+ Reply to Thread
Results 1 to 6 of 6

sshd on Solaris 10

  1. sshd on Solaris 10

    Hello,

    I'm facing nasty behavior of sshd on solaris 10, something what was not
    on 8.

    I'm login using public-key but in messages log appears entries about
    failed login:

    Oct 18 10:37:39 host001 sshd[14024]: [ID 800047 auth.notice] Failed
    none for support from 10.0.0.1 port 45406 ssh2
    Oct 18 10:37:39 host001 sshd[14024]: [ID 800047 auth.notice] Failed
    none for support from 10.0.0.1 port 45406 ssh2
    Oct 18 10:37:40 host001 sshd[14024]: [ID 800047 auth.info] Accepted
    publickey for support from 10.0.0.1 port 45406 ssh2


    Is there any option to force sshd to use keys first?

    Or any option to not have such mess in log.



    --
    regards

    Przem

  2. Re: sshd on Solaris 10

    On Oct 18, 5:50 am, Przem wrote:
    > Hello,
    >
    > I'm facing nasty behavior of sshd on solaris 10, something what was not
    > on 8.
    >
    > I'm login using public-key but in messages log appears entries about
    > failed login:
    >
    > Oct 18 10:37:39 host001 sshd[14024]: [ID 800047 auth.notice] Failed
    > none for support from 10.0.0.1 port 45406 ssh2
    > Oct 18 10:37:39 host001 sshd[14024]: [ID 800047 auth.notice] Failed
    > none for support from 10.0.0.1 port 45406 ssh2
    > Oct 18 10:37:40 host001 sshd[14024]: [ID 800047 auth.info] Accepted
    > publickey for support from 10.0.0.1 port 45406 ssh2
    >
    > Is there any option to force sshd to use keys first?
    >
    > Or any option to not have such mess in log.
    >
    > --
    > regards
    >
    > Przem


    What do you have LogLevel set to in sshd_config? Cutting that back
    to ERROR should get rid of the messages.

    Regards.
    Jim Lane


  3. Re: sshd on Solaris 10

    Jim.Lane@cibc.com wrote:
    > On Oct 18, 5:50 am, Przem wrote:
    >> Hello,
    >>
    >> I'm facing nasty behavior of sshd on solaris 10, something what was not
    >> on 8.
    >>
    >> I'm login using public-key but in messages log appears entries about
    >> failed login:
    >>
    >> Oct 18 10:37:39 host001 sshd[14024]: [ID 800047 auth.notice] Failed
    >> none for support from 10.0.0.1 port 45406 ssh2
    >> Oct 18 10:37:39 host001 sshd[14024]: [ID 800047 auth.notice] Failed
    >> none for support from 10.0.0.1 port 45406 ssh2
    >> Oct 18 10:37:40 host001 sshd[14024]: [ID 800047 auth.info] Accepted
    >> publickey for support from 10.0.0.1 port 45406 ssh2
    >>
    >> Is there any option to force sshd to use keys first?
    >>
    >> Or any option to not have such mess in log.
    >>
    >> --
    >> regards
    >>
    >> Przem

    >
    > What do you have LogLevel set to in sshd_config? Cutting that back
    > to ERROR should get rid of the messages.


    SyslogFacility auth
    LogLevel info

    Same as in all of my Solaris 8 boxes. But there is no such problem. Only
    here on Sol 10.

    Any thoughts?

    --
    regards

    Przem

  4. Re: sshd on Solaris 10

    On 18 Okt., 14:36, Przem wrote:
    > Jim.L...@cibc.com wrote:
    > > On Oct 18, 5:50 am, Przem wrote:
    > >> Hello,

    >
    > >> I'm facing nasty behavior of sshd on solaris 10, something what was not
    > >> on 8.

    >
    > >> I'm login using public-key but in messages log appears entries about
    > >> failed login:

    >
    > >> Oct 18 10:37:39 host001 sshd[14024]: [ID 800047 auth.notice] Failed
    > >> none for support from 10.0.0.1 port 45406 ssh2
    > >> Oct 18 10:37:39 host001 sshd[14024]: [ID 800047 auth.notice] Failed
    > >> none for support from 10.0.0.1 port 45406 ssh2
    > >> Oct 18 10:37:40 host001 sshd[14024]: [ID 800047 auth.info] Accepted
    > >> publickey for support from 10.0.0.1 port 45406 ssh2

    >
    > >> Is there any option to force sshd to use keys first?

    >
    > >> Or any option to not have such mess in log.

    >
    > >> --
    > >> regards

    >
    > >> Przem

    >
    > > What do you have LogLevel set to in sshd_config? Cutting that back
    > > to ERROR should get rid of the messages.

    >
    > SyslogFacility auth
    > LogLevel info
    >
    > Same as in all of my Solaris 8 boxes. But there is no such problem. Only
    > here on Sol 10.
    >
    > Any thoughts?
    >
    > --
    > regards
    >
    > Przem- Zitierten Text ausblenden -
    >
    > - Zitierten Text anzeigen -



    man sshd
    helps to understand how ssh and pam work together.
    Maybe this helps.


  5. Re: sshd on Solaris 10

    Przem writes:
    >Is there any option to force sshd to use keys first?


    In the commercial version I think you can order the stuff
    on this line:

    AllowedAuthentications publickey,password,keyboard-interactive


    I just looked at an openssh config file, and saw only

    PasswordAuthentication no
    UsePAM yes

    in /etc/ssh/sshd_config.

    ssh -v localhost produced:

    debug1: Authentications that can continue: publickey,keyboard-interactive


    The man page sez that PubkeyAuthentication defaults to "yes", and it
    looks like it gets tried first...

    -Mike

  6. Re: sshd on Solaris 10

    hubcap wrote:
    > Przem writes:
    >> Is there any option to force sshd to use keys first?

    >
    > In the commercial version I think you can order the stuff
    > on this line:
    >
    > AllowedAuthentications publickey,password,keyboard-interactive
    >
    >
    > I just looked at an openssh config file, and saw only
    >
    > PasswordAuthentication no
    > UsePAM yes
    >
    > in /etc/ssh/sshd_config.


    the option you are looking for is PreferredAuthentications


+ Reply to Thread