Hi, folks,
I'd like to get host based ssh authentication working within
all the gentoo boxes on my home network. I've had no
success yet - I hope someone can enlighten me!
What I've done so far on the server side is:
set HostbasedAuthentication yes in sshd_config
set HostbasedAuthentication yes in ssh_config
added /etc/ssh/shosts.equiv containing names of client boxes
added /etc/ssh/ssh_known_hosts containing public host keys of
client boxes
Client boxes are configured similarly.
When I try to ssh from one box to another, I always get a request
for a password, which is what I'm trying to avoid.
Below is an excerpt from an attempt to ssh from one box to another
while requesting the maximum amount of debugging info. It looks
like ssh is trying to use host based authentication, but for some
reason it fails. I'd appreciate any ideas about what might be
going wrong.
John Blinka
debug3: check_host_in_hostfile: filename /root/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 5
debug3: check_host_in_hostfile: filename /root/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 5
debug1: Host 'tobey' is known and matches the RSA host key.
debug1: Found key in /root/.ssh/known_hosts:5
debug2: bits set: 469/1024
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /root/.ssh/identity ((nil))
debug2: key: /root/.ssh/id_rsa (0x8095528)
debug2: key: /root/.ssh/id_dsa (0x80964c0)
debug1: Authentications that can continue:
publickey,keyboard-interactive,hostbased
debug3: start over, passed a different list
publickey,keyboard-interactive,hostbased
debug3: preferred hostbased,publickey,keyboard-interactive,password
debug3: authmethod_lookup hostbased
debug3: remaining preferred: publickey,keyboard-interactive,password
debug3: authmethod_is_enabled hostbased
debug1: Next authentication method: hostbased
debug2: userauth_hostbased: chost lotus.bluebar.org.
debug2: we sent a hostbased packet, wait for reply
debug1: Authentications that can continue:
publickey,keyboard-interactive,hostbased
debug2: userauth_hostbased: chost lotus.bluebar.org.
debug2: we sent a hostbased packet, wait for reply
debug1: Authentications that can continue:
publickey,keyboard-interactive,hostbased
debug1: No more client hostkeys for hostbased authentication.
debug2: we did not send a packet, disable method
--
gentoo-user@gentoo.org mailing list
