API tools faq
paste
Guest User

Untitled

a guest
Nov 27th, 2017
372
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 19.18 KB | None | 0 0
raw download clone embed print report
  1.  
  2. ## ssh into server "mimi" fails with either key or password login
  3.  
  4. -sh-3.2$ ssh mimi
  5. Permission denied (publickey).
  6.  
  7.  
  8. ## here is the verbose ssh output of the login attempt
  9.  
  10.  
  11. OpenSSH_5.5p1, OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008
  12. debug1: Reading configuration data /var/lib/amanda/.ssh/config
  13. debug1: Applying options for mimi
  14. debug1: Reading configuration data /etc/ssh/ssh_config
  15. debug1: Applying options for *
  16. debug2: ssh_connect: needpriv 0
  17. debug1: Connecting to 64.106.217.201 [64.106.217.201] port 22.
  18. debug1: Connection established.
  19. debug3: Not a RSA1 key file /var/lib/amanda/.ssh/id_rsa.
  20. debug2: key_type_from_name: unknown key type '-----BEGIN'
  21. debug3: key_read: missing keytype
  22. debug3: key_read: missing whitespace
  23. debug3: key_read: missing whitespace
  24. debug3: key_read: missing whitespace
  25. debug3: key_read: missing whitespace
  26. debug3: key_read: missing whitespace
  27. debug3: key_read: missing whitespace
  28. debug3: key_read: missing whitespace
  29. debug3: key_read: missing whitespace
  30. debug3: key_read: missing whitespace
  31. debug3: key_read: missing whitespace
  32. debug3: key_read: missing whitespace
  33. debug3: key_read: missing whitespace
  34. debug3: key_read: missing whitespace
  35. debug3: key_read: missing whitespace
  36. debug3: key_read: missing whitespace
  37. debug3: key_read: missing whitespace
  38. debug3: key_read: missing whitespace
  39. debug3: key_read: missing whitespace
  40. debug3: key_read: missing whitespace
  41. debug3: key_read: missing whitespace
  42. debug3: key_read: missing whitespace
  43. debug3: key_read: missing whitespace
  44. debug3: key_read: missing whitespace
  45. debug3: key_read: missing whitespace
  46. debug3: key_read: missing whitespace
  47. debug2: key_type_from_name: unknown key type '-----END'
  48. debug3: key_read: missing keytype
  49. debug1: identity file /var/lib/amanda/.ssh/id_rsa type 1
  50. debug1: identity file /var/lib/amanda/.ssh/id_rsa-cert type -1
  51. debug1: identity file /var/lib/amanda/.ssh/id_dsa type -1
  52. debug1: identity file /var/lib/amanda/.ssh/id_dsa-cert type -1
  53. debug1: Remote protocol version 2.0, remote software version OpenSSH_5.8
  54. debug1: match: OpenSSH_5.8 pat OpenSSH*
  55. debug1: Enabling compatibility mode for protocol 2.0
  56. debug1: Local version string SSH-2.0-OpenSSH_5.5
  57. debug2: fd 3 setting O_NONBLOCK
  58. debug1: SSH2_MSG_KEXINIT sent
  59. debug1: SSH2_MSG_KEXINIT received
  60. debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
  61. debug2: kex_parse_kexinit: ssh-rsa-cert-v00@openssh.com,ssh-dss-cert-v00@openssh.com,ssh-rsa,ssh-dss
  62. debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
  63. debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
  64. debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
  65. debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
  66. debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
  67. debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
  68. debug2: kex_parse_kexinit:
  69. debug2: kex_parse_kexinit:
  70. debug2: kex_parse_kexinit: first_kex_follows 0
  71. debug2: kex_parse_kexinit: reserved 0
  72. debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
  73. debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
  74. debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
  75. debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
  76. debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
  77. debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
  78. debug2: kex_parse_kexinit: none,zlib@openssh.com
  79. debug2: kex_parse_kexinit: none,zlib@openssh.com
  80. debug2: kex_parse_kexinit:
  81. debug2: kex_parse_kexinit:
  82. debug2: kex_parse_kexinit: first_kex_follows 0
  83. debug2: kex_parse_kexinit: reserved 0
  84. debug2: mac_setup: found hmac-md5
  85. debug1: kex: server->client aes128-ctr hmac-md5 none
  86. debug2: mac_setup: found hmac-md5
  87. debug1: kex: client->server aes128-ctr hmac-md5 none
  88. debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
  89. debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
  90. debug2: dh_gen_key: priv key bits set: 124/256
  91. debug2: bits set: 475/1024
  92. debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
  93. debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
  94. debug3: check_host_in_hostfile: host 64.106.217.201 filename /var/lib/amanda/.ssh/known_hosts
  95. debug3: check_host_in_hostfile: host 64.106.217.201 filename /var/lib/amanda/.ssh/known_hosts
  96. debug3: check_host_in_hostfile: match line 50
  97. debug1: Host '64.106.217.201' is known and matches the RSA host key.
