linux-l: Wer hat SSH richtig verstanden...,

Mike Fehla mike.fehla at gmx.de
Mi Sep 12 01:42:51 CEST 2001 

> Du kompilierst ssh selbst? Warum? Du solltest das Paket Deiner
> Distribution nehmen. Vorteil: Es ist passend in das Authentifizierungs-
> Konzept eingegliedert.

Na klar! Ich wills doch wissen und lernen. Und von Distries will ich
mich nicht abhängig machen. Aber wie ist das nun mit der Eingliederung
des Authentifizierungskonzeptes??
 
> Versuchst Du Dich als normaler user, oder als root, einzuloggen?
> Was sagt die Ausgabe von "ssh -v DeinUserName at ferner.rechner.de"?


Ich habe beides probiert. Aber zumindest sollte der User-login klappen.
Vorher habe ich als User auf dem Server mittels "ssh-keygen" das
Schlüsselpaar erzeugen lassen, und beide Varianten durchprobiert, einmal
ein Passwort angegeben und ein anderes Mal nur nur "durchgeentert".
Jedesmal ist die Passwortabfrage fehlgeschlagen. Aber kannste ja mal
selbst nachlesen.

Danke, Mike

Folgendes (Achtung wird ziemlich lang):

[fehla at hyper fehla]$ ssh -v fehla at server
OpenSSH_2.5.2p2, SSH protocols 1.5/2.0, OpenSSL 0x0090600f
debug1: Seeding random number generator
debug1: Rhosts Authentication disabled, originating port will not be
trusted.
debug1: ssh_connect: getuid 503 geteuid 0 anon 1
debug1: Connecting to server [192.168.100.1] port 22.
debug1: Connection established.
debug1: unknown identity file /home/fehla/.ssh/identity
debug1: identity file /home/fehla/.ssh/identity type -1
debug1: unknown identity file /home/fehla/.ssh/id_rsa
debug1: identity file /home/fehla/.ssh/id_rsa type -1
debug1: unknown identity file /home/fehla/.ssh/id_dsa
debug1: identity file /home/fehla/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version
OpenSSH_2.9p1
debug1: match: OpenSSH_2.9p1 pat ^OpenSSH
Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_2.5.2p2
debug1: send KEXINIT
debug1: done
debug1: wait KEXINIT
debug1: got kexinit:
diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1debug1: got
kexinit: ssh-rsa
debug1: got kexinit:
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael128-cbc,rijndael192-cbc,rijndael256-cbc,rijndael-cbc at lysator.liu.se
debug1: got kexinit:
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael128-cbc,rijndael192-cbc,rijndael256-cbc,rijndael-cbc at lysator.liu.se
debug1: got kexinit:
hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160 at openssh.com,hmac-sha1-96,hmac-md5-96
debug1: got kexinit:
hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160 at openssh.com,hmac-sha1-96,hmac-md5-96
debug1: got kexinit: none,zlib
debug1: got kexinit: none,zlib
debug1: got kexinit:
debug1: got kexinit:
debug1: first kex follow: 0
debug1: reserved: 0
debug1: done
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: Sending SSH2_MSG_KEX_DH_GEX_REQUEST.
debug1: Wait SSH2_MSG_KEX_DH_GEX_GROUP.
debug1: Got SSH2_MSG_KEX_DH_GEX_GROUP.
debug1: dh_gen_key: priv key bits set: 130/256
debug1: bits set: 1013/2049
debug1: Sending SSH2_MSG_KEX_DH_GEX_INIT.
debug1: Wait SSH2_MSG_KEX_DH_GEX_REPLY.
debug1: Got SSH2_MSG_KEXDH_REPLY.
The authenticity of host 'server (192.168.100.1)' can't be established.
RSA key fingerprint is fc:4a:95:86:82:86:0c:3d:54:0f:1e:a6:3c:28:ae:df.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'server,192.168.100.1' (RSA) to the list of
known hosts.
debug1: bits set: 1016/2049
debug1: ssh_rsa_verify: signature correct
debug1: Wait SSH2_MSG_NEWKEYS.
debug1: GOT SSH2_MSG_NEWKEYS.
debug1: send SSH2_MSG_NEWKEYS.
debug1: done: send SSH2_MSG_NEWKEYS.
debug1: done: KEX2.
debug1: send SSH2_MSG_SERVICE_REQUEST
debug1: service_accept: ssh-userauth
debug1: got SSH2_MSG_SERVICE_ACCEPT
debug1: authentications that can continue:
publickey,password,keyboard-interactivedebug1: next auth method to try
is publickey
debug1: try privkey: /home/fehla/.ssh/identity
debug1: try privkey: /home/fehla/.ssh/id_rsa
debug1: try privkey: /home/fehla/.ssh/id_dsa
debug1: next auth method to try is password
fehla at server's password:
debug1: authentications that can continue:
publickey,password,keyboard-interactivePermission denied, please try
again.
fehla at server's password:
debug1: authentications that can continue:
publickey,password,keyboard-interactivePermission denied, please try
again.
fehla at server's password:
debug1: authentications that can continue:
publickey,password,keyboard-interactivedebug1: next auth method to try
is keyboard-interactive
debug1: authentications that can continue:
publickey,password,keyboard-interactivedebug1: authentications that can
continue: publickey,password,keyboard-interactivedebug1: authentications
that can continue: publickey,password,keyboard-interactivedebug1: no
more auth methods to try
Permission denied (publickey,password,keyboard-interactive).
debug1: Calling cleanup 0x8061610(0x0)

Mehr Informationen über die Mailingliste linux-l