[Trilug-ontopic] ssh - someone changed something and I have to change it back..
Greg Brown
gwbrown1 at gmail.com
Tue Jul 19 14:42:07 EDT 2011
Ok, so I've got a test and dev system I use for writing scripts and whatnot.
Someone changed sshd_config or ssh_config and I can't for the life of me
figure out what or where but it's causing my perl/Net::SSH::Expect scripts
to fail. EACH and EVERY time I try to log into something with
Net::SSH::Expect it hangs and barfs back:
"Enter passphrase for key '/home/netadmin/.ssh/id_dsa':
...where it did not before which leads me to believe someone has turned
strict host key checking off. That turns out not to be the case, at least
according to the ssh config files. I've got as far as creating a 2nd VM on
another machine and comparing and copying the ssh_config and sshd_config
files back to the broken test machine (and restarting ssh and later just
rebooting the damn thing).
System is: Linux debian 2.6.26-2-686 #1 SMP Thu Jan 27 00:28:05 UTC 2011
i686 GNU/Linux
I'm missing something very basic and very rudimentary. Does anyone know
what?
Here are the files in question stripped of comments (and commented out
lines) and blanks:
cat ssh_config | grep -v "#" | grep -v "^$"****
Host *****
SendEnv LANG LC_*****
HashKnownHosts yes****
GSSAPIAuthentication yes****
GSSAPIDelegateCredentials no****
** **
cat sshd_config | grep -v "#" | grep -v "^$"****
Port 22****
Protocol 2****
HostKey /etc/ssh/ssh_host_rsa_key****
HostKey /etc/ssh/ssh_host_dsa_key****
UsePrivilegeSeparation yes****
KeyRegenerationInterval 3600****
ServerKeyBits 768****
SyslogFacility AUTH****
LogLevel INFO****
LoginGraceTime 120****
PermitRootLogin yes****
StrictModes yes****
RSAAuthentication yes****
PubkeyAuthentication yes****
IgnoreRhosts yes****
RhostsRSAAuthentication no****
HostbasedAuthentication no****
PermitEmptyPasswords no****
ChallengeResponseAuthentication no****
X11Forwarding yes****
X11DisplayOffset 10****
PrintMotd no****
PrintLastLog yes****
TCPKeepAlive yes****
AcceptEnv LANG LC_*****
Subsystem sftp /usr/lib/openssh/sftp-server****
UsePAM yes
Greg
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.trilug.org/pipermail/trilug-ontopic/attachments/20110719/2eaa2373/attachment.htm>
More information about the Trilug-ontopic
mailing list