  98. debug1: Found key in /var/lib/amanda/.ssh/known_hosts:50
  99. debug2: bits set: 520/1024
  100. debug1: ssh_rsa_verify: signature correct
  101. debug2: kex_derive_keys
  102. debug2: set_newkeys: mode 1
  103. debug1: SSH2_MSG_NEWKEYS sent
  104. debug1: expecting SSH2_MSG_NEWKEYS
  105. debug2: set_newkeys: mode 0
  106. debug1: SSH2_MSG_NEWKEYS received
  107. debug1: Roaming not allowed by server
  108. debug1: SSH2_MSG_SERVICE_REQUEST sent
  109. debug2: service_accept: ssh-userauth
  110. debug1: SSH2_MSG_SERVICE_ACCEPT received
  111. debug2: key: /var/lib/amanda/.ssh/id_rsa (0x5555557cf830)
  112. debug2: key: /var/lib/amanda/.ssh/id_dsa ((nil))
  113. debug1: Authentications that can continue: publickey
  114. debug3: start over, passed a different list publickey
  115. debug3: preferred gssapi-with-mic,publickey,keyboard-interactive,password
  116. debug3: authmethod_lookup publickey
  117. debug3: remaining preferred: keyboard-interactive,password
  118. debug3: authmethod_is_enabled publickey
  119. debug1: Next authentication method: publickey
  120. debug1: Offering public key: /var/lib/amanda/.ssh/id_rsa
  121. debug3: send_pubkey_test
  122. debug2: we sent a publickey packet, wait for reply
  123. debug1: Authentications that can continue: publickey
  124. debug1: Trying private key: /var/lib/amanda/.ssh/id_dsa
  125. debug3: no such identity: /var/lib/amanda/.ssh/id_dsa
  126. debug2: we did not send a packet, disable method
  127. debug1: No more authentication methods to try.
  128. Permission denied (publickey).
  129.  
  130. ## ssh into server "woofy" works with same key as above
  131.  
  132. -sh-3.2$ ssh woofy
  133. Last login: Fri May 27 11:08:29 2011 from ec2-50-19-73-101.compute-1.amazonaws.com
  134. [amandabackup@woofy:~] $
  135.  
  136.  
  137. ## here is the verbose ssh output of that login
  138.  
  139. OpenSSH_5.5p1, OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008
  140. debug1: Reading configuration data /var/lib/amanda/.ssh/config
  141. debug1: Reading configuration data /etc/ssh/ssh_config
  142. debug1: Applying options for *
  143. debug2: ssh_connect: needpriv 0
  144. debug1: Connecting to woofy [64.106.217.202] port 22.
  145. debug1: Connection established.
  146. debug3: Not a RSA1 key file /var/lib/amanda/.ssh/id_rsa.
