On Saturday 23 October 2004 15:52, jim barnes wrote:
On Saturday 23 October 2004 02:56 am, Paul Ollion wrote:
Can you still ping between machines?
Yes I can . Should I configure something in ssh ? I never used it and did not even know I had this installed.
You can look at the whole sshd_config (/etc/ssh/sshd_config) to see all options. We just looked at lines that have been uncommented, i.e., changed from defaults. (by SuSE in this case) Looks normal. Openssh is installed by default.
From a console/terminal on your main machine do sshd -d, leave it running, and attempt a login from your laptop. sshd's output of the login attempt well display on your main machine. Try as both user and root (ssh root@192.168.0.1)
Jim, I think you are finding the good solution or quite close to it, and I am beginning to see some light. Here is the output on my main machine, after 2 fruitless attempts, I got this : atelier:/home/paulus # sshd -d debug1: sshd version OpenSSH_3.8p1 debug1: private host key: #0 type 0 RSA1 debug1: read PEM private key done: type RSA debug1: private host key: #1 type 1 RSA debug1: read PEM private key done: type DSA debug1: private host key: #2 type 2 DSA debug1: Bind to port 22 on ::. Server listening on :: port 22. Generating 768 bit RSA key. RSA key generation complete. And after typing ssh paulus@192.168.0.1 on my laptop, I got the warning "permanently added '192.168.0.1' (RSA) to the list of known hosts " I was asked my password, I gave it and after giving the date and time it said 'Have a lot of fun' Which is not unpleasant, Then "Environment "USER=paulus "LOGNAME=paulus "HOME=/home/paulus "PATH=/usr/bin:/bin:/usr/sbin:/sbin "MAIL=/var/mail/paulus "SHELL=/bin/bash "SSH_CLIENT=::ffff:192.168.0.3 32779 22 "SSH_CONNECTION=::ffff:192.168.0.3 32779 ::ffff:192.168.0.1 22 "SSH_TTY=/dev/pts/49 "TERM=xterm the main machine displayed : debug1: Server will not fork when running in debugging mode. Connection from ::ffff:192.168.0.3 port 32779 debug1: Client protocol version 2.0; client software version OpenSSH_3.8p1 debug1: match: OpenSSH_3.8p1 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-1.99-OpenSSH_3.8p1 debug1: permanently_set_uid: 71/65 debug1: list_hostkey_types: ssh-rsa,ssh-dss debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: client->server aes128-cbc hmac-md5 none debug1: kex: server->client aes128-cbc hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST received debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent debug1: expecting SSH2_MSG_KEX_DH_GEX_INIT debug1: SSH2_MSG_KEX_DH_GEX_REPLY sent debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: KEX done debug1: userauth-request for user paulus service ssh-connection method none debug1: attempt 0 failures 0 Failed none for paulus from ::ffff:192.168.0.3 port 32779 ssh2 debug1: userauth-request for user paulus service ssh-connection method keyboard-interactive debug1: attempt 1 failures 1 debug1: keyboard-interactive devs debug1: auth2_challenge: user=paulus devs= debug1: kbdint_alloc: devices 'pam' debug1: auth2_challenge_start: trying authentication method 'pam' debug1: PAM: initializing for "paulus" debug1: PAM: setting PAM_RHOST to "mob.maison" debug1: PAM: setting PAM_TTY to "ssh" Postponed keyboard-interactive for paulus from ::ffff:192.168.0.3 port 32779 ssh2 debug1: PAM: num PAM env strings 0 Postponed keyboard-interactive/pam for paulus from ::ffff:192.168.0.3 port 32779 ssh2 Accepted keyboard-interactive/pam for paulus from ::ffff:192.168.0.3 port 32779 ssh2 debug1: monitor_child_preauth: paulus has been authenticated by privileged process Accepted keyboard-interactive/pam for paulus from ::ffff:192.168.0.3 port 32779 ssh2 debug1: PAM: reinitializing credentials debug1: permanently_set_uid: 1000/100 debug1: Entering interactive session for SSH2. debug1: server_init_dispatch_20 debug1: server_input_channel_open: ctype session rchan 0 win 65536 max 16384 debug1: input_session_request debug1: channel 0: new [server-session] debug1: session_new: init debug1: session_new: session 0 debug1: session_open: channel 0 debug1: session_open: session 0: link with channel 0 debug1: server_input_channel_open: confirm session debug1: server_input_channel_req: channel 0 request pty-req reply 0 debug1: session_by_channel: session 0 channel 0 debug1: session_input_channel_req: session 0 req pty-req debug1: Allocating pty. debug1: session_new: init debug1: session_new: session 0 debug1: session_pty_req: session 0 alloc /dev/pts/49 debug1: server_input_channel_req: channel 0 request shell reply 0 debug1: session_by_channel: session 0 channel 0 debug1: session_input_channel_req: session 0 req shell debug1: PAM: setting PAM_TTY to "/dev/pts/49" debug1: Setting controlling tty using TIOCSCTTY.
man ssh is there also for interesting reading.
I began to read it and if I understand what has been done, my main machine has been added to a list of my laptop's known hosts (using RSA which is the safest of the 3 authentication methods used by ssh) and I should do the reverse to authenticate my laptop in my main machine. Is that so ? Anyway, many thanks, you are a good teacher ans SuSE a good linux distro. -- ________________ Paul Ollion Proud Linux user - SuSE - 9.1