 |
 |
Hello, Thanks for the reply. I don't know if you had my previous message where I mentioned that my tests (GSS and SSH) where succesful only once each. and now I have issues trying to reproduce them. So I encounter problems performing the commands you suggested. Did you mean port 22 or 222 ? and I guess that I have to specify the port in the second command, right ? So, what I got is: /usr/sbin/sshd -d -d -d -p 222& debug2: load_server_config: done config len = 735 debug2: parse_server_config: config /etc/ssh/sshd_config len 735 debug3: /etc/ssh/sshd_config:5 setting Port 22 debug3: /etc/ssh/sshd_config:9 setting Protocol 2 debug3: /etc/ssh/sshd_config:11 setting HostKey /etc/ssh/ssh_host_rsa_key debug3: /etc/ssh/sshd_config:12 setting HostKey /etc/ssh/ssh_host_dsa_key debug3: /etc/ssh/sshd_config:13 setting HostKey /etc/ssh/ssh_host_ecdsa_key debug3: /etc/ssh/sshd_config:15 setting UsePrivilegeSeparation no debug3: /etc/ssh/sshd_config:18 setting KeyRegenerationInterval 3600 debug3: /etc/ssh/sshd_config:19 setting ServerKeyBits 768 debug3: /etc/ssh/sshd_config:22 setting SyslogFacility AUTH debug3: /etc/ssh/sshd_config:23 setting LogLevel INFO debug3: /etc/ssh/sshd_config:26 setting LoginGraceTime 120 debug3: /etc/ssh/sshd_config:27 setting PermitRootLogin yes debug3: /etc/ssh/sshd_config:28 setting StrictModes yes debug3: /etc/ssh/sshd_config:30 setting RSAAuthentication yes debug3: /etc/ssh/sshd_config:31 setting PubkeyAuthentication yes debug3: /etc/ssh/sshd_config:35 setting IgnoreRhosts yes debug3: /etc/ssh/sshd_config:37 setting RhostsRSAAuthentication no debug3: /etc/ssh/sshd_config:39 setting HostbasedAuthentication no debug3: /etc/ssh/sshd_config:44 setting PermitEmptyPasswords no debug3: /etc/ssh/sshd_config:48 setting ChallengeResponseAuthentication no debug3: /etc/ssh/sshd_config:60 setting GSSAPIAuthentication yes debug3: /etc/ssh/sshd_config:61 setting GSSAPIStrictAcceptorCheck no debug3: /etc/ssh/sshd_config:64 setting X11Forwarding yes debug3: /etc/ssh/sshd_config:65 setting X11DisplayOffset 10 debug3: /etc/ssh/sshd_config:66 setting PrintMotd no debug3: /etc/ssh/sshd_config:67 setting PrintLastLog yes debug3: /etc/ssh/sshd_config:68 setting TCPKeepAlive yes debug3: /etc/ssh/sshd_config:75 setting AcceptEnv LANG LC_* debug3: /etc/ssh/sshd_config:77 setting Subsystem sftp /usr/lib/openssh/sftp-server debug3: /etc/ssh/sshd_config:88 setting UsePAM yes debug1: sshd version OpenSSH_5.9p1 Debian-5+moonshot5 debug3: Incorrect RSA1 identifier debug1: read PEM private key done: type RSA debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048 debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048 debug1: private host key: #0 type 1 RSA debug3: Incorrect RSA1 identifier debug1: read PEM private key done: type DSA debug1: Checking blacklist file /usr/share/ssh/blacklist.DSA-1024 debug1: Checking blacklist file /etc/ssh/blacklist.DSA-1024 debug1: private host key: #1 type 2 DSA debug3: Incorrect RSA1 identifier debug1: read PEM private key done: type ECDSA debug1: Checking blacklist file /usr/share/ssh/blacklist.ECDSA-256 debug1: Checking blacklist file /etc/ssh/blacklist.ECDSA-256 debug1: private host key: #2 type 3 ECDSA debug1: rexec_argv[0]='/usr/sbin/sshd' debug1: rexec_argv[1]='-d' debug1: rexec_argv[2]='-d' debug1: rexec_argv[3]='-d' debug1: rexec_argv[4]='-p' debug1: rexec_argv[5]='22' debug3: oom_adjust_setup Set /proc/self/oom_score_adj from 0 to -1000 debug2: fd 3 setting O_NONBLOCK debug1: Bind to port 22 on 0.0.0.0. Server listening on 0.0.0.0 port 22. debug2: fd 4 setting O_NONBLOCK debug3: sock_set_v6only: set socket 4 IPV6_V6ONLY debug1: Bind to port 22 on ::. Server listening on :: port 22. *And for the second command :**ssh [log in to unmask]* (I removed the "-p" option because it's not working with or without the port explicitly mentioned) debug3: fd 5 is not O_NONBLOCK debug1: Server will not fork when running in debugging mode. debug3: send_rexec_state: entering fd = 8 config len 735 debug3: ssh_msg_send: type 0 debug3: send_rexec_state: done debug1: rexec start in 5 out 5 newsock 5 pipe -1 sock 8 debug1: inetd sockets after dupping: 3, 3 Connection from 127.0.0.1 port 39635 debug1: Client protocol version 2.0; client software version OpenSSH_5.9p1 Debian-5+moonshot5 debug1: match: OpenSSH_5.9p1 Debian-5+moonshot5 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_5.9p1 