[SOLVED] Help please: how to enable SSH password authentication under FreeBSD 6.2? Solved - but not in an expected way

Olaf Greve o.greve at axis.nl
Tue Feb 13 13:32:01 UTC 2007

Hi all,

To cut to the chase, I 'solved' the issue, or rather, the mystery around 
it at least, but the 'solution' was not quite as expected.

I tried both suggestions given.


> It rather looks like putty is checking the server key with the older one
> (you mentioned you reinstalled the box).

Well... Yes and no.
Yes: the box was 'reinstalled', but completely cleanly, with a newer 
FreeBSD version (i.e. 6.2 vs. 5.3), and using a completely different IP 
address. Given those parameters, it's better to call it a clean install. :P

Also, PuTTY never got to the stage where it infomrmed me that a new host 
was found and if I wanted to store the fingerprint. Instead, it directly 
bailed out with a message like 'Host key not found' (or something like 

> try to delete the know_host entry in the register database (look for the
> entry start->run->regedit then look for the "SshHostKeys" entry and delete
> the old key).
> This should fix your pb ;)

I did so anyway and it didn't seem to make a difference. I kept getting 
the same error.

Then I tried the other suggestion:

 ># Change to no to disable PAM authentication
 >ChallengeResponseAuthentication no

I did that (trying setting it to 'yes' as well as 'no') and this too, 
did not seem to make a difference.

Nowwww, normally PuTTY gives me the 'host key' error some 3 times or so 
before properly finding any host, so I'm used to that. On the new box, I 
tried it easily 15 times in a row before posing the question yesterday.

Today I gave it a longer pounding, and lo and behold: all of a sudden 
after some 30 attempts it worked! Then, I tried switching the 
ChallengeResponseAuthentication to the opposite value it was set at, 
gave it again a pouding of around 20 attempts, and again 1 succeeded. I 
tried reproducing my 'luck', but some 40 further attempts all yielded no 

It then dawned on me that it might be simply PuTTY that is causing the 
errors, and indeed, I tried Tunnelier and it works a charm (with and 
without PAM), and during all atempts I made, it directly logged in 
without any issues.

Conclusion (or assumption, if you will): there seem to be some major 
incompatibility issues between PuTTY and FreeBSD 6.2's bundled SSH version.

Of course it is easy enough to use a different client at home, it's just 
that when abroad and wanting to check the machine, it is handy to 
quickly download PuTTY.exe and have a quick check without having to 
install a complete program...

Oh well, at least it works now, and I know the box was (and still is) 
configured correctly, and I have found a good work-around (i.e. using a 
better SSH client than PuTTY).

Cheers, and thanks for baring with me,

More information about the freebsd-questions mailing list