[lug] ssh question

D. Stimits stimits at idcomm.com
Mon Jul 22 16:28:20 MDT 2002 

J. Wayde Allen wrote:
> I'm trying to log into a machine (running FreeBSD) by typing:
> 
>    ssh targetmachine.domain.org
> 
> my understanding is that this "should" connect me to the system using my
> current username, and in any other case I've tried this seems to work
> fine.  However, in this particular instance I get the following (recalled
> from memory as close as possible):
> 
>    wallen at localhost:~$ ssh targetmachine.domain.org
>    opt-MD5 wallen98127
>    S/Key Passord:
> 
> I'd expect to be asked for a password, but typing in the password for my
> account on the targetmachine doesn't work.  This just loops about four or
> five times before giving up.

The S/Key makes me think your private key was set to require a pass. 
This is a password to the key itself, set as a requirement during the 
key creation. I have never used S/Key, so I'm not sure exactly which 
keys are involved; perhaps it is only your key, perhaps it involves a 
machine key. I would look very closely at how the key was generated, and 
find out if there was a password requirement built into it. If I'm right 
about this, and the remote machine would require a password for the 
personal account itself, you'll end up with two password prompts: first 
the key pass, then the machine pass. If it is designed to allow you to 
login without a password on the machine itself (key-only auth), then you 
will still see a password required to use your key, but not the machine 
account.

> 
> My feeling is that the system is asking for an authentication key that I
> evidently don't have.  I've tried running ssh-keygen to create a key, but
> that didn't change anything.  I've also tried forcing a regular password
> login using:

Make sure that during the key generation that you told it to not require 
passwords.

D. Stimits, stimits @ idcomm.com

> 
>    ssh -o "ChallengeResponseAuthentication no" targetmachine
>    ssh -o "PasswordAuthentication yes" targetmachine
>    ssh -o "PreferredAuthentications password" targetmachine
>    ssh -o "PubkeyAuthentication no" targetmachine
> 
> None of these seems to change the kind of message I get back.  Any ideas
> ...?
> 
> - Wayde
>   (wallen at lug.boulder.co.us)
> 
> _______________________________________________
> Web Page:  http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> Join us on IRC: lug.boulder.co.us port=6667 channel=#colug
> 
>

More information about the LUG mailing list