+ Reply to Thread
Page 1 of 2 1 2 LastLast
Results 1 to 10 of 15

Permission denied (publickey,keyboard-interactive).

  1. Permission denied (publickey,keyboard-interactive).

    authenticating an user with ssh on AIX 5.3 64 bit machine.
    configured with openssl-0.98e,openssh-4.5P1.(ALL from source file not
    rpm package).

    for eg) say
    ssh -l hi 192.16.146.78
    gives me this error
    Permission denied (publickey,keyboard-interactive).

    can any one provide a solution to this problem.


  2. Re: Permission denied (publickey,keyboard-interactive).

    Hi,

    It is always a good idea to start a second sshd on the server
    of course in Debugmode on an other port, not as daemon, like

    sshd -D -p22000 -d (-d -d as much as you like)

    then do a ssh -v -p22000 on the client

    now there should be enough Information to splve the problem.

    regards

    Volker



    schrieb im Newsbeitrag
    news:1178823450.564954.35830@y80g2000hsf.googlegroups.com...
    > authenticating an user with ssh on AIX 5.3 64 bit machine.
    > configured with openssl-0.98e,openssh-4.5P1.(ALL from source file not
    > rpm package).
    >
    > for eg) say
    > ssh -l hi 192.16.146.78
    > gives me this error
    > Permission denied (publickey,keyboard-interactive).
    >
    > can any one provide a solution to this problem.
    >




  3. Re: Permission denied (publickey,keyboard-interactive).

    Hi,

    It is always a good idea to start a second sshd on the server
    of course in Debugmode on an other port, not as daemon, like

    sshd -D -p22000 -d (-d -d as much as you like)

    then do a ssh -v -p22000 on the client

    now there should be enough Information to splve the problem.

    regards

    Volker



    schrieb im Newsbeitrag
    news:1178823450.564954.35830@y80g2000hsf.googlegroups.com...
    > authenticating an user with ssh on AIX 5.3 64 bit machine.
    > configured with openssl-0.98e,openssh-4.5P1.(ALL from source file not
    > rpm package).
    >
    > for eg) say
    > ssh -l hi 192.16.146.78
    > gives me this error
    > Permission denied (publickey,keyboard-interactive).
    >
    > can any one provide a solution to this problem.
    >




  4. Re: Permission denied (publickey,keyboard-interactive).

    Volker,
    Thanks for your help.

    I have attached here with the logs (degug mode).
    I am not able to fix the problem.
    Kindly help to solve this problem.

