Re: ssh & X11 Authentication Issue - Advice Please

To: debian-user@lists.debian.org
Subject: Re: ssh & X11 Authentication Issue - Advice Please
From: Cristian Gutierrez <crgutier@dcc.uchile.cl>
Date: Wed, 17 Dec 2003 20:58:06 -0300
Message-id: <[🔎] 87d6anq9o1.fsf@guti.no-ip.org>
Reply-to: crgutier@dcc.uchile.cl
In-reply-to: <[🔎] ac692490.0312170948.32e95d18@posting.google.com> (trevor@yarde.com's message of "17 Dec 2003 09:48:07 -0800")
References: <[🔎] ac692490.0312160939.73669251@posting.google.com> <[🔎] 8765gg9q57.fsf@guti.no-ip.org> <[🔎] ac692490.0312170948.32e95d18@posting.google.com>

Anonymous coward <trevor@yarde.com> writes:

>>Anonymous coward <trevor@yarde.com> writes: I have to admit that is
>>funny =)
>
>>I would first check /etc/ssh/sshd_config in `aspen', and see if
>>"ChallengeResponseAuthentication" is enabled.
>
>I made this change in my $home/.ssh/config file. If I am not mistake,
>I am fairly new to this ssh stuff, this would be my user config that
>would take presidence over my system wide settings.
>
>$home/.ssh/config
>ForwardAgent yes
>ForwardX11 yes
>ChallengeResponseAuthentication yes  <-- I just entered this - no
>noticable change

Hi there.

What I really meant was to check if ChallengeResponseAuthentication was
enabled in the _server_ config, usually /etc/ssh/sshd_config (note the
"d"). ~/.ssh/config is read only by your ssh client, on the machine
which starts the connection (and overrides /etc/ssh/ssh_config, IIRC).

If the server has it disabled, you can fiddle for ages with your user
settings without change ;-)

>Chris,
>I also made a change and added the 'PasswordAuthenticaton no', for
>testing. At this point I can get to the 1st server, but then I am
>denied access to the other servers. This has me thinking that maybe my
>keys are botched up a bit ? Maybe I need to start from scratch on
>setting this up.. or perhals simply add more keys..

I don't think so. If your setup was workin with server A but not with B,
I'll rather check:

- Vendor (SSH/OpenSSH) and version (2.x.y, 3.z.w, etc) of sshd in each
  server.
- ssh server config's differences between A and B; this includes
  * enabled authentication methods
  * SSH protocol version (1 and/or 2) enabled
- If possible, sshd's logs of connection attempts to A and B (note:
  server logs, you'll need superuser privileges for this)

>X11 forwarding is not the problem, this is for X... correct ?  the
>authentication issue.. that is bothering me is the password
>prompting..  That would be key related .. ??

Exactly. You can have (or not) X11 forwarding regardless of the
authentication method being used. Compression is (almost always) nice
also :-)

-- 
Cristian Gutierrez			http://www.dcc.uchile.cl/~crgutier
crgutier[@]dcc.uchile.cl                        Jabber:crgutier@jabber.org

"Profanity is the one language all programmers know best."

Reply to:

References:
- ssh & X11 Authentication Issue - Advice Please
  - From: trevor@yarde.com (Trev)
- Re: ssh & X11 Authentication Issue - Advice Please
  - From: Cristian Gutierrez <crgutier@dcc.uchile.cl>
- Re: ssh & X11 Authentication Issue - Advice Please
  - From: trevor@yarde.com (Trev)

Prev by Date: Re: HOWTO paste to dos
Next by Date: soundless in kazaa
Previous by thread: Re: ssh & X11 Authentication Issue - Advice Please
Next by thread: Re: ssh & X11 Authentication Issue - Advice Please
Index(es):
- Date
- Thread