I am changing the login authentication method from password to keyboard interactive for security purposes. I know this option is kind of add-on for ssh client programs; which explains the best info about option is in this link: User Authentication with Keyboard-Interactive
One of the servers is AIX; and althoguh I have done many combination it keeps giving me the error saying unable to authenticate using methods which includes keyboard-interactive.
1) The server is AIX5.3
2) ssh -v
OpenSSH_4.3p2, OpenSSL 0.9.7l 28 Sep 2006
3) no LDAP
4) no xml configuration file for ssh like ssh-server-config.xml; so no LAM
5) $OpenBSD: sshd_config,v 1.73
My configuration is basically as follows;
Code:
PermitRootLogin no
PasswordAuthentication no
ChallengeResponseAuthentication yes
UsePAM yes
X11Forwarding yes
If there is anyone who can help me, it is appreciated. There may be a version supporting keyboard-interactive or a parameter that doesn't show up in man for sshd_config. Maybe, I should change ssh_config file which is all commented. There is /etc/pam.conf without any line with ssh-server-g3. Do u have any recommendation?
Last edited by pludi; 02-03-2010 at 09:44 AM..
Reason: code tags, please..
which effectively disables authentication by password (which is usually done interactively on a keyboard). Change that, restart the SSH server, and everything should work. Or, use the public key authentication that seems to be in place already.
If I set PasswordAuthentication yes; then it doesn't require interactive input. The SSH program that my friends use can save passwords; that is the main problem actually. Anyone access to their computer can login to any server they want without entering passwords which causes security problem. Linux servers became ok; after setting the parameter KbdInteractiveAuthentication which isn't in any sshd man. All sshd man look the same actually, i don't know why.
I can't see the way actually that the server could prevent the client from saving a password. If you use password and it's the same password each time I can't see a way to know the difference between entering it by user or by computer...
Last edited by dpc.ucore.info; 02-03-2010 at 10:44 AM..
The client is bought many years ago; it has support for keyboard interactive. It can save password if the method is password authentication (for people who don't want to enter password every time just clicks that save option); but when it comes to keyboard interactive authentication, it doesn't have an option to save passwords. I want the client to ask for password for each login not to save them.
The other idea is to write a perl script that shows up a login screen and pass the username and password to the server. That is something that over my head.
Whatever, the problem isn't about it, I want to login to my aix server with keyboard interactive authentication method not password authentication method. What should I do for it? This is something easy; but I just couldn't figure it out.
Last edited by royalliege; 02-03-2010 at 11:09 AM..
I fire the rsyn command as below:
rsync --delay-updates -F --compress --archive -e "/usr/bin/ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no" user1@myhost.server.com:/tmp/jarexplorer-0.7.jar /web/admin/data/ The above command get interpreted as below: ssh -vvv -o... (4 Replies)
I wish to launch a script with ssh command.
This script launches a menu.
The menu displays well but I can't interact with it.
Can you help me :confused: ? (1 Reply)
Hello experts,
Is it possible to have an user account on RHEL 6.3 as a su-only account, but with ssh capability and no interactive login? Let me elaborate.
Say, we have a cluster of 5 RHEL 6.3 servers and an user account (strmadmin) on each of the server as an su-only... (1 Reply)
We have a script which rsyncs two directories on two servers. This rsync will happen with the ID svID. But the script runs with the Control-M ID opID. we have setup password less SSH for svID, but it fails with Host key verification failed when the script is executed by opID. As opID is a... (1 Reply)
HI Unix Gurus,
I an stuck in an interesting issue, where I am trying to execute a script on remote server after ssh.
The script on remote server is interactive,. Whenever it is called it hangs where it expects input from terminal and I have to terminate it.
I have searched through fourm... (12 Replies)
Hello,
I'm trying to setup password less authentication to remote ssh server. I generated the public key and gave it to the vendor and The key is added in the remote machines authorized_keys file.
When I try to connect to a remote machine through SFTP username@host I am getting the error... (4 Replies)
Hello everyone!
I am trying to log-in to a remote server over SSH, transfer file1 there, perform some checks, capture the results in file2 and transfer file2 back to my local server - all of this non-interactively. Initially, I tried to do this within a singe SSH session, using the following... (2 Replies)
Hi,
I want to know how to use SSH non-interactively? I am already able to use sftp -b <batch file> user@host so public/private key set-up already is in place.
But my supervisor has told me to use SSH now I want to know how it can be done? I want to do something like:
done_files=`ssh ls... (7 Replies)
I am writing an automation that will ssh into hundreds of system and run a few commands. I ll be looping from ip X.X.X.10 to X.X.X.200
I have public key set up ready for "most" of them to run ssh non interactively. However some of the systems in these ip range do not have the public private key... (2 Replies)
Hello,
when I try to connect to a remote machine through SSH username@host I am getting the error message
Permission denied (publickey,password,keyboard-interactive).
Can any one tell me what is the problem. the key is added in the remote machines authorized_keys file. (5 Replies)
02-03-2010
SSH with Keyboard Interactive