Debian-5+moonshot5 debug2: fd 3 setting O_NONBLOCK debug1: list_hostkey_types: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug2: kex_parse_kexinit: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256 debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[log in to unmask] debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[log in to unmask] debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[log in to unmask],hmac-sha2-256,hmac-sha2-256-96,hmac-sha2-512,hmac-sha2-512-96,hmac-ripemd160,[log in to unmask],hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[log in to unmask],hmac-sha2-256,hmac-sha2-256-96,hmac-sha2-512,hmac-sha2-512-96,hmac-ripemd160,[log in to unmask],hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: none,[log in to unmask] debug2: kex_parse_kexinit: none,[log in to unmask] debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: kex_parse_kexinit: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: [log in to unmask],[log in to unmask],[log in to unmask],ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,[log in to unmask],[log in to unmask],[log in to unmask],[log in to unmask],ssh-rsa,ssh-dss debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[log in to unmask] debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,[log in to unmask] debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[log in to unmask],hmac-sha2-256,hmac-sha2-256-96,hmac-sha2-512,hmac-sha2-512-96,hmac-ripemd160,[log in to unmask],hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,[log in to unmask],hmac-sha2-256,hmac-sha2-256-96,hmac-sha2-512,hmac-sha2-512-96,hmac-ripemd160,[log in to unmask],hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: none,[log in to unmask],zlib debug2: kex_parse_kexinit: none,[log in to unmask],zlib debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: mac_setup: found hmac-md5 debug1: kex: client->server aes128-ctr hmac-md5 none debug2: mac_setup: found hmac-md5 debug1: kex: server->client aes128-ctr hmac-md5 none debug1: expecting SSH2_MSG_KEX_ECDH_INIT debug2: kex_derive_keys debug2: set_newkeys: mode 1 debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug2: set_newkeys: mode 0 debug1: SSH2_MSG_NEWKEYS received debug1: KEX done debug1: userauth-request for user moonshot service ssh-connection method none debug1: attempt 0 failures 0 debug3: Trying to reverse map address 127.0.0.1. debug2: parse_server_config: config reprocess config len 735 debug2: input_userauth_request: setting up authctxt for moonshot debug1: PAM: initializing for "moonshot" debug1: PAM: setting PAM_RHOST to "localhost" debug1: PAM: setting PAM_TTY to "ssh" debug2: input_userauth_request: try method none Failed none for moonshot from 127.0.0.1 port 39635 ssh2 debug1: userauth-request for user moonshot service ssh-connection method gssapi-with-mic debug1: attempt 1 failures 0 debug2: input_userauth_request: try method gssapi-with-mic Postponed gssapi-with-mic for moonshot from 127.0.0.1 port 39635 ssh2 debug1: Got no client credentials CTRL-EVENT-EAP-STARTED EAP authentication started debug1: Unspecified GSS failure. Minor code may provide more information 8: 111 (Connexion refus\303\251e) (tcp.c:196) debug1: Got no client credentials Failed gssapi-with-mic for moonshot from 127.0.0.1 port 39635 ssh2 debug1: userauth-request for user moonshot service ssh-connection method gssapi-with-mic debug1: attempt 2 failures 1 debug2: input_userauth_request: try method gssapi-with-mic Postponed gssapi-with-mic for moonshot from 127.0.0.1 port 39635 ssh2 debug1: Got no client credentials CTRL-EVENT-EAP-STARTED EAP authentication started debug1: Unspecified GSS failure. Minor code may provide more information 9: 111 (Connexion refus\303\251e) (tcp.c:196) debug1: Got no client credentials Failed gssapi-with-mic for moonshot from 127.0.0.1 port 39635 ssh2 [log in to unmask] password: *So It stops on the password request...* Can you provide me with a new or suitable sshd_config file? I don't know if my system admin broke something while editing it. Thank you, Le 06/08/13 21:02, Sam Hartman a écrit : > please try something like > /usr/sbin/sshd -d -d -d -p 222& > ssh -p moonshot@<hostname> > -- *Mehdi HACHED* Services applicatifs aux utilisateurs Middleware services Tel : +33 2 23 23 69 38 Fax : +33 2 23 23 71 11 www.renater.fr <http;//www.renater.fr>