Re: OpenSSH_6.7p1 hostbased authentication failing on linux->linux connection. what's wrong with my config?

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



On Fri, 9 Jan 2015, grantksupport@xxxxxxxxxxxxx wrote:

| 			OpenSSH_6.7p1, OpenSSL 1.0.1j 15 Oct 2014

| I have configured for hostbased authentication
| 
| 	client ssh_config
| 		...
| 		PreferredAuthentications           hostbased,publickey
| 		HostbasedAuthentication            yes
| 		PubkeyAuthentication               yes
| 		PasswordAuthentication             no
| 		...
| 
| 	server sshd_config
| 		...
| 		AuthenticationMethods              hostbased,publickey
| 		HostbasedAuthentication            yes
| 		HostbasedUsesNameFromPacketOnly    yes
| 		PubkeyAuthentication               yes
| 		PasswordAuthentication             no
| 		...
| 
| on the server, because I'm not entirely sure where to put it yet
| 
| 	echo "client.DOMAIN.COM" > /etc/shosts.equiv
| 	echo "client.DOMAIN.COM" > /usr/local/etc/shosts.equiv

| What's wrong or missing in my config?

My ssh_config has
Host *
  HostbasedAuthentication yes
  EnableSSHKeysign yes
  NoHostAuthenticationForLocalhost yes

NoHostAuthenticationForLocalhost is not necessary.
The one you are missing is EnableSSHKeysign.

Additionally, you made no mention of your ssh_known_hosts files. Make
sure the client's public keys are in the server's ssh_known_hosts file.


-- 
Tim Rice				Multitalents
tim@xxxxxxxxxxxxxxxx


_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev



[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux