I'm running openssh-3.1p1-6 on RedHat 7.2. I have the following options in my sshd_config:
RhostsAuthentication no # # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts RhostsRSAAuthentication no # similar for protocol version 2 HostbasedAuthentication no # RSAAuthentication yes # To disable tunneled clear text passwords, change to no here! PasswordAuthentication no PermitEmptyPasswords no So, as configured, I should only be allowed to login in if I have a public key from the remote host in the $HOME/.ssh/authorized_keys2 file on this computer. Well, this was working as configured until I played with WiredX (http://www.wiredx.net) and their JCTerm program. Somehow, using the JCTerm, my sshd allowed password authentication to pass through. I then tried connecting from another remote host, and I was allowed in with password from there as well. I restarted sshd, and now it seems to be working properly again. Here's my /var/log/secure log: Mar 18 15:59:29 myhost sshd[19560]: Accepted publickey for jsu2 from 10.1.208.246 port 38037 ssh2 Mar 19 12:56:56 myhost sshd[12774]: Accepted publickey for jsu2 from 10.1.208.246 port 41440 ssh2 Mar 19 16:50:41 myhost sshd[3136]: Accepted publickey for jsu2 from 10.1.208.246 port 49428 ssh2 Mar 19 17:00:05 myhost sshd[4152]: Accepted publickey for jsu2 from 10.1.208.246 port 51405 ssh2 Mar 20 14:14:50 myhost sshd[31225]: Failed password for jsu2 from 10.1.209.219 port 1401 ssh2 This should not have happened: Mar 20 14:15:55 myhost sshd[31225]: Accepted password for jsu2 from 10.1.209.219 port 1401 ssh2 ^^^^^^^^^^^^^^^^^ Mar 20 14:30:59 myhost sshd[580]: Accepted publickey for jsu2 from 10.1.208.246 port 35165 ssh2 Mar 20 14:31:46 myhost sshd[745]: Failed keyboard-interactive for jsu2 from 10.1.212.139 port 3247 ssh2 This also should not have happened: Mar 20 14:31:50 myhost sshd[745]: Accepted password for jsu2 from 10.1.212.139 port 3247 ssh2 ^^^^^^^^^^^^^^^^^ I restarted: Mar 20 14:34:53 myhost sshd[26590]: Received signal 15; terminating. Mar 20 14:34:55 myhost sshd[1231]: Server listening on 0.0.0.0 port 22. And it started working properly again: Mar 20 14:35:18 myhost sshd[1236]: Failed keyboard-interactive for jsu2 from 10.1.212.139 port 3248 ssh2 Mar 20 14:35:18 myhost sshd[1236]: Connection closed by 10.1.212.139 Mar 20 14:35:43 myhost sshd[1303]: Failed keyboard-interactive for jsu2 from 10.1.212.139 port 3249 ssh2 Mar 20 14:35:43 myhost sshd[1303]: Connection closed by 10.1.212.139 Mar 20 14:37:11 myhost sshd[1433]: Failed password for jsu2 from 10.1.209.219 port 3774 ssh2 Mar 20 14:37:21 myhost sshd[1433]: Connection closed by 10.1.209.219 -- Jiann-Ming Su [EMAIL PROTECTED] 404-712-2603 Development Team Systems Administrator General Libraries Systems Division -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
