Help please: how to enable SSH password authentication under FreeBSD 6.2?

Garrett Cooper youshi10 at
Mon Feb 12 15:10:56 UTC 2007

Olaf Greve wrote:
> Hi guys,
> (Firstly: I posted this message well over an hour ago, and it does not 
> seem to have come through, in case you recieve this twice, then I'm 
> sorry for that :P )
> Sorry to ask such a trivial question, and I'm positive it must have been
> treated here before, but I just can't remember how to do it exactly, and
> perhaps someone can give me a quick answer and spare me hours of further
> RTFM-ing. :P
> The issue:
> I'm (re-) installing my fall-back server, and selected FreeBSD 6.2 i386
> release (generic kernel, for now) for that. Now, I want to be able to
> access it using SSH (PuTTY, most often) from anywhere in the world, and
> hence would like to enable password authentication in SSH again.
> Therefore, I used the same /etc/ssh/sshd_config (as listed down below,
> with dummy names abc, def, and ghi in the AllowUsers line) as on my live
> server, where this works fine. However, when I try accessing it using
> PuTTY, PuTTY keeps failing mentioning something like 'host key check
> failed'. In the debug.log file on the fallback machine, I learnt that
> PuTTY only tries the SSH2 protocol, and doesn't fall back to SSH1 when
> it notices that that fails. On the live server (FreeBSD 5.4-release
> AMD64, custom kernel), this works a charm, and on that machine the
> debug.log file does mention PuTTY (yes, the very same as used for trying
> to connect to the fallback machine) that PuTTY falls back to SSH1 and
> uses PAM for authentication...
> The question:
> I recall having had this issue before, and I *think* the resolution was
> to enable PAM authentication or so outside of /etc/ssh/sshd_config. I
> thought to recall that I either did this in rc.conf (or the defaults for
> that), or in the custom kernel configuration. However, I couldn't find
> any hints to that anymore on the live box...:(
> Does anyone know how to get this going properly, and what it is that I'm
> overlooking?
> Tnx in advance and cheers!
> Olafo
> PS: the used /etc/ssh/sshd_config file's contents follows here:


Just looking at your config everything appears to be fine. If you don't 
have PAM enabled or don't want it enabled though you should uncomment 
this line in your config:

# Change to no to disable PAM authentication
ChallengeResponseAuthentication no

1) Did you restart your daemon?
2) Are you using the ssh available in the base system or ports?


More information about the freebsd-questions mailing list