Am 23.12.2011 17:21, schrieb Daniel Bossert: > On 12/23/2011 05:11 PM, Reindl Harald wrote: >> Am 23.12.2011 17:07, schrieb Daniel Bossert: >>> # Change to no to disable s/key passwords >>> #ChallengeResponseAuthentication yes >>> ChallengeResponseAuthentication no >> so why are you doing this if you want password-login? > I know I had e mess... I changed to yes; even though it isn't working... well, i read from top to post and stop after the first error Dec 23 17:01:59 merkur sshd[9744]: error: Could not get shadow information for daniel privude output of the follwoing commands: cat /etc/shadow | grep daniel cat /etc/passwd | grep daniel stat /etc/shadow stat /etc/passwd ______________________________________________ for ssh permissions are very important if they are messed up and too open it refuses /etc/passwd Zugriff: (0644/-rw-r--r--) /etc/shadow Zugriff: (0400/-r--------) ______________________________________________ however - this is a working sshd-config with password AND key-authentication, root allowed only with key and copied from a production server changed to your username in the allowed list this is a CLEANED configuration without millions of comments and nor random values by default Port 22 Protocol 2 AddressFamily inet ListenAddress 0.0.0.0 SyslogFacility AUTHPRIV PasswordAuthentication yes ChallengeResponseAuthentication yes GSSAPIAuthentication no GSSAPICleanupCredentials no X11Forwarding no RSAAuthentication yes PubkeyAuthentication yes PermitEmptyPasswords no PermitRootLogin without-password AllowGroups root users AllowUsers root daniel IgnoreRhosts yes HostbasedAuthentication no RhostsRSAAuthentication no StrictModes yes UseDNS no AllowTcpForwarding no TCPKeepAlive yes KeepAlive yes ClientAliveCountMax 10 ClientAliveInterval 20 UsePrivilegeSeparation yes Compression yes UsePAM yes LoginGraceTime 45 MaxAuthTries 5 MaxStartups 25 AuthorizedKeysFile .ssh/authorized_keys AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT AcceptEnv LC_IDENTIFICATION LC_ALL Subsystem sftp internal-sftp
Attachment:
signature.asc
Description: OpenPGP digital signature
-- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org