dziwny problem z ssh

hubert depesz lubaczewski depesz w depesz.pl
Wto, 19 Cze 2001, 23:24:07 CEST


hej
mam dziwny problem z ssh
jest sobie maszynka : polpot. na niej konto depesz ma klucz ssh. ten klucz
(identity.pub) jest na dwoch kontach na innej maszynce (neron) - konta:
depesz i root.
i o ile z depesz w polpot na depesz w neron wchodze bez hasla, o tyle z
depesz w polpot na root w neron juz nie.
ustawienia:
$ cat /etc/ssh/sshd_config | grep -v -E ^#

Port 22
Protocol 1
ServerKeyBits 768
LoginGraceTime 600
KeyRegenerationInterval 3600
PermitRootLogin yes
IgnoreRhosts yes
StrictModes yes
X11Forwarding no
X11DisplayOffset 10
PrintMotd yes
KeepAlive yes

SyslogFacility AUTH
LogLevel INFO

RhostsAuthentication no
RhostsRSAAuthentication no
RSAAuthentication yes

PasswordAuthentication yes
PermitEmptyPasswords no



CheckMail no
UseLogin no

(root w neron[pts/4]) 23:22:16 [~]
$ cat /etc/pam.d/sshd                     
#%PAM-1.0
auth            required        /lib/security/pam_listfile.so item=user
sense=deny file=/etc/security/blacklist onerr=succeed
auth            required        /lib/security/pam_listfile.so item=user
sense=deny file=/etc/security/blacklist.sshd onerr=succeed
auth            required        /lib/security/pam_unix.so
auth            required        /lib/security/pam_tally.so
file=/var/log/faillog onerr=succeed no_magic_root
auth            required        /lib/security/pam_shells.so
auth            required        /lib/security/pam_nologin.so
account         required        /lib/security/pam_tally.so deny=0
file=/var/log/faillog onerr=succeed no_magic_root
account         required        /lib/security/pam_access.so
account         required        /lib/security/pam_unix.so
password        required        /lib/security/pam_cracklib.so difok=2
minlen=8 dcredit=2 ocredit=2 retry=3
password        required        /lib/security/pam_unix.so md5 shadow
use_authtok
password        required        /lib/security/pam_make.so /var/db
session         required        /lib/security/pam_unix.so
session         required        /lib/security/pam_env.so
session         required        /lib/security/pam_limits.so change_uid
session         optional        /lib/security/pam_mail.so

$ cat /etc/ssh/ssh_config | grep -v -E ^#




Host *
        ForwardAgent no
        ForwardX11 no
        FallBackToRsh no
        StrictHostKeyChecking no
        Protocol 1
(depesz w polpot[pts/13]) 00:30:22 [~]
$ ssh -v root w neron
OpenSSH_2.9p1, SSH protocols 1.5/2.0, OpenSSL 0x0090601f
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Seeding random number generator
debug1: Rhosts Authentication disabled, originating port will not be
trusted.
debug1: restore_uid
debug1: ssh_connect: getuid 500 geteuid 500 anon 1
debug1: Connecting to neron [192.168.0.1] port 22.
debug1: temporarily_use_uid: 500/1000 (e=500)
debug1: restore_uid
debug1: temporarily_use_uid: 500/1000 (e=500)
debug1: restore_uid
debug1: Connection established.
debug1: identity file /home/users/depesz/.ssh/identity type 0
debug1: Remote protocol version 1.5, remote software version OpenSSH_2.9p2
debug1: match: OpenSSH_2.9p2 pat ^OpenSSH
debug1: Local version string SSH-1.5-OpenSSH_2.9p1
debug1: Waiting for server public key.
debug1: Received server public key (768 bits) and host key (1024 bits).
debug1: Host 'neron' is known and matches the RSA1 host key.
debug1: Found key in /home/users/depesz/.ssh/known_hosts:2
debug1: Encryption type: 3des
debug1: Sent encrypted session key.
debug1: Installing crc compensation attack detector.
debug1: Received encrypted confirmation.
debug1: Trying RSA authentication with key 'depesz w polpot'
debug1: Received RSA challenge from server.
debug1: Sending response to host key RSA challenge.
debug1: Remote: RSA authentication accepted.
debug1: RSA authentication refused.
debug1: Doing password authentication.
root w neron's password: 

ktos ma jakis pomysl?

depesz

-- 
hubert depesz lubaczewski                          http://www.depesz.pl/
------------------------------------------------------------------------
     najwspanialszą rzeczą jaką dało nam nowoczesne społeczeństwo,
      jest niesamowita wręcz łatwość unikania kontaktów z nim ...



Więcej informacji o liście dyskusyjnej pld-users-pl