I appear to be suffering the riddle of sshd and PAM on one of my Debian Stable boxes. Both boxes have ssh_1%3a3.4p1-1.woody.3 (i386) installed, but only one of them has the stuff in /etc/ssh/sshd_conf about "UsePrivilegeSeparation" (yes), it has decided today to nolonger allow ssh connections with interactive keyboard password entry.
Also in sshd_conf the "PAMAuthenticationViaKbdInt" is set to "off" to be compatible with the privilage separation. If I invert these two settings I still can't loggin after it asks about 6 different ways.
The maddening thing is even "ssh 127.0.0.1" doesn't work on the bad box - returns "Permission denied, please try again."
What should I change to restore normal connectivity?
Ta.
Tim.
On Wed, 2004-05-05 at 22:52, Tim Green wrote:
I appear to be suffering the riddle of sshd and PAM on one of my Debian Stable boxes. Both boxes have ssh_1%3a3.4p1-1.woody.3 (i386) installed, but only one of them has the stuff in /etc/ssh/sshd_conf about "UsePrivilegeSeparation" (yes), it has decided today to nolonger allow ssh connections with interactive keyboard password entry.
Also in sshd_conf the "PAMAuthenticationViaKbdInt" is set to "off" to be compatible with the privilage separation. If I invert these two settings I still can't loggin after it asks about 6 different ways.
The maddening thing is even "ssh 127.0.0.1" doesn't work on the bad box - returns "Permission denied, please try again."
What should I change to restore normal connectivity?
Ta.
Tim.
I often get bitten by something that sounds familiar - have you checked the hosts.allow file to add your network. I always forget that one.
Matt
On Thu, May 06, 2004 at 06:25:32AM +0100, Matt Parker wrote:
On Wed, 2004-05-05 at 22:52, Tim Green wrote:
The maddening thing is even "ssh 127.0.0.1" doesn't work on the bad box - returns "Permission denied, please try again."
What should I change to restore normal connectivity?
I often get bitten by something that sounds familiar - have you checked the hosts.allow file to add your network. I always forget that one.
Nothing wrong with the hosts.allow - it was shutdown.
I had started a shutdown, and then changed my mind. I have now done the hardware upgrade (2nd ethernet card for changing my dial-up firewall into a broadband and dial-up firewall), and I can now reconnect with ssh :-)
It was very worrying when I was 120 miles from home and suddenly I wasn't allowed to ssh.
TTOTD: Proceed with, or cancel, shutdowns properly!
Tim.