FreeBSD, SSH and "Enter Authentication Response"
Ruben de Groot
mail25 at bzerk.org
Tue Jan 13 04:27:17 PST 2004
On Tue, Jan 13, 2004 at 11:55:50AM +0000, Matthew Seaman typed:
> On Mon, Jan 12, 2004 at 01:32:30PM -0800, Rishi Chopra wrote:
> > I have a nitpicky question about logging into a FreeBSD machine and
> > SSH. I'm using a minimal FreeBSD install and SSH Secure Shell client
> > v3.2.0 - the crux of the problem is I am unable to "smoothly" login.
>
> Which FreeBSD version? And are you running the OpenSSH server
> supplied with the system or one from ports?
Judging by name and version number, I think he's not running OpenSSH
at all, but the other ssh implementation from ssh.org
> > When I login to my machine, I'm prompted to enter an "authentication
> > response". A window is displayed with "Enter Authentication Response"
> > in the title bar, and two buttons at the bottom ('OK' and 'Cancel') -
> > the text says:
> >
> > Enter your authentication response.
> > Password:
>
> Sounds like you've got the PAM based challenge-response authentication
> enabled in your /etc/ssh/sshd_config (which is the default), but
> your /etc/pam.conf (FreeBSD 4.x) or /etc/pam.d (FreeBSD 5.x) has a
> modified configuration.
>
> Here are a couple of things to try --
>
> Turn off Challenge-response authentication in /etc/ssh/sshd_config
>
> Change:
>
> #ChallengeResponseAuthentication yes
>
> to
>
> ChallengeResponseAuthentication no
>
> and then:
>
> # kill -HUP `cat /var/run/sshd.pid`
>
> to get it to reread the config.
>
> -- or --
>
> Double check the PAM settings: they should look like this in /etc/pam.conf
>
> # OpenSSH with PAM support requires similar modules. The session one is
> # a bit strange, though...
> sshd auth sufficient pam_skey.so
> sshd auth sufficient pam_opie.so no_fake_prompts
> #sshd auth requisite pam_opieaccess.so
> #sshd auth sufficient pam_kerberosIV.so try_first_pass
> #sshd auth sufficient pam_krb5.so try_first_pass
> sshd auth required pam_unix.so try_first_pass
> sshd account required pam_unix.so
> sshd password required pam_permit.so
> sshd session required pam_permit.so
>
> The /etc/pam.d case is similar, except you should have a file called
> 'sshd' in that directory, whose contents are similar, but without the
> 'sshd' entries in the first column.
>
> Cheers,
>
> Matthew
>
>
> --
> Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks
> Savill Way
> PGP: http://www.infracaninophile.co.uk/pgpkey Marlow
> Tel: +44 1628 476614 Bucks., SL7 1TH UK
More information about the freebsd-questions
mailing list