    bash-3.00# /usr/sbin/sshd -D -p19879 -ddd
    debug2: load_server_config: filename /usr/etc/sshd_config
    debug2: load_server_config: done config len = 281
    debug2: parse_server_config: config /usr/etc/sshd_config len 281
    debug3: /usr/etc/sshd_config:22 setting HostKey /usr/etc/
    ssh_host_rsa_key
    debug3: /usr/etc/sshd_config:23 setting HostKey /usr/etc/
    ssh_host_dsa_key
    debug3: /usr/etc/sshd_config:57 setting PasswordAuthentication no
    debug3: /usr/etc/sshd_config:83 setting UsePAM yes
    debug3: /usr/etc/sshd_config:95 setting UsePrivilegeSeparation no
    debug3: /usr/etc/sshd_config:109 setting Subsystem sftp /usr/libexec/
    sftp-server
    debug1: sshd version OpenSSH_4.5p1
    debug3: Not a RSA1 key file /usr/etc/ssh_host_rsa_key.
    debug1: read PEM private key done: type RSA
    debug1: private host key: #0 type 1 RSA
    debug3: Not a RSA1 key file /usr/etc/ssh_host_dsa_key.
    debug1: read PEM private key done: type DSA
    debug1: private host key: #1 type 2 DSA
    Disabling protocol version 1. Could not load host key
    debug1: rexec_argv[0]='/usr/sbin/sshd'
    debug1: rexec_argv[1]='-D'
    debug1: rexec_argv[2]='-p19879'
    debug1: rexec_argv[3]='-ddd'
    debug2: fd 3 setting O_NONBLOCK
    debug1: Bind to port 19879 on 0.0.0.0.
    Server listening on 0.0.0.0 port 19879.
    debug2: fd 4 setting O_NONBLOCK
    debug1: Bind to port 19879 on ::.
    Bind to port 19879 on :: failed: Address already in use.
    debug1: fd 4 clearing O_NONBLOCK
    debug1: Server will not fork when running in debugging mode.
    debug3: send_rexec_state: entering fd = 7 config len 281
    debug3: ssh_msg_send: type 0
    debug3: send_rexec_state: done
    debug1: rexec start in 4 out 4 newsock 4 pipe -1 sock 7
    debug1: inetd sockets after dupping: 3, 3
    Connection from 172.16.146.210 port 32847
    debug1: Client protocol version 2.0; client software version
    OpenSSH_4.5
    debug1: match: OpenSSH_4.5 pat OpenSSH*
    debug1: Enabling compatibility mode for protocol 2.0
    debug1: Local version string SSH-2.0-OpenSSH_4.5
    debug2: fd 3 setting O_NONBLOCK
    debug1: list_hostkey_types: ssh-rsa,ssh-dss
    debug1: SSH2_MSG_KEXINIT sent
    debug1: SSH2_MSG_KEXINIT received
    debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-
    hellman-g
    roup-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-
    sha1
    debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
    debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-
    cbc,arcfour1
    28,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-
    cbc@lysator.liu.se,aes128-c
    tr,aes192-ctr,aes256-ctr
    debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-
    cbc,arcfour1
    28,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-
    cbc@lysator.liu.se,aes128-c
    tr,aes192-ctr,aes256-ctr
    debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-
    ripemd160@open
    ssh.com,hmac-sha1-96,hmac-md5-96
    debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-
    ripemd160@open
    ssh.com,hmac-sha1-96,hmac-md5-96
    debug2: kex_parse_kexinit: none,zlib@openssh.com
    debug2: kex_parse_kexinit: none,zlib@openssh.com
    debug2: kex_parse_kexinit:
    debug2: kex_parse_kexinit:
    debug2: kex_parse_kexinit: first_kex_follows 0
    debug2: kex_parse_kexinit: reserved 0
    debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-
    hellman-g
    roup-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-
    sha1
    debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
    debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-
    cbc,arcfour1
    28,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-
    cbc@lysator.liu.se,aes128-c
    tr,aes192-ctr,aes256-ctr
    debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-
    cbc,arcfour1
    28,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-
    cbc@lysator.liu.se,aes128-c
    tr,aes192-ctr,aes256-ctr
    debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-
    ripemd160@open
    ssh.com,hmac-sha1-96,hmac-md5-96
    debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-
    ripemd160@open
    ssh.com,hmac-sha1-96,hmac-md5-96
    debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
    debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
    debug2: kex_parse_kexinit:
    debug2: kex_parse_kexinit:
    debug2: kex_parse_kexinit: first_kex_follows 0
    debug2: kex_parse_kexinit: reserved 0
    debug2: mac_init: found hmac-md5
    debug1: kex: client->server aes128-cbc hmac-md5 none
    debug2: mac_init: found hmac-md5
    debug1: kex: server->client aes128-cbc hmac-md5 none
    debug1: SSH2_MSG_KEX_DH_GEX_REQUEST received
    debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent
    debug2: dh_gen_key: priv key bits set: 130/256
    debug2: bits set: 509/1024
    debug1: expecting SSH2_MSG_KEX_DH_GEX_INIT
    debug2: bits set: 497/1024
    debug1: SSH2_MSG_KEX_DH_GEX_REPLY sent
    debug2: kex_derive_keys
    debug2: set_newkeys: mode 1
    debug1: SSH2_MSG_NEWKEYS sent
    debug1: expecting SSH2_MSG_NEWKEYS
    debug2: set_newkeys: mode 0
    debug1: SSH2_MSG_NEWKEYS received
    debug1: KEX done
    debug1: userauth-request for user ji service ssh-connection method
    none
    debug1: attempt 0 failures 0
    debug3: Trying to reverse map address 172.16.146.210.
    debug2: parse_server_config: config reprocess config len 281
    debug3: AIX/loginrestrictions returned 0 msg (none)
    debug2: input_userauth_request: setting up authctxt for ji
    debug1: PAM: initializing for "ji"
    debug1: PAM: setting PAM_RHOST to "csm100.pam.com"
    debug2: input_userauth_request: try method none
    Failed none for ji from 172.16.146.210 port 32847 ssh2
    debug1: userauth-request for user ji service ssh-connection method
    publickey
    debug1: attempt 1 failures 1
    debug2: input_userauth_request: try method publickey
    debug1: test whether pkalg/pkblob are acceptable
    debug1: temporarily_use_uid: 204/0 (e=0/0)
    debug1: trying public key file /home/ji/.ssh/authorized_keys
    debug1: restore_uid: 0/0
    debug1: temporarily_use_uid: 204/0 (e=0/0)
    debug1: trying public key file /home/ji/.ssh/authorized_keys2
    debug1: restore_uid: 0/0
    debug2: userauth_pubkey: authenticated 0 pkalg ssh-rsa
    Failed publickey for ji from 172.16.146.210 port 32847 ssh2
    debug1: userauth-request for user ji service ssh-connection method
    keyboard-inte
    ractive
    debug1: attempt 2 failures 2
    debug2: input_userauth_request: try method keyboard-interactive
    debug1: keyboard-interactive devs
    debug1: auth2_challenge: user=ji devs=
    debug1: kbdint_alloc: devices 'pam'
    debug2: auth2_challenge_start: devices pam
    debug2: kbdint_next_device: devices
    debug1: auth2_challenge_start: trying authentication method 'pam'
    debug3: PAM: sshpam_init_ctx entering
    debug3: PAM: sshpam_query entering
    debug3: ssh_msg_recv entering
    debug3: PAM: sshpam_thread_conv entering, 1 messages
    debug3: ssh_msg_send: type 1
    debug3: ssh_msg_recv entering
    Postponed keyboard-interactive for ji from 172.16.146.210 port 32847
    ssh2
    debug2: PAM: sshpam_respond entering, 1 responses
    debug3: ssh_msg_send: type 6
    debug3: PAM: sshpam_query entering
    debug3: ssh_msg_recv entering
    debug1: do_pam_account: called
    debug3: PAM: do_pam_account pam_acct_mgmt = 17 (User account has
    expired)
    debug3: ssh_msg_send: type 17
    debug3: PAM: User account has expired
    PAM: User account has expired for ji from csm100.pam.com
    debug2: auth2_challenge_start: devices
    debug3: PAM: sshpam_free_ctx entering
    debug3: PAM: sshpam_thread_cleanup entering
    Failed keyboard-interactive/pam for ji from 172.16.146.210 port 32847
    ssh2
    debug3: AIX/setauthdb set registry 'files'
    debug3: aix_restoreauthdb: restoring old registry ''
    debug1: userauth-request for user ji service ssh-connection method
    keyboard-inte
    ractive
    debug1: attempt 3 failures 3
    debug2: input_userauth_request: try method keyboard-interactive
    debug1: keyboard-interactive devs
    debug1: auth2_challenge: user=ji devs=
    debug1: kbdint_alloc: devices 'pam'
    debug2: auth2_challenge_start: devices pam
    debug2: kbdint_next_device: devices
    debug1: auth2_challenge_start: trying authentication method 'pam'
    debug3: PAM: sshpam_init_ctx entering
    Failed keyboard-interactive for ji from 172.16.146.210 port 32847 ssh2
    debug3: AIX/setauthdb set registry 'files'
    debug3: aix_restoreauthdb: restoring old registry ''
    debug1: userauth-request for user ji service ssh-connection method
    keyboard-inte
    ractive
    debug1: attempt 4 failures 4
    debug2: input_userauth_request: try method keyboard-interactive
    debug1: keyboard-interactive devs
    debug1: auth2_challenge: user=ji devs=
    debug1: kbdint_alloc: devices 'pam'
    debug2: auth2_challenge_start: devices pam
    debug2: kbdint_next_device: devices
    debug1: auth2_challenge_start: trying authentication method 'pam'
    debug3: PAM: sshpam_init_ctx entering
    Failed keyboard-interactive for ji from 172.16.146.210 port 32847 ssh2
    debug3: AIX/setauthdb set registry 'files'
    debug3: aix_restoreauthdb: restoring old registry ''
    Connection closed by 172.16.146.210
    debug1: do_cleanup
    bash-3.00#



  5. Re: Permission denied (publickey,keyboard-interactive).

    Volker,
    Thanks for your help.

