From: Alexander H. <ale...@gm...> - 2009-03-30 13:51:50
|
Paul Fons wrote: > A few weeks or so ago, I remember installing openssh via fink on my > macbook pro (15 Al unibody). Using ssh to connect to other machines > worked fine, however, I found that I could not ssh in to my machine > anymore. After scratching my head for a while, I gave up and removed > the openssh package via the fink remove command and find that I still > cannot log in to my laptop machine even using localhost. Did you kill off any running sshd processes and/or reboot afterwards, to make sure that you're not still using fink's sshd? > What is odd > about this is that I am unable to login via ssh to localhost even when > I copy the .ssh directory from my desktop which works fine > (permissions are fine as well). The file /etc/sshd_config is also the > default file. There are no errors showing up in /var/secure.log. The > console just shows that ssh tries to check a public key and apparently > gets now answer. Might anyone have clue as to what is going on? I am > fine to use the fink openssh as well, but I thought it would be best > to get things working first. > > > It seems that we send a pubkey and wait for reply, but it never comes. > > ssh -vvv paulfons@localhost > > bunch of text > > > debug1: SSH2_MSG_SERVICE_ACCEPT received > debug2: key: /Users/paulfons/.ssh/id_dsa (0x107f50) > debug2: key: /Users/paulfons/.ssh/identity (0x0) > debug2: key: /Users/paulfons/.ssh/id_rsa (0x0) > debug1: Authentications that can continue: publickey > debug3: start over, passed a different list publickey > debug3: preferred publickey,keyboard-interactive,password > debug3: authmethod_lookup publickey > debug3: remaining preferred: keyboard-interactive,password > debug3: authmethod_is_enabled publickey > debug1: Next authentication method: publickey > debug1: Offering public key: /Users/paulfons/.ssh/id_dsa > debug3: send_pubkey_test > debug2: we sent a publickey packet, wait for reply > debug1: Authentications that can continue: publickey > > Here it fails as I only have a single dsa key in the folder. The > access for .ssh is set for 700 and for authorized_keys to 600 whilst > the rest are set to 700. I am > > ~/.ssh $ls -lte > total 40 > -rw------- 1 paulfons staff 745 Mar 30 22:12 config > -rw------- 1 paulfons staff 1131 Mar 30 21:13 authorized_keys > -rw------- 1 paulfons staff 1131 Mar 30 21:13 id_dsa.pub > -rw------- 1 paulfons staff 1264 Mar 30 21:13 id_dsa > -rw------- 1 paulfons staff 2160 Mar 30 08:57 known_hosts > > The /etc/sshd_config file is pretty much standard with just a few > changes (e.g. turn off passwords and disable root login). > > > #LoginGraceTime 2m > PermitRootLogin no > > #RSAAuthentication yes > #PubkeyAuthentication yes > #AuthorizedKeysFile .ssh/authorized_keys > # For this to work you will also need host keys in /etc/ssh_known_hosts > #RhostsRSAAuthentication no > # similar for protocol version 2 > #HostbasedAuthentication no > # Change to yes if you don't trust ~/.ssh/known_hosts for > # RhostsRSAAuthentication and HostbasedAuthentication > #IgnoreUserKnownHosts no > # Don't read the user's ~/.rhosts and ~/.shosts files > #IgnoreRhosts yes > > # To disable tunneled clear text passwords, change to no here! > PasswordAuthentication no > #PermitEmptyPasswords no > > > I've had problems in the past with sshd using the default configuration of fink's openssh package. However, that was a long enough time ago that I'll have to hunt around to see exactly what I wound up doing (I settled for using the system-provided version on Leopard, which has been fine for my use). A new openssh was released to current/unstable last week, but I'm not sure whether that solves the problem at hand or not. |