From owner-ssh@clinet.fi Tue Jun 22 12:20:27 1999 Received: from lohi.clinet.fi (majordom@lohi.clinet.fi [194.100.0.7]) by hutcs.cs.hut.fi (8.8.8/8.8.8) with ESMTP id MAA12233; Tue, 22 Jun 1999 12:20:23 +0300 (EET DST) Received: (from majordom@localhost) by lohi.clinet.fi (8.9.1/8.9.0) id LAA12438 for ssh-outgoing; Tue, 22 Jun 1999 11:37:28 +0300 (EEST) Received: from mailsorter-103-2.iap.bryant.webtv.net (mailsorter-103-2.iap.bryant.webtv.net [209.240.198.103]) by lohi.clinet.fi (8.9.1/8.9.0) with ESMTP id LAA12329 for ; Tue, 22 Jun 1999 11:37:08 +0300 (EEST) Received: from admin-101.iap.bryant.webtv.net (admin-101.iap.bryant.webtv.net [209.240.198.123]) by mailsorter-103-2.iap.bryant.webtv.net (8.8.8/ms.gso.01Apr98) with ESMTP id BAA23053; Tue, 22 Jun 1999 01:36:22 -0700 (PDT) Received: (from production@localhost) by admin-101.iap.bryant.webtv.net (8.8.8/mt.gso.26Feb98) id BAA27816; Tue, 22 Jun 1999 01:36:22 -0700 (PDT) Received: from mailsorter-102-2.iap.bryant.webtv.net (209.240.198.99) by postoffice-161.iap.bryant.webtv.net with WTV-SMTP; Thu, 17 Jun 1999 21:23:56 -0700 (PDT) Received: from lohi.clinet.fi (lohi.clinet.fi [194.100.0.7]) by mailsorter-102-2.iap.bryant.webtv.net (8.9.3/ms.graham.2jul97) with ESMTP id VAA09193 for ; Thu, 17 Jun 1999 21:23:55 -0700 (PDT) Received: (from majordom@localhost) by lohi.clinet.fi (8.9.1/8.9.0) id GAA27364 for ssh-outgoing; Fri, 18 Jun 1999 06:34:55 +0300 (EEST) X-Authentication-Warning: lohi.clinet.fi: majordom set sender to owner-ssh@clinet.fi using -f Received: from asgard.tky.hut.fi (asgard.tky.hut.fi [130.233.29.146]) by lohi.clinet.fi (8.9.1/8.9.0) with ESMTP id GAA27359 for ; Fri, 18 Jun 1999 06:34:53 +0300 (EEST) Received: (from sjl@localhost) by asgard.tky.hut.fi (8.9.2/8.9.2) id FAA02513; Fri, 18 Jun 1999 05:27:58 -0400 (EDT) From: Sami Lehtinen MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="46W5noqxdA" Content-Transfer-Encoding: 7bit Date: Fri, 18 Jun 1999 05:27:58 -0400 (EDT) To: (A. Rich) Cc: ssh@clinet.fi Subject: weird host based authentication behaviour In-Reply-To: <14185.37416.506589.376322@sekrit.office.oceanwave.com> References: <14185.37416.506589.376322@sekrit.office.oceanwave.com> X-Mailer: VM 6.43 under 20.4 "Emerald" XEmacs Lucid Message-ID: <14186.4182.65487.7754@asgard.tky.hut.fi> Sender: owner-ssh@clinet.fi Precedence: bulk --46W5noqxdA Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit A. Rich writes: : in my $HOME/.ssh2/identification file I have (though I'm not really sure : whether or not it's needed): : : IdKey id_dsa_1024_a It is not necessary to set up pubkey-authentication to use hostbased authentication. : in $HOME/.ssh2/knownhosts/remote.host.com.ssh-dss.pub I have the remote : server's /etc/ssh2/hostkey.pub. : : : When I connect from the remote host, I'm still prompted for a password, but I : can hit return or put anything in as my password and then it logs me in. The : behaviour I expect is not to be prompted for a password at all. I'm guessing : I missed something simple, but I'm not sure what. Please try this patch. Inform me of the outcome. --46W5noqxdA Content-Type: text/plain Content-Disposition: inline; filename="patch-ssh-2.0.13-hostbased.before.pubkey" Content-Transfer-Encoding: 7bit To apply this patch, cd to your ssh-2.0.13 source directory, and issue the following command: % patch -p1 -l < patch-ssh-2.0.13-hostbased.before.pubkey You then should % make clean % make % su Password: # make install Sami Lehtinen #End prologue diff -u -r1.1.1.1 sshauthmethods.c --- ssh-2.0.13.orig/apps/ssh/sshauthmethods.c 1999/04/09 01:46:18 1.1.1.1 +++ ssh-2.0.13/apps/ssh/sshauthmethods.c 1999/06/18 03:16:02 @@ -25,9 +25,9 @@ static SshAuthServerMethod server_methods[] = { + { SSH_AUTH_HOSTBASED, ssh_server_auth_hostbased }, { SSH_AUTH_PUBKEY, ssh_server_auth_pubkey }, { SSH_AUTH_PASSWD, ssh_server_auth_passwd }, - { SSH_AUTH_HOSTBASED, ssh_server_auth_hostbased }, { NULL, NULL } }; diff -u -r1.1.1.1 sshauthmethodc.c --- ssh-2.0.13.orig/apps/ssh/sshauthmethodc.c 1999/04/09 01:45:51 1.1.1.1 +++ ssh-2.0.13/apps/ssh/sshauthmethodc.c 1999/06/18 03:15:47 @@ -29,9 +29,9 @@ SshAuthClientMethod ssh_client_auth_methods[] = { + { SSH_AUTH_HOSTBASED, ssh_client_auth_hostbased }, { SSH_AUTH_PUBKEY, ssh_client_auth_pubkey }, { SSH_AUTH_PASSWD, ssh_client_auth_passwd }, - { SSH_AUTH_HOSTBASED, ssh_client_auth_hostbased }, { NULL, NULL } }; --46W5noqxdA Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit -- [sjl@ssh.fi -- Sami J. Lehtinen -- sjl@iki.fi] [work:+358 9 43543214][gsm:+358 50 5170 258][http://www.iki.fi/~sjl] [SSH Communications Security Ltd. http://www.ssh.fi/] --46W5noqxdA--