    I have attached here with the logs (degug mode).
    I am not able to fix the problem.
    Kindly help to solve this problem.

    bash-3.00# /usr/sbin/sshd -D -p19879 -ddd
    debug2: load_server_config: filename /usr/etc/sshd_config
    debug2: load_server_config: done config len = 281
    debug2: parse_server_config: config /usr/etc/sshd_config len 281
    debug3: /usr/etc/sshd_config:22 setting HostKey /usr/etc/
    ssh_host_rsa_key
    debug3: /usr/etc/sshd_config:23 setting HostKey /usr/etc/
    ssh_host_dsa_key
    debug3: /usr/etc/sshd_config:57 setting PasswordAuthentication no
    debug3: /usr/etc/sshd_config:83 setting UsePAM yes
    debug3: /usr/etc/sshd_config:95 setting UsePrivilegeSeparation no
    debug3: /usr/etc/sshd_config:109 setting Subsystem sftp /usr/libexec/
    sftp-server
    debug1: sshd version OpenSSH_4.5p1
    debug3: Not a RSA1 key file /usr/etc/ssh_host_rsa_key.
    debug1: read PEM private key done: type RSA
    debug1: private host key: #0 type 1 RSA
    debug3: Not a RSA1 key file /usr/etc/ssh_host_dsa_key.
    debug1: read PEM private key done: type DSA
    debug1: private host key: #1 type 2 DSA
    Disabling protocol version 1. Could not load host key
    debug1: rexec_argv[0]='/usr/sbin/sshd'
    debug1: rexec_argv[1]='-D'
    debug1: rexec_argv[2]='-p19879'
    debug1: rexec_argv[3]='-ddd'
    debug2: fd 3 setting O_NONBLOCK
    debug1: Bind to port 19879 on 0.0.0.0.
    Server listening on 0.0.0.0 port 19879.
    debug2: fd 4 setting O_NONBLOCK
    debug1: Bind to port 19879 on ::.
    Bind to port 19879 on :: failed: Address already in use.
    debug1: fd 4 clearing O_NONBLOCK
    debug1: Server will not fork when running in debugging mode.
    debug3: send_rexec_state: entering fd = 7 config len 281
    debug3: ssh_msg_send: type 0
    debug3: send_rexec_state: done
    debug1: rexec start in 4 out 4 newsock 4 pipe -1 sock 7
    debug1: inetd sockets after dupping: 3, 3
    Connection from 172.16.146.210 port 32847
    debug1: Client protocol version 2.0; client software version
    OpenSSH_4.5
    debug1: match: OpenSSH_4.5 pat OpenSSH*
    debug1: Enabling compatibility mode for protocol 2.0
    debug1: Local version string SSH-2.0-OpenSSH_4.5
    debug2: fd 3 setting O_NONBLOCK
    debug1: list_hostkey_types: ssh-rsa,ssh-dss
    debug1: SSH2_MSG_KEXINIT sent
    debug1: SSH2_MSG_KEXINIT received
    debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-
    hellman-g
    roup-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-
    sha1
    debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
    debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-
    cbc,arcfour1
    28,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-
    cbc@lysator.liu.se,aes128-c
    tr,aes192-ctr,aes256-ctr
    debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-
    cbc,arcfour1
    28,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-
    cbc@lysator.liu.se,aes128-c
    tr,aes192-ctr,aes256-ctr
    debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-
    ripemd160@open
    ssh.com,hmac-sha1-96,hmac-md5-96
    debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-
    ripemd160@open
    ssh.com,hmac-sha1-96,hmac-md5-96
    debug2: kex_parse_kexinit: none,zlib@openssh.com
    debug2: kex_parse_kexinit: none,zlib@openssh.com
    debug2: kex_parse_kexinit:
    debug2: kex_parse_kexinit:
    debug2: kex_parse_kexinit: first_kex_follows 0
    debug2: kex_parse_kexinit: reserved 0
    debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-
    hellman-g
    roup-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-
    sha1
    debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
    debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-
    cbc,arcfour1
    28,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-
    cbc@lysator.liu.se,aes128-c
    tr,aes192-ctr,aes256-ctr
    debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-
    cbc,arcfour1
    28,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-
    cbc@lysator.liu.se,aes128-c
    tr,aes192-ctr,aes256-ctr
    debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-
    ripemd160@open
    ssh.com,hmac-sha1-96,hmac-md5-96
    debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-
    ripemd160@open
    ssh.com,hmac-sha1-96,hmac-md5-96
    debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
    debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
    debug2: kex_parse_kexinit:
    debug2: kex_parse_kexinit:
    debug2: kex_parse_kexinit: first_kex_follows 0
    debug2: kex_parse_kexinit: reserved 0
    debug2: mac_init: found hmac-md5
    debug1: kex: client->server aes128-cbc hmac-md5 none
    debug2: mac_init: found hmac-md5
    debug1: kex: server->client aes128-cbc hmac-md5 none
    debug1: SSH2_MSG_KEX_DH_GEX_REQUEST received
    debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent
    debug2: dh_gen_key: priv key bits set: 130/256
    debug2: bits set: 509/1024
    debug1: expecting SSH2_MSG_KEX_DH_GEX_INIT
    debug2: bits set: 497/1024
    debug1: SSH2_MSG_KEX_DH_GEX_REPLY sent
    debug2: kex_derive_keys
    debug2: set_newkeys: mode 1
    debug1: SSH2_MSG_NEWKEYS sent
    debug1: expecting SSH2_MSG_NEWKEYS
    debug2: set_newkeys: mode 0
    debug1: SSH2_MSG_NEWKEYS received
    debug1: KEX done
    debug1: userauth-request for user ji service ssh-connection method
    none
    debug1: attempt 0 failures 0
    debug3: Trying to reverse map address 172.16.146.210.
    debug2: parse_server_config: config reprocess config len 281
    debug3: AIX/loginrestrictions returned 0 msg (none)
    debug2: input_userauth_request: setting up authctxt for ji
    debug1: PAM: initializing for "ji"
    debug1: PAM: setting PAM_RHOST to "csm100.pam.com"
    debug2: input_userauth_request: try method none
    Failed none for ji from 172.16.146.210 port 32847 ssh2
    debug1: userauth-request for user ji service ssh-connection method
    publickey
    debug1: attempt 1 failures 1
    debug2: input_userauth_request: try method publickey
    debug1: test whether pkalg/pkblob are acceptable
    debug1: temporarily_use_uid: 204/0 (e=0/0)
    debug1: trying public key file /home/ji/.ssh/authorized_keys
    debug1: restore_uid: 0/0
    debug1: temporarily_use_uid: 204/0 (e=0/0)
    debug1: trying public key file /home/ji/.ssh/authorized_keys2
    debug1: restore_uid: 0/0
    debug2: userauth_pubkey: authenticated 0 pkalg ssh-rsa
    Failed publickey for ji from 172.16.146.210 port 32847 ssh2
    debug1: userauth-request for user ji service ssh-connection method
    keyboard-inte
    ractive
    debug1: attempt 2 failures 2
    debug2: input_userauth_request: try method keyboard-interactive
    debug1: keyboard-interactive devs
    debug1: auth2_challenge: user=ji devs=
    debug1: kbdint_alloc: devices 'pam'
    debug2: auth2_challenge_start: devices pam
    debug2: kbdint_next_device: devices
    debug1: auth2_challenge_start: trying authentication method 'pam'
    debug3: PAM: sshpam_init_ctx entering
    debug3: PAM: sshpam_query entering
    debug3: ssh_msg_recv entering
    debug3: PAM: sshpam_thread_conv entering, 1 messages
    debug3: ssh_msg_send: type 1
    debug3: ssh_msg_recv entering
    Postponed keyboard-interactive for ji from 172.16.146.210 port 32847
    ssh2
    debug2: PAM: sshpam_respond entering, 1 responses
    debug3: ssh_msg_send: type 6
    debug3: PAM: sshpam_query entering
    debug3: ssh_msg_recv entering
    debug1: do_pam_account: called
    debug3: PAM: do_pam_account pam_acct_mgmt = 17 (User account has
    expired)
    debug3: ssh_msg_send: type 17
    debug3: PAM: User account has expired
    PAM: User account has expired for ji from csm100.pam.com
    debug2: auth2_challenge_start: devices
    debug3: PAM: sshpam_free_ctx entering
    debug3: PAM: sshpam_thread_cleanup entering
    Failed keyboard-interactive/pam for ji from 172.16.146.210 port 32847
    ssh2
    debug3: AIX/setauthdb set registry 'files'
    debug3: aix_restoreauthdb: restoring old registry ''
    debug1: userauth-request for user ji service ssh-connection method
    keyboard-inte
    ractive
    debug1: attempt 3 failures 3
    debug2: input_userauth_request: try method keyboard-interactive
    debug1: keyboard-interactive devs
    debug1: auth2_challenge: user=ji devs=
    debug1: kbdint_alloc: devices 'pam'
    debug2: auth2_challenge_start: devices pam
    debug2: kbdint_next_device: devices
    debug1: auth2_challenge_start: trying authentication method 'pam'
    debug3: PAM: sshpam_init_ctx entering
    Failed keyboard-interactive for ji from 172.16.146.210 port 32847 ssh2
    debug3: AIX/setauthdb set registry 'files'
    debug3: aix_restoreauthdb: restoring old registry ''
    debug1: userauth-request for user ji service ssh-connection method
    keyboard-inte
    ractive
    debug1: attempt 4 failures 4
    debug2: input_userauth_request: try method keyboard-interactive
    debug1: keyboard-interactive devs
    debug1: auth2_challenge: user=ji devs=
    debug1: kbdint_alloc: devices 'pam'
    debug2: auth2_challenge_start: devices pam
    debug2: kbdint_next_device: devices
    debug1: auth2_challenge_start: trying authentication method 'pam'
    debug3: PAM: sshpam_init_ctx entering
    Failed keyboard-interactive for ji from 172.16.146.210 port 32847 ssh2
    debug3: AIX/setauthdb set registry 'files'
    debug3: aix_restoreauthdb: restoring old registry ''
    Connection closed by 172.16.146.210
    debug1: do_cleanup
    bash-3.00#



