seed file /home/nomad/.ssh/random_seed
dogbert: Encryption type: idea
dogbert: Sent encrypted session key.
dogbert: Installing crc compensation attack detector.
dogbert: Received encrypted confirmation.
dogbert: Trying rhosts or /etc/hosts.equiv with RSA host authentication.
dogbert: Remote: Rhosts/hosts.equiv authentication refused: client user 'nomad', server user 'nomad', client host 'dogbert.rnd-consulting.com'.
dogbert: Server refused our rhosts authentication or host key.
dogbert: No agent.
dogbert: Trying RSA authentication with key 'nomad at dogbert.rnd-consulting.com'
dogbert: Remote: Bad file modes for /usr/shell/n/nomad/.ssh/authorized_keys
dogbert: Server refused our key.
dogbert: Doing password authentication.
nomad at dudley's password: 

> 
> 
> >  I want it to require the RSA, or nothing.  If the user hasn't
> >set up RSA, there is no connection allowed.  It's for a box that is to
> >be EXTREMELY secured, and only 3 users so it'll be controlable.
> <snip>
> 	Here is where things get a bit hazy on my end, but from reading through
> the man pages, I suspect what you need to do is add the lines:
> 
> 	RHostsAuthentication No
> 	RHostsRSAAuthentication No
> 	RSAAuthentication Yes
> 
> 	to your /etc/sshd_config on remote.host.

Ok, I've got these set.  Problem is probably going to continue until I figure
out the first problem.

Robert

More information about the Ale mailing list