SHH - login problems after Upgrade 8.2 - 9.0
Hello list, I did an upgrade with my box from 8.2 to version 9.0. After this change I was not able to login with ssh-clients from remote anymore. I am only able to login through local consoles or insecure telnet ! Where do I have to look now, what changed in version 9 ? I had this working before on my systems and did not change a thing in my ssh-setup myself ... What I tried / looked at so far: I have reverse DNS lookup working, the hostnames are resolved. OK I have no lines in host.allow concerning sshd, is this still OK ? same applies to host.deny OK I use xinetd to start vnc since this version 9 of SuSE, does this change something to other services ? I get the certificate at my clienst, I accept it and then get the "login:" prompt, but none of my users / passwords is accepted. Has there been a change in passwords (encryption ?) Any help is appreciated, I really like to have this working again. Thanks in advance, Philipp
Hi Philipp,
I did an upgrade with my box from 8.2 to version 9.0. After this change I was not able to login with ssh-clients from remote anymore.
in /etc/ssh/sshd_config try to uncomment: ListenAddress 0.0.0.0 and comment: #ListenAddress :: I also have: Protocol 2 All my clients only use version 2. This helps to me. I've not research the reasons of this problem. Frank.
I did an upgrade with my box from 8.2 to version 9.0. After this change I was not able to login with ssh-clients from remote anymore.
--> You have to enable Password Authentication in /etc/ssh/sshd_config. Have a look at this thread: http://lists.suse.com/archive/suse-security/2003-Oct/0157.html HTH, Armin -- Am Hasenberg 26 office: Institut für Atmosphärenphysik D-18209 Bad Doberan Schloss-Straße 6 Tel. ++49-(0)38203/42137 D-18225 Kühlungsborn / GERMANY Email: schoech@iap-kborn.de Tel. +49-(0)38293-68-102 WWW: http://armins.cjb.net/ Fax. +49-(0)38293-68-50
Hi Philipp, which SSH-client are you using? - PuTTY? PuTTY in its standard configuration tries SSH1, but you have to enable SSH": Configuration/ Page "Connection/ SSH"/ Preferred SSH protocol version 2 -- Eat, sleep and go running, David Huecking. Encrypted eMail welcome! GnuPG/ PGP-Key: 0x57809216. Fingerprint: 3DF2 CBE0 DFAA 4164 02C2 4E2A E005 8DF7 5780 9216 On Mon, 8 Dec 2003, Philipp Rusch wrote:
Hello list,
I did an upgrade with my box from 8.2 to version 9.0. After this change I was not able to login with ssh-clients from remote anymore. I am only able to login through local consoles or insecure telnet ! Where do I have to look now, what changed in version 9 ? I had this working before on my systems and did not change a thing in my ssh-setup myself ... What I tried / looked at so far: I have reverse DNS lookup working, the hostnames are resolved. OK I have no lines in host.allow concerning sshd, is this still OK ? same applies to host.deny OK I use xinetd to start vnc since this version 9 of SuSE, does this change something to other services ? I get the certificate at my clienst, I accept it and then get the "login:" prompt, but none of my users / passwords is accepted. Has there been a change in passwords (encryption ?)
Any help is appreciated, I really like to have this working again.
Thanks in advance, Philipp
-- Check the headers for your unsubscription address For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here
I tried all and any config options of PuTTY. I will have a look at the options inside sshd-config later this afternoon, as I'm not at the box at the moment. I will report back, then. Thanks, Philipp David Huecking schrieb:
Hi Philipp,
which SSH-client are you using? - PuTTY? PuTTY in its standard configuration tries SSH1, but you have to enable SSH": Configuration/ Page "Connection/ SSH"/ Preferred SSH protocol version 2
-- Eat, sleep and go running, David Huecking.
Encrypted eMail welcome! GnuPG/ PGP-Key: 0x57809216. Fingerprint: 3DF2 CBE0 DFAA 4164 02C2 4E2A E005 8DF7 5780 9216
On Mon, 8 Dec 2003, Philipp Rusch wrote:
Hello list,
I did an upgrade with my box from 8.2 to version 9.0. After this change I was not able to login with ssh-clients from remote anymore. I am only able to login through local consoles or insecure telnet ! Where do I have to look now, what changed in version 9 ? I had this working before on my systems and did not change a thing in my ssh-setup myself ... What I tried / looked at so far: I have reverse DNS lookup working, the hostnames are resolved. OK I have no lines in host.allow concerning sshd, is this still OK ? same applies to host.deny OK I use xinetd to start vnc since this version 9 of SuSE, does this change something to other services ? I get the certificate at my clienst, I accept it and then get the "login:" prompt, but none of my users / passwords is accepted. Has there been a change in passwords (encryption ?)
Any help is appreciated, I really like to have this working again.
Thanks in advance, Philipp
participants (4)
-
Armin Schoech
-
David Huecking
-
Frank Stuehmer
-
Philipp Rusch