  6. Re: Permission denied (publickey,keyboard-interactive).

    Hi,

    > usr/etc/sshd_config:57 setting PasswordAuthentication no


    looks a little strange.
    How do you want to login?
    With a public key?
    If you want to login with password set it to "yes"
    Try this at first

    If you use PAM, what kind of Authentication do you want to use?

    > debug3: PAM: do_pam_account pam_acct_mgmt = 17 (User account has
    > expired)
    > debug3: ssh_msg_send: type 17
    > debug3: PAM: User account has expired
    > PAM: User account has expired for ji from csm100.pam.com


    seems like your Account has expired??

    hth

    regards

    volker

    schrieb im Newsbeitrag
    news:1178905205.885549.55360@o5g2000hsb.googlegroups.com...
    > Volker,
    > Thanks for your help.
    >
    > I have attached here with the logs (degug mode).
    > I am not able to fix the problem.
    > Kindly help to solve this problem.
    >
    > bash-3.00# /usr/sbin/sshd -D -p19879 -ddd
    > debug2: load_server_config: filename /usr/etc/sshd_config
    > debug2: load_server_config: done config len = 281
    > debug2: parse_server_config: config /usr/etc/sshd_config len 281
    > debug3: /usr/etc/sshd_config:22 setting HostKey /usr/etc/
    > ssh_host_rsa_key
    > debug3: /usr/etc/sshd_config:23 setting HostKey /usr/etc/
    > ssh_host_dsa_key
    > debug3: /usr/etc/sshd_config:57 setting PasswordAuthentication no
    > debug3: /usr/etc/sshd_config:83 setting UsePAM yes
    > debug3: /usr/etc/sshd_config:95 setting UsePrivilegeSeparation no
    > debug3: /usr/etc/sshd_config:109 setting Subsystem sftp /usr/libexec/
    > sftp-server
    > debug1: sshd version OpenSSH_4.5p1
    > debug3: Not a RSA1 key file /usr/etc/ssh_host_rsa_key.
    > debug1: read PEM private key done: type RSA
    > debug1: private host key: #0 type 1 RSA
    > debug3: Not a RSA1 key file /usr/etc/ssh_host_dsa_key.
    > debug1: read PEM private key done: type DSA
    > debug1: private host key: #1 type 2 DSA
    > Disabling protocol version 1. Could not load host key
    > debug1: rexec_argv[0]='/usr/sbin/sshd'
    > debug1: rexec_argv[1]='-D'
    > debug1: rexec_argv[2]='-p19879'
    > debug1: rexec_argv[3]='-ddd'
    > debug2: fd 3 setting O_NONBLOCK
    > debug1: Bind to port 19879 on 0.0.0.0.
    > Server listening on 0.0.0.0 port 19879.
    > debug2: fd 4 setting O_NONBLOCK
    > debug1: Bind to port 19879 on ::.
    > Bind to port 19879 on :: failed: Address already in use.
    > debug1: fd 4 clearing O_NONBLOCK
    > debug1: Server will not fork when running in debugging mode.
    > debug3: send_rexec_state: entering fd = 7 config len 281
    > debug3: ssh_msg_send: type 0
    > debug3: send_rexec_state: done
    > debug1: rexec start in 4 out 4 newsock 4 pipe -1 sock 7
    > debug1: inetd sockets after dupping: 3, 3
    > Connection from 172.16.146.210 port 32847
    > debug1: Client protocol version 2.0; client software version
    > OpenSSH_4.5
    > debug1: match: OpenSSH_4.5 pat OpenSSH*
    > debug1: Enabling compatibility mode for protocol 2.0
    > debug1: Local version string SSH-2.0-OpenSSH_4.5
    > debug2: fd 3 setting O_NONBLOCK
    > debug1: list_hostkey_types: ssh-rsa,ssh-dss
    > debug1: SSH2_MSG_KEXINIT sent
    > debug1: SSH2_MSG_KEXINIT received
    > debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-
    > hellman-g
    > roup-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-
    > sha1
    > debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
    > debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-
    > cbc,arcfour1
    > 28,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-
    > cbc@lysator.liu.se,aes128-c
    > tr,aes192-ctr,aes256-ctr
    > debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-
    > cbc,arcfour1
    > 28,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-
    > cbc@lysator.liu.se,aes128-c
    > tr,aes192-ctr,aes256-ctr
    > debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-
    > ripemd160@open
    > ssh.com,hmac-sha1-96,hmac-md5-96
    > debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-
    > ripemd160@open
    > ssh.com,hmac-sha1-96,hmac-md5-96
    > debug2: kex_parse_kexinit: none,zlib@openssh.com
    > debug2: kex_parse_kexinit: none,zlib@openssh.com
    > debug2: kex_parse_kexinit:
    > debug2: kex_parse_kexinit:
    > debug2: kex_parse_kexinit: first_kex_follows 0
    > debug2: kex_parse_kexinit: reserved 0
    > debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-
    > hellman-g
    > roup-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-
    > sha1
    > debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
    > debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-
    > cbc,arcfour1
    > 28,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-
    > cbc@lysator.liu.se,aes128-c
    > tr,aes192-ctr,aes256-ctr
    > debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-
    > cbc,arcfour1
    > 28,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-
    > cbc@lysator.liu.se,aes128-c
    > tr,aes192-ctr,aes256-ctr
    > debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-
    > ripemd160@open
    > ssh.com,hmac-sha1-96,hmac-md5-96
    > debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-
    > ripemd160@open
    > ssh.com,hmac-sha1-96,hmac-md5-96
    > debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
    > debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
    > debug2: kex_parse_kexinit:
    > debug2: kex_parse_kexinit:
    > debug2: kex_parse_kexinit: first_kex_follows 0
    > debug2: kex_parse_kexinit: reserved 0
    > debug2: mac_init: found hmac-md5
    > debug1: kex: client->server aes128-cbc hmac-md5 none
    > debug2: mac_init: found hmac-md5
    > debug1: kex: server->client aes128-cbc hmac-md5 none
    > debug1: SSH2_MSG_KEX_DH_GEX_REQUEST received
    > debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent
    > debug2: dh_gen_key: priv key bits set: 130/256
    > debug2: bits set: 509/1024
    > debug1: expecting SSH2_MSG_KEX_DH_GEX_INIT
    > debug2: bits set: 497/1024
    > debug1: SSH2_MSG_KEX_DH_GEX_REPLY sent
    > debug2: kex_derive_keys
    > debug2: set_newkeys: mode 1
    > debug1: SSH2_MSG_NEWKEYS sent
    > debug1: expecting SSH2_MSG_NEWKEYS
    > debug2: set_newkeys: mode 0
    > debug1: SSH2_MSG_NEWKEYS received
    > debug1: KEX done
    > debug1: userauth-request for user ji service ssh-connection method
    > none
    > debug1: attempt 0 failures 0
    > debug3: Trying to reverse map address 172.16.146.210.
    > debug2: parse_server_config: config reprocess config len 281
    > debug3: AIX/loginrestrictions returned 0 msg (none)
    > debug2: input_userauth_request: setting up authctxt for ji
    > debug1: PAM: initializing for "ji"
    > debug1: PAM: setting PAM_RHOST to "csm100.pam.com"
    > debug2: input_userauth_request: try method none
    > Failed none for ji from 172.16.146.210 port 32847 ssh2
    > debug1: userauth-request for user ji service ssh-connection method
    > publickey
    > debug1: attempt 1 failures 1
    > debug2: input_userauth_request: try method publickey
    > debug1: test whether pkalg/pkblob are acceptable
    > debug1: temporarily_use_uid: 204/0 (e=0/0)
    > debug1: trying public key file /home/ji/.ssh/authorized_keys
    > debug1: restore_uid: 0/0
    > debug1: temporarily_use_uid: 204/0 (e=0/0)
    > debug1: trying public key file /home/ji/.ssh/authorized_keys2
    > debug1: restore_uid: 0/0
    > debug2: userauth_pubkey: authenticated 0 pkalg ssh-rsa
    > Failed publickey for ji from 172.16.146.210 port 32847 ssh2
    > debug1: userauth-request for user ji service ssh-connection method
    > keyboard-inte
    > ractive
    > debug1: attempt 2 failures 2
    > debug2: input_userauth_request: try method keyboard-interactive
    > debug1: keyboard-interactive devs
    > debug1: auth2_challenge: user=ji devs=
    > debug1: kbdint_alloc: devices 'pam'
    > debug2: auth2_challenge_start: devices pam
    > debug2: kbdint_next_device: devices
    > debug1: auth2_challenge_start: trying authentication method 'pam'
    > debug3: PAM: sshpam_init_ctx entering
    > debug3: PAM: sshpam_query entering
    > debug3: ssh_msg_recv entering
    > debug3: PAM: sshpam_thread_conv entering, 1 messages
    > debug3: ssh_msg_send: type 1
    > debug3: ssh_msg_recv entering
    > Postponed keyboard-interactive for ji from 172.16.146.210 port 32847
    > ssh2
    > debug2: PAM: sshpam_respond entering, 1 responses
    > debug3: ssh_msg_send: type 6
    > debug3: PAM: sshpam_query entering
    > debug3: ssh_msg_recv entering
    > debug1: do_pam_account: called
    > debug3: PAM: do_pam_account pam_acct_mgmt = 17 (User account has
    > expired)
    > debug3: ssh_msg_send: type 17
    > debug3: PAM: User account has expired
    > PAM: User account has expired for ji from csm100.pam.com
    > debug2: auth2_challenge_start: devices
    > debug3: PAM: sshpam_free_ctx entering
    > debug3: PAM: sshpam_thread_cleanup entering
    > Failed keyboard-interactive/pam for ji from 172.16.146.210 port 32847
    > ssh2
    > debug3: AIX/setauthdb set registry 'files'
    > debug3: aix_restoreauthdb: restoring old registry ''
    > debug1: userauth-request for user ji service ssh-connection method
    > keyboard-inte
    > ractive
    > debug1: attempt 3 failures 3
    > debug2: input_userauth_request: try method keyboard-interactive
    > debug1: keyboard-interactive devs
    > debug1: auth2_challenge: user=ji devs=
    > debug1: kbdint_alloc: devices 'pam'
    > debug2: auth2_challenge_start: devices pam
    > debug2: kbdint_next_device: devices
    > debug1: auth2_challenge_start: trying authentication method 'pam'
    > debug3: PAM: sshpam_init_ctx entering
    > Failed keyboard-interactive for ji from 172.16.146.210 port 32847 ssh2
    > debug3: AIX/setauthdb set registry 'files'
    > debug3: aix_restoreauthdb: restoring old registry ''
    > debug1: userauth-request for user ji service ssh-connection method
    > keyboard-inte
    > ractive
    > debug1: attempt 4 failures 4
    > debug2: input_userauth_request: try method keyboard-interactive
    > debug1: keyboard-interactive devs
    > debug1: auth2_challenge: user=ji devs=
    > debug1: kbdint_alloc: devices 'pam'
    > debug2: auth2_challenge_start: devices pam
    > debug2: kbdint_next_device: devices
    > debug1: auth2_challenge_start: trying authentication method 'pam'
    > debug3: PAM: sshpam_init_ctx entering
    > Failed keyboard-interactive for ji from 172.16.146.210 port 32847 ssh2
    > debug3: AIX/setauthdb set registry 'files'
    > debug3: aix_restoreauthdb: restoring old registry ''
    > Connection closed by 172.16.146.210
    > debug1: do_cleanup
    > bash-3.00#
    >
    >




