API tools faq
paste
Guest User

Untitled

a guest
Nov 27th, 2017
350
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 18.88 KB | None | 0 0
raw download clone embed print report
  1. ## ssh into server "mimi" fails with either key or password login
  2.  
  3. OpenSSH_5.5p1, OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008
  4. debug1: Reading configuration data /var/lib/amanda/.ssh/config
  5. debug1: Applying options for mimi
  6. debug1: Reading configuration data /etc/ssh/ssh_config
  7. debug1: Applying options for *
  8. debug2: ssh_connect: needpriv 0
  9. debug1: Connecting to 64.106.217.201 [64.106.217.201] port 22.
  10. debug1: Connection established.
  11. debug3: Not a RSA1 key file /var/lib/amanda/.ssh/id_rsa.
  12. debug2: key_type_from_name: unknown key type '-----BEGIN'
  13. debug3: key_read: missing keytype
  14. debug3: key_read: missing whitespace
  15. debug3: key_read: missing whitespace
  16. debug3: key_read: missing whitespace
  17. debug3: key_read: missing whitespace
  18. debug3: key_read: missing whitespace
  19. debug3: key_read: missing whitespace
  20. debug3: key_read: missing whitespace
  21. debug3: key_read: missing whitespace
  22. debug3: key_read: missing whitespace
  23. debug3: key_read: missing whitespace
  24. debug3: key_read: missing whitespace
  25. debug3: key_read: missing whitespace
  26. debug3: key_read: missing whitespace
  27. debug3: key_read: missing whitespace
  28. debug3: key_read: missing whitespace
  29. debug3: key_read: missing whitespace
  30. debug3: key_read: missing whitespace
  31. debug3: key_read: missing whitespace
  32. debug3: key_read: missing whitespace
  33. debug3: key_read: missing whitespace
  34. debug3: key_read: missing whitespace
  35. debug3: key_read: missing whitespace
  36. debug3: key_read: missing whitespace
  37. debug3: key_read: missing whitespace
  38. debug3: key_read: missing whitespace
  39. debug2: key_type_from_name: unknown key type '-----END'
  40. debug3: key_read: missing keytype
  41. debug1: identity file /var/lib/amanda/.ssh/id_rsa type 1
  42. debug1: identity file /var/lib/amanda/.ssh/id_rsa-cert type -1
  43. debug1: identity file /var/lib/amanda/.ssh/id_dsa type -1
  44. debug1: identity file /var/lib/amanda/.ssh/id_dsa-cert type -1
  45. debug1: Remote protocol version 2.0, remote software version OpenSSH_5.8
  46. debug1: match: OpenSSH_5.8 pat OpenSSH*
  47. debug1: Enabling compatibility mode for protocol 2.0
  48. debug1: Local version string SSH-2.0-OpenSSH_5.5
  49. debug2: fd 3 setting O_NONBLOCK
  50. debug1: SSH2_MSG_KEXINIT sent
  51. debug1: SSH2_MSG_KEXINIT received
  52. debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
  53. debug2: kex_parse_kexinit: ssh-rsa-cert-v00@openssh.com,ssh-dss-cert-v00@openssh.com,ssh-rsa,ssh-dss
  54. debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
  55. debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
  56. debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
  57. debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
  58. debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
  59. debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
  60. debug2: kex_parse_kexinit:
  61. debug2: kex_parse_kexinit:
  62. debug2: kex_parse_kexinit: first_kex_follows 0
  63. debug2: kex_parse_kexinit: reserved 0
  64. debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
  65. debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
  66. debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
  67. debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
  68. debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
  69. debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
  70. debug2: kex_parse_kexinit: none,zlib@openssh.com
  71. debug2: kex_parse_kexinit: none,zlib@openssh.com
  72. debug2: kex_parse_kexinit:
  73. debug2: kex_parse_kexinit:
  74. debug2: kex_parse_kexinit: first_kex_follows 0
  75. debug2: kex_parse_kexinit: reserved 0
  76. debug2: mac_setup: found hmac-md5
  77. debug1: kex: server->client aes128-ctr hmac-md5 none
  78. debug2: mac_setup: found hmac-md5
  79. debug1: kex: client->server aes128-ctr hmac-md5 none
  80. debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
  81. debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
  82. debug2: dh_gen_key: priv key bits set: 124/256
  83. debug2: bits set: 475/1024
  84. debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
  85. debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
  86. debug3: check_host_in_hostfile: host 64.106.217.201 filename /var/lib/amanda/.ssh/known_hosts
  87. debug3: check_host_in_hostfile: host 64.106.217.201 filename /var/lib/amanda/.ssh/known_hosts
  88. debug3: check_host_in_hostfile: match line 50
  89. debug1: Host '64.106.217.201' is known and matches the RSA host key.
  90. debug1: Found key in /var/lib/amanda/.ssh/known_hosts:50
  91. debug2: bits set: 520/1024
  92. debug1: ssh_rsa_verify: signature correct
  93. debug2: kex_derive_keys
  94. debug2: set_newkeys: mode 1
  95. debug1: SSH2_MSG_NEWKEYS sent
  96. debug1: expecting SSH2_MSG_NEWKEYS
  97. debug2: set_newkeys: mode 0
  98. debug1: SSH2_MSG_NEWKEYS received
  99. debug1: Roaming not allowed by server
  100. debug1: SSH2_MSG_SERVICE_REQUEST sent
  101. debug2: service_accept: ssh-userauth
  102. debug1: SSH2_MSG_SERVICE_ACCEPT received
  103. debug2: key: /var/lib/amanda/.ssh/id_rsa (0x5555557cf830)
  104. debug2: key: /var/lib/amanda/.ssh/id_dsa ((nil))
  105. debug1: Authentications that can continue: publickey
  106. debug3: start over, passed a different list publickey
  107. debug3: preferred gssapi-with-mic,publickey,keyboard-interactive,password
  108. debug3: authmethod_lookup publickey
  109. debug3: remaining preferred: keyboard-interactive,password
  110. debug3: authmethod_is_enabled publickey
  111. debug1: Next authentication method: publickey
  112. debug1: Offering public key: /var/lib/amanda/.ssh/id_rsa
  113. debug3: send_pubkey_test
  114. debug2: we sent a publickey packet, wait for reply
  115. debug1: Authentications that can continue: publickey
  116. debug1: Trying private key: /var/lib/amanda/.ssh/id_dsa
  117. debug3: no such identity: /var/lib/amanda/.ssh/id_dsa
  118. debug2: we did not send a packet, disable method
  119. debug1: No more authentication methods to try.
  120. Permission denied (publickey).
  121.  
  122. ## ssh into server "woofy" works with same key as above
  123.  
  124. OpenSSH_5.5p1, OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008
  125. debug1: Reading configuration data /var/lib/amanda/.ssh/config
  126. debug1: Reading configuration data /etc/ssh/ssh_config
  127. debug1: Applying options for *
  128. debug2: ssh_connect: needpriv 0
  129. debug1: Connecting to woofy [64.106.217.202] port 22.
  130. debug1: Connection established.
  131. debug3: Not a RSA1 key file /var/lib/amanda/.ssh/id_rsa.
  132. debug2: key_type_from_name: unknown key type '-----BEGIN'
  133. debug3: key_read: missing keytype
  134. debug3: key_read: missing whitespace
  135. debug3: key_read: missing whitespace
  136. debug3: key_read: missing whitespace
  137. debug3: key_read: missing whitespace
  138. debug3: key_read: missing whitespace
  139. debug3: key_read: missing whitespace
  140. debug3: key_read: missing whitespace
  141. debug3: key_read: missing whitespace
  142. debug3: key_read: missing whitespace
  143. debug3: key_read: missing whitespace
  144. debug3: key_read: missing whitespace
  145. debug3: key_read: missing whitespace
  146. debug3: key_read: missing whitespace
  147. debug3: key_read: missing whitespace
  148. debug3: key_read: missing whitespace
  149. debug3: key_read: missing whitespace
  150. debug3: key_read: missing whitespace
  151. debug3: key_read: missing whitespace
  152. debug3: key_read: missing whitespace
  153. debug3: key_read: missing whitespace
  154. debug3: key_read: missing whitespace
  155. debug3: key_read: missing whitespace
  156. debug3: key_read: missing whitespace
  157. debug3: key_read: missing whitespace
  158. debug3: key_read: missing whitespace
  159. debug2: key_type_from_name: unknown key type '-----END'
  160. debug3: key_read: missing keytype
  161. debug1: identity file /var/lib/amanda/.ssh/id_rsa type 1
  162. debug1: identity file /var/lib/amanda/.ssh/id_rsa-cert type -1
  163. debug1: identity file /var/lib/amanda/.ssh/id_dsa type -1
  164. debug1: identity file /var/lib/amanda/.ssh/id_dsa-cert type -1
  165. debug1: Remote protocol version 2.0, remote software version OpenSSH_5.8
  166. debug1: match: OpenSSH_5.8 pat OpenSSH*
  167. debug1: Enabling compatibility mode for protocol 2.0
  168. debug1: Local version string SSH-2.0-OpenSSH_5.5
  169. debug2: fd 3 setting O_NONBLOCK
  170. debug1: SSH2_MSG_KEXINIT sent
  171. debug1: SSH2_MSG_KEXINIT received
  172. debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
  173. debug2: kex_parse_kexinit: ssh-rsa-cert-v00@openssh.com,ssh-dss-cert-v00@openssh.com,ssh-rsa,ssh-dss
  174. debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
  175. debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
  176. debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
  177. debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
  178. debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
  179. debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
  180. debug2: kex_parse_kexinit:
  181. debug2: kex_parse_kexinit:
  182. debug2: kex_parse_kexinit: first_kex_follows 0
  183. debug2: kex_parse_kexinit: reserved 0
  184. debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
  185. debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
  186. debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
  187. debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
  188. debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
  189. debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
  190. debug2: kex_parse_kexinit: none,zlib@openssh.com
  191. debug2: kex_parse_kexinit: none,zlib@openssh.com
  192. debug2: kex_parse_kexinit:
  193. debug2: kex_parse_kexinit:
  194. debug2: kex_parse_kexinit: first_kex_follows 0
  195. debug2: kex_parse_kexinit: reserved 0
  196. debug2: mac_setup: found hmac-md5
  197. debug1: kex: server->client aes128-ctr hmac-md5 none
  198. debug2: mac_setup: found hmac-md5
  199. debug1: kex: client->server aes128-ctr hmac-md5 none
  200. debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
  201. debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
  202. debug2: dh_gen_key: priv key bits set: 113/256
  203. debug2: bits set: 521/1024
  204. debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
  205. debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
  206. debug3: check_host_in_hostfile: host woofy filename /var/lib/amanda/.ssh/known_hosts
  207. debug3: check_host_in_hostfile: host woofy filename /var/lib/amanda/.ssh/known_hosts
  208. debug3: check_host_in_hostfile: match line 25
  209. debug3: check_host_in_hostfile: host 64.106.217.202 filename /var/lib/amanda/.ssh/known_hosts
  210. debug3: check_host_in_hostfile: host 64.106.217.202 filename /var/lib/amanda/.ssh/known_hosts
  211. debug3: check_host_in_hostfile: match line 25
  212. debug1: Host 'woofy' is known and matches the RSA host key.
  213. debug1: Found key in /var/lib/amanda/.ssh/known_hosts:25
  214. debug2: bits set: 498/1024
  215. debug1: ssh_rsa_verify: signature correct
  216. debug2: kex_derive_keys
  217. debug2: set_newkeys: mode 1
  218. debug1: SSH2_MSG_NEWKEYS sent
  219. debug1: expecting SSH2_MSG_NEWKEYS
  220. debug2: set_newkeys: mode 0
  221. debug1: SSH2_MSG_NEWKEYS received
  222. debug1: Roaming not allowed by server
  223. debug1: SSH2_MSG_SERVICE_REQUEST sent
  224. debug2: service_accept: ssh-userauth
  225. debug1: SSH2_MSG_SERVICE_ACCEPT received
  226. debug2: key: /var/lib/amanda/.ssh/id_rsa (0x5555557cf8a0)
  227. debug2: key: /var/lib/amanda/.ssh/id_dsa ((nil))
  228. debug1: Authentications that can continue: publickey
  229. debug3: start over, passed a different list publickey
  230. debug3: preferred gssapi-with-mic,publickey,keyboard-interactive,password
  231. debug3: authmethod_lookup publickey
  232. debug3: remaining preferred: keyboard-interactive,password
  233. debug3: authmethod_is_enabled publickey
  234. debug1: Next authentication method: publickey
  235. debug1: Offering public key: /var/lib/amanda/.ssh/id_rsa
  236. debug3: send_pubkey_test
  237. debug2: we sent a publickey packet, wait for reply
  238. debug1: Server accepts key: pkalg ssh-rsa blen 279
  239. debug2: input_userauth_pk_ok: fp 65:e2:7e:26:8d:cc:a2:15:7d:8c:76:2f:61:56:55:6f
  240. debug3: sign_and_send_pubkey
  241. debug1: read PEM private key done: type RSA
  242. debug1: Authentication succeeded (publickey).
  243. debug2: fd 6 setting O_NONBLOCK
  244. debug1: channel 0: new [client-session]
  245. debug3: ssh_session2_open: channel_new: 0
  246. debug2: channel 0: send open
  247. debug1: Requesting no-more-sessions@openssh.com
  248. debug1: Entering interactive session.
  249. debug2: callback start
  250. debug2: client_session2_setup: id 0
  251. debug2: channel 0: request pty-req confirm 1
  252. debug1: Sending environment.
  253. debug3: Ignored env HOSTNAME
  254. debug3: Ignored env SHELL
  255. debug3: Ignored env TERM
  256. debug3: Ignored env HISTSIZE
  257. debug3: Ignored env USER
  258. debug3: Ignored env LS_COLORS
  259. debug3: Ignored env EC2_HOME
  260. debug3: Ignored env MAIL
  261. debug3: Ignored env PATH
  262. debug3: Ignored env INPUTRC
  263. debug3: Ignored env PWD
  264. debug3: Ignored env JAVA_HOME
  265. debug3: Ignored env SSH_ASKPASS
  266. debug3: Ignored env SHLVL
  267. debug3: Ignored env HOME
  268. debug3: Ignored env LOGNAME
  269. debug3: Ignored env CVS_RSH
  270. debug3: Ignored env PKG_CONFIG_PATH
  271. debug3: Ignored env LESSOPEN
  272. debug3: Ignored env G_BROKEN_FILENAMES
  273. debug3: Ignored env _
  274. debug2: channel 0: request shell confirm 1
  275. debug2: fd 3 setting TCP_NODELAY
  276. debug2: callback done
  277. debug2: channel 0: open confirm rwindow 0 rmax 32768
  278. debug2: channel_input_status_confirm: type 99 id 0
  279. debug2: PTY allocation request accepted on channel 0
  280. debug2: channel 0: rcvd adjust 2097152
  281. debug2: channel_input_status_confirm: type 99 id 0
  282. debug2: shell request accepted on channel 0
  283. debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
  284. debug1: client_input_channel_req: channel 0 rtype eow@openssh.com reply 0
  285. debug2: channel 0: rcvd eow
  286. debug2: channel 0: close_read
  287. debug2: channel 0: input open -> closed
  288. debug2: channel 0: rcvd eof
  289. debug2: channel 0: output open -> drain
  290. debug2: channel 0: rcvd close
  291. debug3: channel 0: will not send data after close
  292. debug1: channel 0: forcing write
  293. debug3: channel 0: will not send data after close
  294. debug2: channel 0: obuf empty
  295. debug2: channel 0: close_write
  296. debug2: channel 0: output drain -> closed
  297. debug2: channel 0: almost dead
  298. debug2: channel 0: gc: notify user
  299. debug2: channel 0: gc: user detached
  300. debug2: channel 0: send close
  301. debug2: channel 0: is dead
  302. debug2: channel 0: garbage collecting
  303. debug1: channel 0: free: client-session, nchannels 1
  304. debug3: channel 0: status: The following connections are open:
  305. #0 client-session (t4 r0 i3/0 o3/0 fd -1/-1 cc -1)
  306.  
  307. debug3: channel 0: close_fds r -1 w -1 e 6
  308. debug1: fd 2 clearing O_NONBLOCK
  309. Connection to woofy closed.
  310. Transferred: sent 3112, received 2904 bytes, in 2.9 seconds
  311. Bytes per second: sent 1070.6, received 999.1
  312. debug1: Exit status 0
  313.  
  314.  
  315. ## this is the sshd_config file from server "mimi" (ssh fail from above)
  316.  
  317. # $OpenBSD: sshd_config,v 1.73 2005/12/06 22:38:28 reyk Exp $
  318.  
  319. # This is the sshd server system-wide configuration file. See
  320. # sshd_config(5) for more information.
  321.  
  322. # This sshd was compiled with PATH=/usr/local/bin:/bin:/usr/bin
  323.  
