Chris Majewski wrote: > > This part: > > "debug: RSA authentication using agent refused." > > looks bad. However, the fact that you enabled "PermitEmptyPasswords" > in your sshd suggests that you should still be able to login. Maybe > your ssh client can't deal with the empty password?
Unlikely, because when I try to login into my old slink machine with an empty password, I get the following: $ ssh -l viktor bart-ad -v SSH Version OpenSSH-1.2.3, protocol version 1.5. Compiled with SSL. debug: Reading configuration data /home/viktor/.ssh/config debug: Applying options for * debug: Reading configuration data /etc/ssh/ssh_config debug: Applying options for * debug: ssh_connect: getuid 1000 geteuid 1000 anon 1 debug: Connecting to bart-ad [192.168.0.28] port 22. debug: Connection established. debug: Remote protocol version 1.5, remote software version 1.2.26 debug: Waiting for server public key. debug: Received server public key (768 bits) and host key (1024 bits). debug: Host 'bart-ad' is known and matches the host key. debug: Encryption type: 3des debug: Sent encrypted session key. debug: Installing crc compensation attack detector. debug: Received encrypted confirmation. debug: Remote: Login permitted without a password because the account has no password. debug: Requesting compression at level 6. debug: Enabling compression at level 6. debug: Requesting pty. debug: Requesting X11 forwarding with authentication spoofing. debug: Requesting shell. debug: Entering interactive session. See the "debug: Login permitted without a password because the account has no password"? I would expect to see a similar message. > Do your ssh and sshd versions match? I have a slink machine with sshd 1.2.26 and a woody machine with sshd version OpenSSH-1.2.3 and ssh version OpenSSH-1.2.3. All login attempts are made from the woody machine (OpenSSH). Connects to the old ssh daemon on the slink machine work, connects to the matching OpenSSH daemon on the woody machine work not. > If you have the files under ~/.ssh/ set up properly, you shouldn't > even be prompted for the password -- a passphrase, maybe. Exactly. That's the behavior I want to achieve. Viktor -- Viktor Rosenfeld WWW: http://www.informatik.hu-berlin.de/~rosenfel/ Geek Code (3.1): GCS/SS d-@ s+: a20 C++@ UL++$ P+ L+++ E--- W++ N++ o? K? !W O? M? V? PS++@ PE+(-) Y+ P?(+++) t+ 5+ X- R? !tv b+ DI+ D- G e>+++ h-- r- !y+
