Strange SFTP and PAM failure
matthew at FreeBSD.org
Thu Aug 20 21:30:28 UTC 2015
On 20/08/2015 21:50, Jaime Kikpole wrote:
> When I tried to make one of these failed connections, I saw this in
> Aug 20 16:37:48 apps sshd: error: PAM: authentication error for
> <<username>> from <<IP of PowerSchool>>
> Aug 20 16:37:48 apps sshd: error: Received disconnect from <<IP
> of PowerSchool>>: 3: com.jcraft.jsch.JSchException: Auth cancel
> Any idea what might be causing this?
Do you know what JDK is being used? IIRC OpenJDK-7 doesn't provide all
the up to date and still considered secure ciphers. OpenJDK-8 might
work better for you. So, for instance if you look at
and scroll down to the section showing browser compatibility, you'll see
Java 6 and Java 7 won't work. Now, SSH connections do not use TLS per
se, but the principle is the same: disabling the older, less secure
ciphers can result in older clients being locked out.
There's some interesting discussion on
https://stribika.github.io/2015/01/04/secure-secure-shell.html about why
you might want to do that and how to maximize your security. Note:
blindly following the changes given in that blog posting probably *will*
*not* help with your problem -- quite the reverse in fact. It's
relevant here solely because of the explanations about what ciphers can
still be trusted.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 957 bytes
Desc: OpenPGP digital signature
More information about the freebsd-questions