05-28-2014
Quote:
Originally Posted by
chacko193
Thanks Ygemici for you reply!!
I have already tried out not logging the "auth" events in vShell and that seems to work.
I got to thinking that since the client is initiating the ssh session, it will be the client that sends the "none" auth method request and from my other searches was able to confirm this as well. So I came to the conclusion that there will be some option within the ssh config files which prevents sending out the "none" auth request and hence my futile searches.
I will try out the rest of your suggestions and get back to when I have some results.
---------- Post updated at 11:30 PM ---------- Previous update was at 11:26 AM ----------
I tried changing the AuthenticationsAllowed and AuthenticationsRequired to "password" only in vShell, but still it is using the "none" authentication first and then only it is going for password.
---------- Post updated 05-27-14 at 04:42 AM ---------- Previous update was 05-26-14 at 11:30 PM ----------
I have one query. You said you were able to connect to server with any initial auth method using bitvise client. I also tried that and noticed the same,i.e , I am not getting that "none rejected" message.
So how is this bitvise client able to choose the initial auth method? If they are able to do it, why cannot we do the same. After all they too will be using the same open-ssh only(may be with some modifications). And I think it is the only one were none is listed as an auth method.
---------- Post updated at 07:42 AM ---------- Previous update was at 04:42 AM ----------
it has differ codes in the bitvise ssh client ( executable) and it does not send to ssh-server with none-method as in its source code files for know the auth-methods.(written in that way)
and it does not use the openssh sources, it uses FlowSsh libraries and compiled from c++ platform for windows.
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Hi all,
I have got a Solaris machine and I have several user account setup up with the .ssh and authorized_keys file in their home directories.
I have check all the permission and ownership and they are all indentical and belongs to the user ID and group respectively. However one of the... (3 Replies)
Discussion started by: stancwong
3 Replies
2. UNIX for Advanced & Expert Users
In which case could be better don't use a passphrase creating an authentication key for ssh comunications?
Thanks in advance. (1 Reply)
Discussion started by: Minguccio75
1 Replies
3. UNIX for Advanced & Expert Users
I am using an ssh pub key on two remote servers to allow ssh session without authentication. Both servers have the same id_rsa.pub copied from the host into the remote servers ~user/.ssh/authorized_keys. There is no passphrase for this key either.
The problem is that I am able to ssh into one... (2 Replies)
Discussion started by: prkfriryce
2 Replies
4. AIX
I am trying to implement passwordless authentication via ssh2. I have used the well documented technique of generating a key pair with a blank passphrase on my client machine, and installing the public key on the destination server (AIX 5.3) in the user's .ssh2 directory. I have used this technique... (1 Reply)
Discussion started by: RegX
1 Replies
5. Red Hat
Hi All;
I have an issue with password less authentication via ssh ( v2)
I have two servers Server A and Server B, following are the server details
Server A
OS - HP UX B.11.11 U 9000/800
SSH - OpenSSH_4.3p2-hpn, OpenSSL 0.9.7i 14 Oct 2005
HP-UX Secure Shell-A.04.30.000, HP-UX... (3 Replies)
Discussion started by: maverick_here
3 Replies
6. Shell Programming and Scripting
If another machine has the same account how to ssh into that machine as the same user without re-typing password? Thanks (2 Replies)
Discussion started by: stevensw
2 Replies
7. Solaris
Hi, I've used the following way to set ssh public key authentication and it is working fine on Solaris 10, RedHat Linux and SuSE Linux servers without any problem. But I got error 'Server refused our key' on Solaris 8 system. Solaris 8 uses SSH2 too. Why? Please help. Thanks.
... (1 Reply)
Discussion started by: aixlover
1 Replies
8. UNIX for Dummies Questions & Answers
Hi!
Im trying to set access from ServerA(SunOS) to ServerB(Some custom Linux with Keyboard Interactive login) with SSH Keys. As a proof of concept I was able to do it between 2 virtual machines. Now in my real life scenario it isnt working.
I created the keys in ServerA, copied them to... (7 Replies)
Discussion started by: RedSpyder
7 Replies
9. UNIX for Advanced & Expert Users
I setup passwordless authentication on a Ubuntu vm by ssh'ing into the localhost. I'm trying to do the same thing on another machine but it's not working. I believe I have the permissions setup properly and keygen'd. Is there a way to disable passwordless authentication? I have permission to... (4 Replies)
Discussion started by: MaindotC
4 Replies
10. Shell Programming and Scripting
Hey team
I have to enable password less authentication betweeen A to B server and A to C server and A to D server.
For this I generated a ssh key on server A using ssh-keygen command and copied the key using ssh-copy-id command to B, C and D server. Everything is working fine as of now but... (5 Replies)
Discussion started by: Sandeep_sandy
5 Replies
LEARN ABOUT SUNOS
ssh-keysign
ssh-keysign(1M) ssh-keysign(1M)
NAME
ssh-keysign - ssh helper program for host-based authentication
SYNOPSIS
ssh-keysign
ssh-keysign is used by ssh(1) to access the local host keys and generate the digital signature required during host-based authentication
with SSH protocol version 2. This signature is of data that includes, among other items, the name of the client host and the name of the
client user.
ssh-keysign is disabled by default and can be enabled only in the global client configuration file /etc/ssh/ssh_config by setting Host-
basedAuthentication to yes.
ssh-keysign is not intended to be invoked by the user, but from ssh. See ssh(1) and sshd(1M) for more information about host-based authen-
tication.
/etc/ssh/ssh_config
Controls whether ssh-keysign is enabled.
/etc/ssh/ssh_host_dsa_key
/etc/ssh/ssh_host_rsa_key
These files contain the private parts of the host keys used to generate the digital signature. They should be owned by root, readable
only by root, and not accessible to others. Because they are readable only by root, ssh-keysign must be set-uid root if host-based
authentication is used.
ssh-keysign will not sign host-based authentication data under the following conditions:
o If the HostbasedAuthentication client configuration parameter is not set to yes in /etc/ssh/ssh_config. This setting cannot be overri-
den in users' ~/.ssh/ssh_config files.
o If the client hostname and username in /etc/ssh/ssh_config do not match the canonical hostname of the client where ssh-keysign is
invoked and the name of the user invoking ssh-keysign.
In spite of ssh-keysign's restrictions on the contents of the host-based authentication data, there remains the ability of users to use it
as an avenue for obtaining the client's private host keys. For this reason host-based authentication is turned off by default.
See attributes(5) for descriptions of the following attributes:
+-----------------------------+-----------------------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+-----------------------------+-----------------------------+
|Availability |SUNWsshu |
+-----------------------------+-----------------------------+
|Interface Stability |Evolving |
+-----------------------------+-----------------------------+
ssh(1), sshd(1M), ssh_config(4), attributes(5)
AUTHORS
Markus Friedl, markus@openbsd.org
HISTORY
ssh-keysign first appeared in Ox 3.2.
9 Jun 2004 ssh-keysign(1M)