  147. debug2: key_type_from_name: unknown key type '-----BEGIN'
  148. debug3: key_read: missing keytype
  149. debug3: key_read: missing whitespace
  150. debug3: key_read: missing whitespace
  151. debug3: key_read: missing whitespace
  152. debug3: key_read: missing whitespace
  153. debug3: key_read: missing whitespace
  154. debug3: key_read: missing whitespace
  155. debug3: key_read: missing whitespace
  156. debug3: key_read: missing whitespace
  157. debug3: key_read: missing whitespace
  158. debug3: key_read: missing whitespace
  159. debug3: key_read: missing whitespace
  160. debug3: key_read: missing whitespace
  161. debug3: key_read: missing whitespace
  162. debug3: key_read: missing whitespace
  163. debug3: key_read: missing whitespace
  164. debug3: key_read: missing whitespace
  165. debug3: key_read: missing whitespace
  166. debug3: key_read: missing whitespace
  167. debug3: key_read: missing whitespace
  168. debug3: key_read: missing whitespace
  169. debug3: key_read: missing whitespace
  170. debug3: key_read: missing whitespace
  171. debug3: key_read: missing whitespace
  172. debug3: key_read: missing whitespace
  173. debug3: key_read: missing whitespace
  174. debug2: key_type_from_name: unknown key type '-----END'
  175. debug3: key_read: missing keytype
  176. debug1: identity file /var/lib/amanda/.ssh/id_rsa type 1
  177. debug1: identity file /var/lib/amanda/.ssh/id_rsa-cert type -1
  178. debug1: identity file /var/lib/amanda/.ssh/id_dsa type -1
  179. debug1: identity file /var/lib/amanda/.ssh/id_dsa-cert type -1
  180. debug1: Remote protocol version 2.0, remote software version OpenSSH_5.8
  181. debug1: match: OpenSSH_5.8 pat OpenSSH*
  182. debug1: Enabling compatibility mode for protocol 2.0
  183. debug1: Local version string SSH-2.0-OpenSSH_5.5
  184. debug2: fd 3 setting O_NONBLOCK
  185. debug1: SSH2_MSG_KEXINIT sent
  186. debug1: SSH2_MSG_KEXINIT received
  187. debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
  188. debug2: kex_parse_kexinit: ssh-rsa-cert-v00@openssh.com,ssh-dss-cert-v00@openssh.com,ssh-rsa,ssh-dss
  189. debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
  190. debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
  191. debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
  192. debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
  193. debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
  194. debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
  195. debug2: kex_parse_kexinit:
  196. debug2: kex_parse_kexinit:
  197. debug2: kex_parse_kexinit: first_kex_follows 0
  198. debug2: kex_parse_kexinit: reserved 0
  199. debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
  200. debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
  201. debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
  202. debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
  203. debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
  204. debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
  205. debug2: kex_parse_kexinit: none,zlib@openssh.com
  206. debug2: kex_parse_kexinit: none,zlib@openssh.com
  207. debug2: kex_parse_kexinit:
  208. debug2: kex_parse_kexinit:
  209. debug2: kex_parse_kexinit: first_kex_follows 0
  210. debug2: kex_parse_kexinit: reserved 0
  211. debug2: mac_setup: found hmac-md5
  212. debug1: kex: server->client aes128-ctr hmac-md5 none
  213. debug2: mac_setup: found hmac-md5
  214. debug1: kex: client->server aes128-ctr hmac-md5 none
  215. debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
  216. debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
  217. debug2: dh_gen_key: priv key bits set: 113/256
  218. debug2: bits set: 521/1024
  219. debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
  220. debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
  221. debug3: check_host_in_hostfile: host woofy filename /var/lib/amanda/.ssh/known_hosts
  222. debug3: check_host_in_hostfile: host woofy filename /var/lib/amanda/.ssh/known_hosts
  223. debug3: check_host_in_hostfile: match line 25
  224. debug3: check_host_in_hostfile: host 64.106.217.202 filename /var/lib/amanda/.ssh/known_hosts
  225. debug3: check_host_in_hostfile: host 64.106.217.202 filename /var/lib/amanda/.ssh/known_hosts
  226. debug3: check_host_in_hostfile: match line 25
  227. debug1: Host 'woofy' is known and matches the RSA host key.
  228. debug1: Found key in /var/lib/amanda/.ssh/known_hosts:25
  229. debug2: bits set: 498/1024
  230. debug1: ssh_rsa_verify: signature correct
  231. debug2: kex_derive_keys
  232. debug2: set_newkeys: mode 1
  233. debug1: SSH2_MSG_NEWKEYS sent
  234. debug1: expecting SSH2_MSG_NEWKEYS
  235. debug2: set_newkeys: mode 0
  236. debug1: SSH2_MSG_NEWKEYS received
  237. debug1: Roaming not allowed by server
  238. debug1: SSH2_MSG_SERVICE_REQUEST sent
  239. debug2: service_accept: ssh-userauth
  240. debug1: SSH2_MSG_SERVICE_ACCEPT received
  241. debug2: key: /var/lib/amanda/.ssh/id_rsa (0x5555557cf8a0)
  242. debug2: key: /var/lib/amanda/.ssh/id_dsa ((nil))
  243. debug1: Authentications that can continue: publickey
  244. debug3: start over, passed a different list publickey
  245. debug3: preferred gssapi-with-mic,publickey,keyboard-interactive,password
  246. debug3: authmethod_lookup publickey
  247. debug3: remaining preferred: keyboard-interactive,password
  248. debug3: authmethod_is_enabled publickey
  249. debug1: Next authentication method: publickey
  250. debug1: Offering public key: /var/lib/amanda/.ssh/id_rsa
  251. debug3: send_pubkey_test
  252. debug2: we sent a publickey packet, wait for reply
  253. debug1: Server accepts key: pkalg ssh-rsa blen 279
  254. debug2: input_userauth_pk_ok: fp 65:e2:7e:26:8d:cc:a2:15:7d:8c:76:2f:61:56:55:6f
  255. debug3: sign_and_send_pubkey
  256. debug1: read PEM private key done: type RSA
  257. debug1: Authentication succeeded (publickey).
