Gentoo Archives: gentoo-user

From: John Blinka <jblinka@××××××.com>
To: gentoo-user@l.g.o
Subject: [gentoo-user] how to get ssh host based authentication working?
Date: Sun, 30 Jul 2006 03:01:22
Message-Id: 44CC1FF5.9030007@neo.rr.com
1 Hi, folks,
2
3 I'd like to get host based ssh authentication working within
4 all the gentoo boxes on my home network. I've had no
5 success yet - I hope someone can enlighten me!
6
7 What I've done so far on the server side is:
8
9 set HostbasedAuthentication yes in sshd_config
10 set HostbasedAuthentication yes in ssh_config
11 added /etc/ssh/shosts.equiv containing names of client boxes
12 added /etc/ssh/ssh_known_hosts containing public host keys of
13 client boxes
14
15 Client boxes are configured similarly.
16
17 When I try to ssh from one box to another, I always get a request
18 for a password, which is what I'm trying to avoid.
19
20 Below is an excerpt from an attempt to ssh from one box to another
21 while requesting the maximum amount of debugging info. It looks
22 like ssh is trying to use host based authentication, but for some
23 reason it fails. I'd appreciate any ideas about what might be
24 going wrong.
25
26 John Blinka
27
28
29
30
31 debug3: check_host_in_hostfile: filename /root/.ssh/known_hosts
32 debug3: check_host_in_hostfile: match line 5
33 debug3: check_host_in_hostfile: filename /root/.ssh/known_hosts
34 debug3: check_host_in_hostfile: match line 5
35 debug1: Host 'tobey' is known and matches the RSA host key.
36 debug1: Found key in /root/.ssh/known_hosts:5
37 debug2: bits set: 469/1024
38 debug1: ssh_rsa_verify: signature correct
39 debug2: kex_derive_keys
40 debug2: set_newkeys: mode 1
41 debug1: SSH2_MSG_NEWKEYS sent
42 debug1: expecting SSH2_MSG_NEWKEYS
43 debug2: set_newkeys: mode 0
44 debug1: SSH2_MSG_NEWKEYS received
45 debug1: SSH2_MSG_SERVICE_REQUEST sent
46 debug2: service_accept: ssh-userauth
47 debug1: SSH2_MSG_SERVICE_ACCEPT received
48 debug2: key: /root/.ssh/identity ((nil))
49 debug2: key: /root/.ssh/id_rsa (0x8095528)
50 debug2: key: /root/.ssh/id_dsa (0x80964c0)
51 debug1: Authentications that can continue:
52 publickey,keyboard-interactive,hostbased
53 debug3: start over, passed a different list
54 publickey,keyboard-interactive,hostbased
55 debug3: preferred hostbased,publickey,keyboard-interactive,password
56 debug3: authmethod_lookup hostbased
57 debug3: remaining preferred: publickey,keyboard-interactive,password
58 debug3: authmethod_is_enabled hostbased
59 debug1: Next authentication method: hostbased
60 debug2: userauth_hostbased: chost lotus.bluebar.org.
61 debug2: we sent a hostbased packet, wait for reply
62 debug1: Authentications that can continue:
63 publickey,keyboard-interactive,hostbased
64 debug2: userauth_hostbased: chost lotus.bluebar.org.
65 debug2: we sent a hostbased packet, wait for reply
66 debug1: Authentications that can continue:
67 publickey,keyboard-interactive,hostbased
68 debug1: No more client hostkeys for hostbased authentication.
69 debug2: we did not send a packet, disable method
70
71 --
72 gentoo-user@g.o mailing list

Replies

Subject Author
Re: [gentoo-user] how to get ssh host based authentication working? gentuxx <gentuxx@×××××.com>
Re: [gentoo-user] how to get ssh host based authentication working? Peter Ruskin <peter.ruskin@×××××××××.com>