[NCLUG] ssh2 - hostbased authentications

Quent quent at pobox.com
Thu Nov 30 10:45:16 MST 2000 

You could generate a key for "root" with no passphrase and use an
"authorized_keys" file on the remote host in the /.ssh directory.
It's a bit risky though.

	Quent

On Tue, Nov 28, 2000 at 01:25:09AM +0000, dobbster wrote:
> Hi,
> 
> I've been grappling in the dark with this for days now...  I am very
> puzzled and would be grateful for any suggestions.
> 
> I am trying to figure out how to rsync directories over ssh.  The
> problem I seem to have is using the "hostbased" authentication with
> sshd2.  I figure this is the only way that I can cron my rsync's,
> because otherwise I would have to use a password.  (Is there a better
> way...?)
> 
> Following the man pages, I created the hostkey.pub file on my "local"
> system, and copied this file to
> /etc/ssh2/knownhosts/192.168.0.1.ssh-dss.pub on the "remote" system. 
> (Obviously this is not the real IP address!)
> 
> Next, I created a /root/.shosts on the remote system with one line,
> "192.168.0.1 root".
> 
> In /etc/ssh2/sshd2_config, I have 'AllowedAuthentications hostbased'.
> 
> One more thing:  The "local" system's IP address is not associated with
> a FQDN.  This is why I used the IP address in the .pub file.  On the
> other hand, I've also tried this with the local system's hostname
> 'system1' and entered '192.168.0.1 system1' into /etc/hosts on the
> "remote" system, and copied the "local" hostkey.pub to the "remote"
> /etc/ssh2/knownhosts/system1.ssh-dss.pub.  Still no luck.
> 
> Running  /usr/local/sbin/sshd2 -v gives me this eventual result:
> 
> debug: Sshd2/sshd2.c:349/auth_policy_proc: user 'root' service
> 'ssh-connection' client_ip '192.168.0.1' client_port '2721' completed ''
> debug: Sshd2/sshd2.c:476/auth_policy_proc: output: hostbased
> debug: Ssh2Common/sshcommon.c:132/ssh_common_disconnect: DISCONNECT
> received: No further authentication methods available.
> sshd2[989]: Remote host disconnected: No further authentication methods
> available.
> debug: Sshd2/sshd2.c:95/server_disconnect: locally_generated = FALSE
> sshd2[989]: no more authentication methods on remote: 'No further
> authentication methods available.'
> debug: Exiting event loop
> 
> Any ideas?  Am I completely clueless?
> 
> Thanks,
> 
> Mark (dobbster at frii.com)
> _______________________________________________
> NCLUG mailing list
> NCLUG at nclug.org
> http://www.nclug.org/mailman/listinfo/nclug
> 
>

More information about the NCLUG mailing list