[SOLVED] Help please: how to enable SSH password authentication
under FreeBSD 6.2? Solved - but not in an expected way
Olaf Greve
o.greve at axis.nl
Tue Feb 13 13:32:01 UTC 2007
Hi all,
To cut to the chase, I 'solved' the issue, or rather, the mystery around
it at least, but the 'solution' was not quite as expected.
I tried both suggestions given.
Firstly:
> It rather looks like putty is checking the server key with the older one
> (you mentioned you reinstalled the box).
Well... Yes and no.
Yes: the box was 'reinstalled', but completely cleanly, with a newer
FreeBSD version (i.e. 6.2 vs. 5.3), and using a completely different IP
address. Given those parameters, it's better to call it a clean install. :P
Also, PuTTY never got to the stage where it infomrmed me that a new host
was found and if I wanted to store the fingerprint. Instead, it directly
bailed out with a message like 'Host key not found' (or something like
that).
> try to delete the know_host entry in the register database (look for the
> entry start->run->regedit then look for the "SshHostKeys" entry and delete
> the old key).
>
> This should fix your pb ;)
I did so anyway and it didn't seem to make a difference. I kept getting
the same error.
Then I tried the other suggestion:
># Change to no to disable PAM authentication
>ChallengeResponseAuthentication no
I did that (trying setting it to 'yes' as well as 'no') and this too,
did not seem to make a difference.
Nowwww, normally PuTTY gives me the 'host key' error some 3 times or so
before properly finding any host, so I'm used to that. On the new box, I
tried it easily 15 times in a row before posing the question yesterday.
Today I gave it a longer pounding, and lo and behold: all of a sudden
after some 30 attempts it worked! Then, I tried switching the
ChallengeResponseAuthentication to the opposite value it was set at,
gave it again a pouding of around 20 attempts, and again 1 succeeded. I
tried reproducing my 'luck', but some 40 further attempts all yielded no
score.
It then dawned on me that it might be simply PuTTY that is causing the
errors, and indeed, I tried Tunnelier and it works a charm (with and
without PAM), and during all atempts I made, it directly logged in
without any issues.
Conclusion (or assumption, if you will): there seem to be some major
incompatibility issues between PuTTY and FreeBSD 6.2's bundled SSH version.
Of course it is easy enough to use a different client at home, it's just
that when abroad and wanting to check the machine, it is handy to
quickly download PuTTY.exe and have a quick check without having to
install a complete program...
Oh well, at least it works now, and I know the box was (and still is)
configured correctly, and I have found a good work-around (i.e. using a
better SSH client than PuTTY).
Cheers, and thanks for baring with me,
Olafo
More information about the freebsd-questions
mailing list