  7. Re: Permission denied (publickey,keyboard-interactive).

    Hi,

    > usr/etc/sshd_config:57 setting PasswordAuthentication no


    looks a little strange.
    How do you want to login?
    With a public key?
    If you want to login with password set it to "yes"
    Try this at first

    If you use PAM, what kind of Authentication do you want to use?

    > debug3: PAM: do_pam_account pam_acct_mgmt = 17 (User account has
    > expired)
    > debug3: ssh_msg_send: type 17
    > debug3: PAM: User account has expired
    > PAM: User account has expired for ji from csm100.pam.com


    seems like your Account has expired??

    hth

    regards

    volker

    schrieb im Newsbeitrag
    news:1178905205.885549.55360@o5g2000hsb.googlegroups.com...
    > Volker,
    > Thanks for your help.
    >
    > I have attached here with the logs (degug mode).
    > I am not able to fix the problem.
    > Kindly help to solve this problem.
    >
    > bash-3.00# /usr/sbin/sshd -D -p19879 -ddd
    > debug2: load_server_config: filename /usr/etc/sshd_config
    > debug2: load_server_config: done config len = 281
    > debug2: parse_server_config: config /usr/etc/sshd_config len 281
    > debug3: /usr/etc/sshd_config:22 setting HostKey /usr/etc/
    > ssh_host_rsa_key
    > debug3: /usr/etc/sshd_config:23 setting HostKey /usr/etc/
    > ssh_host_dsa_key
    > debug3: /usr/etc/sshd_config:57 setting PasswordAuthentication no
    > debug3: /usr/etc/sshd_config:83 setting UsePAM yes
    > debug3: /usr/etc/sshd_config:95 setting UsePrivilegeSeparation no
    > debug3: /usr/etc/sshd_config:109 setting Subsystem sftp /usr/libexec/
    > sftp-server
    > debug1: sshd version OpenSSH_4.5p1
    > debug3: Not a RSA1 key file /usr/etc/ssh_host_rsa_key.
    > debug1: read PEM private key done: type RSA
    > debug1: private host key: #0 type 1 RSA
    > debug3: Not a RSA1 key file /usr/etc/ssh_host_dsa_key.
    > debug1: read PEM private key done: type DSA
    > debug1: private host key: #1 type 2 DSA
    > Disabling protocol version 1. Could not load host key
    > debug1: rexec_argv[0]='/usr/sbin/sshd'
    > debug1: rexec_argv[1]='-D'
    > debug1: rexec_argv[2]='-p19879'
    > debug1: rexec_argv[3]='-ddd'
    > debug2: fd 3 setting O_NONBLOCK
    > debug1: Bind to port 19879 on 0.0.0.0.
    > Server listening on 0.0.0.0 port 19879.
    > debug2: fd 4 setting O_NONBLOCK
    > debug1: Bind to port 19879 on ::.
    > Bind to port 19879 on :: failed: Address already in use.
    > debug1: fd 4 clearing O_NONBLOCK
    > debug1: Server will not fork when running in debugging mode.
    > debug3: send_rexec_state: entering fd = 7 config len 281
    > debug3: ssh_msg_send: type 0
    > debug3: send_rexec_state: done
    > debug1: rexec start in 4 out 4 newsock 4 pipe -1 sock 7
    > debug1: inetd sockets after dupping: 3, 3
    > Connection from 172.16.146.210 port 32847
    > debug1: Client protocol version 2.0; client software version
    > OpenSSH_4.5
    > debug1: match: OpenSSH_4.5 pat OpenSSH*
    > debug1: Enabling compatibility mode for protocol 2.0
    > debug1: Local version string SSH-2.0-OpenSSH_4.5
    > debug2: fd 3 setting O_NONBLOCK
    > debug1: list_hostkey_types: ssh-rsa,ssh-dss
    > debug1: SSH2_MSG_KEXINIT sent
    > debug1: SSH2_MSG_KEXINIT received
    > debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-
    > hellman-g
    > roup-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-
    > sha1
    > debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
    > debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-
    > cbc,arcfour1
    > 28,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-
    > cbc@lysator.liu.se,aes128-c
    > tr,aes192-ctr,aes256-ctr
    > debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-
    > cbc,arcfour1
    > 28,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-
    > cbc@lysator.liu.se,aes128-c
    > tr,aes192-ctr,aes256-ctr
    > debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-
    > ripemd160@open
    > ssh.com,hmac-sha1-96,hmac-md5-96
    > debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-
    > ripemd160@open
    > ssh.com,hmac-sha1-96,hmac-md5-96
    > debug2: kex_parse_kexinit: none,zlib@openssh.com
    > debug2: kex_parse_kexinit: none,zlib@openssh.com
    > debug2: kex_parse_kexinit:
    > debug2: kex_parse_kexinit:
    > debug2: kex_parse_kexinit: first_kex_follows 0
    > debug2: kex_parse_kexinit: reserved 0
    > debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-
    > hellman-g
    > roup-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-
    > sha1
    > debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
    > debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-
    > cbc,arcfour1
    > 28,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-
    > cbc@lysator.liu.se,aes128-c
    > tr,aes192-ctr,aes256-ctr
    > debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-
    > cbc,arcfour1
    > 28,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-
    > cbc@lysator.liu.se,aes128-c
    > tr,aes192-ctr,aes256-ctr
    > debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-
    > ripemd160@open
    > ssh.com,hmac-sha1-96,hmac-md5-96
    > debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-
    > ripemd160@open
    > ssh.com,hmac-sha1-96,hmac-md5-96
    > debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
    > debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
    > debug2: kex_parse_kexinit:
    > debug2: kex_parse_kexinit:
    > debug2: kex_parse_kexinit: first_kex_follows 0
    > debug2: kex_parse_kexinit: reserved 0
    > debug2: mac_init: found hmac-md5
    > debug1: kex: client->server aes128-cbc hmac-md5 none
    > debug2: mac_init: found hmac-md5
    > debug1: kex: server->client aes128-cbc hmac-md5 none
    > debug1: SSH2_MSG_KEX_DH_GEX_REQUEST received
    > debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent
    > debug2: dh_gen_key: priv key bits set: 130/256
    > debug2: bits set: 509/1024
    > debug1: expecting SSH2_MSG_KEX_DH_GEX_INIT
    > debug2: bits set: 497/1024
    > debug1: SSH2_MSG_KEX_DH_GEX_REPLY sent
    > debug2: kex_derive_keys
    > debug2: set_newkeys: mode 1
    > debug1: SSH2_MSG_NEWKEYS sent
    > debug1: expecting SSH2_MSG_NEWKEYS
    > debug2: set_newkeys: mode 0
    > debug1: SSH2_MSG_NEWKEYS received
    > debug1: KEX done
    > debug1: userauth-request for user ji service ssh-connection method
    > none
    > debug1: attempt 0 failures 0
    > debug3: Trying to reverse map address 172.16.146.210.
    > debug2: parse_server_config: config reprocess config len 281
    > debug3: AIX/loginrestrictions returned 0 msg (none)
    > debug2: input_userauth_request: setting up authctxt for ji
    > debug1: PAM: initializing for "ji"
    > debug1: PAM: setting PAM_RHOST to "csm100.pam.com"
    > debug2: input_userauth_request: try method none
    > Failed none for ji from 172.16.146.210 port 32847 ssh2
    > debug1: userauth-request for user ji service ssh-connection method
    > publickey
    > debug1: attempt 1 failures 1
    > debug2: input_userauth_request: try method publickey
    > debug1: test whether pkalg/pkblob are acceptable
    > debug1: temporarily_use_uid: 204/0 (e=0/0)
    > debug1: trying public key file /home/ji/.ssh/authorized_keys
    > debug1: restore_uid: 0/0
    > debug1: temporarily_use_uid: 204/0 (e=0/0)
    > debug1: trying public key file /home/ji/.ssh/authorized_keys2
    > debug1: restore_uid: 0/0
    > debug2: userauth_pubkey: authenticated 0 pkalg ssh-rsa
    > Failed publickey for ji from 172.16.146.210 port 32847 ssh2
    > debug1: userauth-request for user ji service ssh-connection method
    > keyboard-inte
    > ractive
    > debug1: attempt 2 failures 2
    > debug2: input_userauth_request: try method keyboard-interactive
    > debug1: keyboard-interactive devs
    > debug1: auth2_challenge: user=ji devs=
    > debug1: kbdint_alloc: devices 'pam'
    > debug2: auth2_challenge_start: devices pam
    > debug2: kbdint_next_device: devices
    > debug1: auth2_challenge_start: trying authentication method 'pam'
    > debug3: PAM: sshpam_init_ctx entering
    > debug3: PAM: sshpam_query entering
    > debug3: ssh_msg_recv entering
    > debug3: PAM: sshpam_thread_conv entering, 1 messages
    > debug3: ssh_msg_send: type 1
    > debug3: ssh_msg_recv entering
    > Postponed keyboard-interactive for ji from 172.16.146.210 port 32847
    > ssh2
    > debug2: PAM: sshpam_respond entering, 1 responses
    > debug3: ssh_msg_send: type 6
    > debug3: PAM: sshpam_query entering
    > debug3: ssh_msg_recv entering
    > debug1: do_pam_account: called
    > debug3: PAM: do_pam_account pam_acct_mgmt = 17 (User account has
    > expired)
    > debug3: ssh_msg_send: type 17
    > debug3: PAM: User account has expired
    > PAM: User account has expired for ji from csm100.pam.com
    > debug2: auth2_challenge_start: devices
    > debug3: PAM: sshpam_free_ctx entering
    > debug3: PAM: sshpam_thread_cleanup entering
    > Failed keyboard-interactive/pam for ji from 172.16.146.210 port 32847
    > ssh2
    > debug3: AIX/setauthdb set registry 'files'
    > debug3: aix_restoreauthdb: restoring old registry ''
    > debug1: userauth-request for user ji service ssh-connection method
    > keyboard-inte
    > ractive
    > debug1: attempt 3 failures 3
    > debug2: input_userauth_request: try method keyboard-interactive
    > debug1: keyboard-interactive devs
    > debug1: auth2_challenge: user=ji devs=
    > debug1: kbdint_alloc: devices 'pam'
    > debug2: auth2_challenge_start: devices pam
    > debug2: kbdint_next_device: devices
    > debug1: auth2_challenge_start: trying authentication method 'pam'
    > debug3: PAM: sshpam_init_ctx entering
    > Failed keyboard-interactive for ji from 172.16.146.210 port 32847 ssh2
    > debug3: AIX/setauthdb set registry 'files'
    > debug3: aix_restoreauthdb: restoring old registry ''
    > debug1: userauth-request for user ji service ssh-connection method
    > keyboard-inte
    > ractive
    > debug1: attempt 4 failures 4
    > debug2: input_userauth_request: try method keyboard-interactive
    > debug1: keyboard-interactive devs
    > debug1: auth2_challenge: user=ji devs=
    > debug1: kbdint_alloc: devices 'pam'
    > debug2: auth2_challenge_start: devices pam
    > debug2: kbdint_next_device: devices
    > debug1: auth2_challenge_start: trying authentication method 'pam'
    > debug3: PAM: sshpam_init_ctx entering
    > Failed keyboard-interactive for ji from 172.16.146.210 port 32847 ssh2
    > debug3: AIX/setauthdb set registry 'files'
    > debug3: aix_restoreauthdb: restoring old registry ''
    > Connection closed by 172.16.146.210
    > debug1: do_cleanup
    > bash-3.00#
    >
    >