  324. # The strategy used for options in the default sshd_config shipped with
  325. # OpenSSH is to specify options with their default value where
  326. # possible, but leave them commented. Uncommented options change a
  327. # default value.
  328.  
  329. #Port 22
  330. #Protocol 2,1
  331. Protocol 2
  332. #AddressFamily any
  333. #ListenAddress 0.0.0.0
  334. #ListenAddress ::
  335.  
  336. # HostKey for protocol version 1
  337. #HostKey /etc/ssh/ssh_host_key
  338. # HostKeys for protocol version 2
  339. #HostKey /etc/ssh/ssh_host_rsa_key
  340. #HostKey /etc/ssh/ssh_host_dsa_key
  341.  
  342. # Lifetime and size of ephemeral version 1 server key
  343. #KeyRegenerationInterval 1h
  344. #ServerKeyBits 768
  345.  
  346. # Logging
  347. # obsoletes QuietMode and FascistLogging
  348. #SyslogFacility AUTH
  349. SyslogFacility AUTHPRIV
  350. #LogLevel INFO
  351.  
  352. # Authentication:
  353.  
  354. #LoginGraceTime 2m
  355. PermitRootLogin no
  356. #StrictModes yes
  357. #MaxAuthTries 6
  358.  
  359. #RSAAuthentication yes
  360. #PubkeyAuthentication yes
  361. #AuthorizedKeysFile .ssh/authorized_keys
  362.  
  363. # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
  364. #RhostsRSAAuthentication no
  365. # similar for protocol version 2
  366. #HostbasedAuthentication no
  367. # Change to yes if you don't trust ~/.ssh/known_hosts for
  368. # RhostsRSAAuthentication and HostbasedAuthentication
  369. #IgnoreUserKnownHosts no
  370. # Don't read the user's ~/.rhosts and ~/.shosts files
  371. #IgnoreRhosts yes
  372.  
  373. # To disable tunneled clear text passwords, change to no here!
  374. #PasswordAuthentication yes
  375. #PermitEmptyPasswords no
  376. PasswordAuthentication no
  377.  
  378. # Change to no to disable s/key passwords
  379. #ChallengeResponseAuthentication yes
  380. ChallengeResponseAuthentication no
  381.  
  382. # Kerberos options
  383. #KerberosAuthentication no
  384. #KerberosOrLocalPasswd yes
  385. #KerberosTicketCleanup yes
  386. #KerberosGetAFSToken no
  387.  
  388. # GSSAPI options
  389. #GSSAPIAuthentication no
  390. GSSAPIAuthentication no
  391. #GSSAPICleanupCredentials yes
  392. GSSAPICleanupCredentials no
  393.  
  394. # Set this to 'yes' to enable PAM authentication, account processing,
  395. # and session processing. If this is enabled, PAM authentication will
  396. # be allowed through the ChallengeResponseAuthentication mechanism.
  397. # Depending on your PAM configuration, this may bypass the setting of
  398. # PasswordAuthentication, PermitEmptyPasswords, and
  399. # "PermitRootLogin without-password". If you just want the PAM account and
  400. # session checks to run without PAM authentication, then enable this but set
  401. # ChallengeResponseAuthentication=no
  402. #UsePAM no
  403. UsePAM yes
  404.  
  405. # Accept locale-related environment variables
  406. AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
  407. AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
  408. AcceptEnv LC_IDENTIFICATION LC_ALL
  409. #AllowTcpForwarding yes
  410. #GatewayPorts no
  411. #X11Forwarding no
  412. X11Forwarding no
  413. #X11DisplayOffset 10
  414. #X11UseLocalhost yes
  415. #PrintMotd yes
  416. #PrintLastLog yes
  417. #TCPKeepAlive yes
  418. #UseLogin no
  419. UsePrivilegeSeparation no
  420. #PermitUserEnvironment no
  421. #Compression delayed
  422. #ClientAliveInterval 0
  423. #ClientAliveCountMax 3
  424. #ShowPatchLevel no
  425. #UseDNS yes
  426. #PidFile /var/run/sshd.pid
  427. #MaxStartups 10
  428. #PermitTunnel no
  429.  
  430. # no default banner path
  431. #Banner /some/path
  432.  
  433. # override default of no subsystems
  434. Subsystem sftp /usr/libexec/openssh/sftp-server
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!