  258. debug2: fd 6 setting O_NONBLOCK
  259. debug1: channel 0: new [client-session]
  260. debug3: ssh_session2_open: channel_new: 0
  261. debug2: channel 0: send open
  262. debug1: Requesting no-more-sessions@openssh.com
  263. debug1: Entering interactive session.
  264. debug2: callback start
  265. debug2: client_session2_setup: id 0
  266. debug2: channel 0: request pty-req confirm 1
  267. debug1: Sending environment.
  268. debug3: Ignored env HOSTNAME
  269. debug3: Ignored env SHELL
  270. debug3: Ignored env TERM
  271. debug3: Ignored env HISTSIZE
  272. debug3: Ignored env USER
  273. debug3: Ignored env LS_COLORS
  274. debug3: Ignored env EC2_HOME
  275. debug3: Ignored env MAIL
  276. debug3: Ignored env PATH
  277. debug3: Ignored env INPUTRC
  278. debug3: Ignored env PWD
  279. debug3: Ignored env JAVA_HOME
  280. debug3: Ignored env SSH_ASKPASS
  281. debug3: Ignored env SHLVL
  282. debug3: Ignored env HOME
  283. debug3: Ignored env LOGNAME
  284. debug3: Ignored env CVS_RSH
  285. debug3: Ignored env PKG_CONFIG_PATH
  286. debug3: Ignored env LESSOPEN
  287. debug3: Ignored env G_BROKEN_FILENAMES
  288. debug3: Ignored env _
  289. debug2: channel 0: request shell confirm 1
  290. debug2: fd 3 setting TCP_NODELAY
  291. debug2: callback done
  292. debug2: channel 0: open confirm rwindow 0 rmax 32768
  293. debug2: channel_input_status_confirm: type 99 id 0
  294. debug2: PTY allocation request accepted on channel 0
  295. debug2: channel 0: rcvd adjust 2097152
  296. debug2: channel_input_status_confirm: type 99 id 0
  297. debug2: shell request accepted on channel 0
  298. debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
  299. debug1: client_input_channel_req: channel 0 rtype eow@openssh.com reply 0
  300. debug2: channel 0: rcvd eow
  301. debug2: channel 0: close_read
  302. debug2: channel 0: input open -> closed
  303. debug2: channel 0: rcvd eof
  304. debug2: channel 0: output open -> drain
  305. debug2: channel 0: rcvd close
  306. debug3: channel 0: will not send data after close
  307. debug1: channel 0: forcing write
  308. debug3: channel 0: will not send data after close
  309. debug2: channel 0: obuf empty
  310. debug2: channel 0: close_write
  311. debug2: channel 0: output drain -> closed
  312. debug2: channel 0: almost dead
  313. debug2: channel 0: gc: notify user
  314. debug2: channel 0: gc: user detached
  315. debug2: channel 0: send close
  316. debug2: channel 0: is dead
  317. debug2: channel 0: garbage collecting
  318. debug1: channel 0: free: client-session, nchannels 1
  319. debug3: channel 0: status: The following connections are open:
  320. #0 client-session (t4 r0 i3/0 o3/0 fd -1/-1 cc -1)
  321.  
  322. debug3: channel 0: close_fds r -1 w -1 e 6
  323. debug1: fd 2 clearing O_NONBLOCK
  324. Connection to woofy closed.
  325. Transferred: sent 3112, received 2904 bytes, in 2.9 seconds
  326. Bytes per second: sent 1070.6, received 999.1
  327. debug1: Exit status 0
  328.  
  329.  
  330. ## this is the sshd_config file from server "mimi" (ssh login fail from above)
  331.  
  332. # $OpenBSD: sshd_config,v 1.73 2005/12/06 22:38:28 reyk Exp $
  333.  
  334. # This is the sshd server system-wide configuration file. See
  335. # sshd_config(5) for more information.
  336.  
  337. # This sshd was compiled with PATH=/usr/local/bin:/bin:/usr/bin
  338.  
  339. # The strategy used for options in the default sshd_config shipped with
  340. # OpenSSH is to specify options with their default value where
  341. # possible, but leave them commented. Uncommented options change a
  342. # default value.
  343.  
  344. #Port 22
  345. #Protocol 2,1
  346. Protocol 2
  347. #AddressFamily any
  348. #ListenAddress 0.0.0.0
  349. #ListenAddress ::
  350.  
  351. # HostKey for protocol version 1
  352. #HostKey /etc/ssh/ssh_host_key
  353. # HostKeys for protocol version 2
  354. #HostKey /etc/ssh/ssh_host_rsa_key
  355. #HostKey /etc/ssh/ssh_host_dsa_key
  356.  
  357. # Lifetime and size of ephemeral version 1 server key
  358. #KeyRegenerationInterval 1h
  359. #ServerKeyBits 768
  360.  
  361. # Logging
  362. # obsoletes QuietMode and FascistLogging
  363. #SyslogFacility AUTH
  364. SyslogFacility AUTHPRIV
  365. #LogLevel INFO
  366.  
  367. # Authentication:
  368.  
  369. #LoginGraceTime 2m
  370. PermitRootLogin no
  371. #StrictModes yes
  372. #MaxAuthTries 6
  373.  
  374. #RSAAuthentication yes
  375. #PubkeyAuthentication yes
  376. #AuthorizedKeysFile .ssh/authorized_keys
  377.  
  378. # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
  379. #RhostsRSAAuthentication no
  380. # similar for protocol version 2
  381. #HostbasedAuthentication no
  382. # Change to yes if you don't trust ~/.ssh/known_hosts for
  383. # RhostsRSAAuthentication and HostbasedAuthentication
  384. #IgnoreUserKnownHosts no
  385. # Don't read the user's ~/.rhosts and ~/.shosts files
  386. #IgnoreRhosts yes
  387.  
  388. # To disable tunneled clear text passwords, change to no here!
  389. #PasswordAuthentication yes
  390. #PermitEmptyPasswords no
  391. PasswordAuthentication no
  392.  
  393. # Change to no to disable s/key passwords
  394. #ChallengeResponseAuthentication yes
  395. ChallengeResponseAuthentication no
  396.  
  397. # Kerberos options
  398. #KerberosAuthentication no
  399. #KerberosOrLocalPasswd yes
  400. #KerberosTicketCleanup yes
  401. #KerberosGetAFSToken no
  402.  
  403. # GSSAPI options
  404. #GSSAPIAuthentication no
  405. GSSAPIAuthentication no
  406. #GSSAPICleanupCredentials yes
  407. GSSAPICleanupCredentials no
  408.  
  409. # Set this to 'yes' to enable PAM authentication, account processing,
  410. # and session processing. If this is enabled, PAM authentication will
  411. # be allowed through the ChallengeResponseAuthentication mechanism.
  412. # Depending on your PAM configuration, this may bypass the setting of
  413. # PasswordAuthentication, PermitEmptyPasswords, and
  414. # "PermitRootLogin without-password". If you just want the PAM account and
  415. # session checks to run without PAM authentication, then enable this but set
  416. # ChallengeResponseAuthentication=no
  417. #UsePAM no
  418. UsePAM yes
  419.  
  420. # Accept locale-related environment variables
  421. AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
  422. AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
  423. AcceptEnv LC_IDENTIFICATION LC_ALL
  424. #AllowTcpForwarding yes
  425. #GatewayPorts no
  426. #X11Forwarding no
  427. X11Forwarding no
  428. #X11DisplayOffset 10
  429. #X11UseLocalhost yes
  430. #PrintMotd yes
  431. #PrintLastLog yes
  432. #TCPKeepAlive yes
  433. #UseLogin no
  434. UsePrivilegeSeparation no
  435. #PermitUserEnvironment no
  436. #Compression delayed
  437. #ClientAliveInterval 0
  438. #ClientAliveCountMax 3
  439. #ShowPatchLevel no
  440. #UseDNS yes
  441. #PidFile /var/run/sshd.pid
  442. #MaxStartups 10
  443. #PermitTunnel no
  444.  
  445. # no default banner path
  446. #Banner /some/path
  447.  
  448. # override default of no subsystems
  449. Subsystem sftp /usr/libexec/openssh/sftp-server
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!