  8. Re: Permission denied (publickey,keyboard-interactive).

    Hi,

    I want to login with a public key.
    I have a PAM Agent software installed so I have to set
    PaaswordAuthentication to "yes"
    Authentication should be directed to the PAM Agent software.

    I want to use SSH,SFTP and SCP authentication with my configuration.

    I need some guidance to configure PAM with Openssh (from source not as
    RPM Packages).
    I have configured gcc, then zlib 1.2.3,open ssl 0.98e and then open
    ssh 4.5p1 with my setup.
    please provide me the steps in detail how to configure openssh from
    source (how to configure with what option inorder to work with PAM) in
    a much detail way.

    Thanks,
    Kumar


  9. Re: Permission denied (publickey,keyboard-interactive).

    Hi,

    I want to login with a public key.
    I have a PAM Agent software installed so I have to set
    PaaswordAuthentication to "yes"
    Authentication should be directed to the PAM Agent software.

    I want to use SSH,SFTP and SCP authentication with my configuration.

    I need some guidance to configure PAM with Openssh (from source not as
    RPM Packages).
    I have configured gcc, then zlib 1.2.3,open ssl 0.98e and then open
    ssh 4.5p1 with my setup.
    please provide me the steps in detail how to configure openssh from
    source (how to configure with what option inorder to work with PAM) in
    a much detail way.

    Thanks,
    Kumar


  10. Re: Permission denied (publickey,keyboard-interactive).

    Hi,

    maybe you should try

    comp.security.ssh

    there should be better help with ssh and PAM.

    regards

    volker


    schrieb im Newsbeitrag
    news:1178909846.669482.132760@h2g2000hsg.googlegroups.com...
    > Hi,
    >
    > I want to login with a public key.
    > I have a PAM Agent software installed so I have to set
    > PaaswordAuthentication to "yes"
    > Authentication should be directed to the PAM Agent software.
    >
    > I want to use SSH,SFTP and SCP authentication with my configuration.
    >
    > I need some guidance to configure PAM with Openssh (from source not as
    > RPM Packages).
    > I have configured gcc, then zlib 1.2.3,open ssl 0.98e and then open
    > ssh 4.5p1 with my setup.
    > please provide me the steps in detail how to configure openssh from
    > source (how to configure with what option inorder to work with PAM) in
    > a much detail way.
    >
    > Thanks,
    > Kumar
    >




+ Reply to Thread
Page 1 of 2 1 2 LastLast