Re: OpenSSH_6.7p1 hostbased authentication failing on linux->linux connection. what's wrong with my config?

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



On Fri, 9 Jan 2015, grantksupport@xxxxxxxxxxxxx wrote:

| @client
| 
| as root (as before)
| 
| 	ssh server.DOMAIN.COM
| 		Permission denied (hostbased).
| 
| instead, as my user, fails differently for some reason,
| 
| 	ssh server.DOMAIN.COM
| 		...
| 		no matching hostkey found for key ED25519 xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx
| 		ssh_keysign: no reply
| 		key_sign failed
| 		Permission denied (hostbased).

I use hostbased auth here extensively and have for years. On my machines
here, hostbased does not work as root but does as a regular user.

Another thing that has not been mentioned in the thread so far is the
need for properly configured DNS when using hostbased.

If you nslookup the client does it show a single IP?
If you nslookup the IP, does it return the client name?
Does the name and IP match what is in ssh_known_hosts on the server?
Does the client's entry in the server's ssh_known_hosts file have both
the hostname and the FQDN?

If you nslookup the server does it show a single IP?
If you nslookup the IP, does it return the server name?


-- 
Tim Rice				Multitalents
tim@xxxxxxxxxxxxxxxx


_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev



[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux