| View previous topic :: View next topic |
| Author |
Message |
massysett
Apprentice
Joined: 06 Jan 2006
Posts: 296
Location: Silver Spring, Maryland USA
|
 Posted: Sat Jan 07, 2006 4:48 am Post subject: [SOLVED] Only root can use ssh |
 |
|
I am trying to use ssh to connect to a remote machine. If I do this as root, everything works fine. If I do this as a regular user, I get "Host key authentication failed." Why can't I do it as a regular user?
Thanks.
Omari
Last edited by massysett on Sat Jan 07, 2006 4:02 pm; edited 1 time in total |
|
| Back to top |
|
 |
Voorhees51
Guru
Joined: 05 Nov 2003
Posts: 358
|
| Posted: Sat Jan 07, 2006 5:39 am Post subject: |
|
|
| Can you post your sshd_config file from the server you're trying to connect to, so we can check it |
|
| Back to top |
|
|
massysett
Apprentice
Joined: 06 Jan 2006
Posts: 296
Location: Silver Spring, Maryland USA
|
| Posted: Sat Jan 07, 2006 5:55 am Post subject: |
|
|
| Voorhees51 wrote: | | Can you post your sshd_config file from the server you're trying to connect to, so we can check it |
Sure, thanks. Most of it is commented out.
# $OpenBSD: ssh_config,v 1.20 2005/01/28 09:45:53 dtucker Exp $
# This is the ssh client system-wide configuration file. See
# ssh_config(5) for more information. This file provides defaults for
# users, and the values can be changed in per-user configuration files
# or on the command line.
# Configuration data is parsed as follows:
# 1. command line options
# 2. user-specific file
# 3. system-wide file
# Any configuration value is only changed the first time it is set.
# Thus, host-specific definitions should be at the beginning of the
# configuration file, and defaults at the end.
# Site-wide defaults for some commonly used options. For a comprehensive
# list of available options, their meanings and defaults, please see the
# ssh_config(5) man page.
Host *
# ForwardAgent no
# ForwardX11 no
# If you do not trust your remote host (or its administrator), you
# should not forward X11 connections to your local X11-display for
# security reasons: Someone stealing the authentification data on the
# remote side (the "spoofed" X-server by the remote sshd) can read your
# keystrokes as you type, just like any other X11 client could do.
# Set this to "no" here for global effect or in your own ~/.ssh/config
# file if you want to have the remote X11 authentification data to
# expire after two minutes after remote login.
ForwardX11Trusted yes
# RhostsRSAAuthentication no
# RSAAuthentication yes
# PasswordAuthentication yes
# HostbasedAuthentication no
# BatchMode no
# CheckHostIP yes
# AddressFamily any
# ConnectTimeout 0
# StrictHostKeyChecking ask
# IdentityFile ~/.ssh/identity
# IdentityFile ~/.ssh/id_rsa
# IdentityFile ~/.ssh/id_dsa
# Port 22
# Protocol 2,1
# Cipher 3des
# Ciphers aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc
# EscapeChar ~
# GSSAPIAuthentication no
# GSSAPIDelegateCredentials no
# Set this to 'yes' to enable support for the deprecated 'gssapi' authentication
# mechanism to OpenSSH 3.8p1. The newer 'gssapi-with-mic' mechanism is included
# in this release. The use of 'gssapi' is deprecated due to the presence of
# potential man-in-the-middle attacks, which 'gssapi-with-mic' is not susceptible to.
# GSSAPIEnableMITMAttack no
# This enables sending locale enviroment variables LC_* LANG, see ssh_config(5).
SendEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
SendEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
SendEnv LC_IDENTIFICATION LC_ALL |
|
| Back to top |
|
|
massysett
Apprentice
Joined: 06 Jan 2006
Posts: 296
Location: Silver Spring, Maryland USA
|
| Posted: Sat Jan 07, 2006 6:02 am Post subject: |
|
|
| Oh, and this happens even when I connect to a server different from the one whose file I posted in above--root works fine, users don't. (I can't get the config file for the other server though.) |
|
| Back to top |
|
|
notroot
n00b
Joined: 06 Jan 2006
Posts: 8
Location: /dev/null
|
| Posted: Sat Jan 07, 2006 6:39 am Post subject: |
|
|
| Are you sure those users exist on the server? SSH alows you to connect as users that exist on the server only. root obviously exist on every machine. You can't log in as a user on the client side to a server. (unless both users exist) |
|
| Back to top |
|
|
massysett
Apprentice
Joined: 06 Jan 2006
Posts: 296
Location: Silver Spring, Maryland USA
|
| Posted: Sat Jan 07, 2006 6:46 am Post subject: |
|
|
| notroot wrote: | | Are you sure those users exist on the server? SSH alows you to connect as users that exist on the server only. root obviously exist on every machine. You can't log in as a user on the client side to a server. (unless both users exist) |
It should work fine as long as I say "ssh username@server.com". Besides, there certainly is a root on my web hosting company's server, but you better believe they're not letting me log on as that  I have logged on as "ssh username@server.com" from SUSE just fine. |
|
| Back to top |
|
|
massysett
Apprentice
Joined: 06 Jan 2006
Posts: 296
Location: Silver Spring, Maryland USA
|
| Posted: Sat Jan 07, 2006 4:02 pm Post subject: |
|
|
I ran into this problem using baselayout 1.12. When using that I ran into other problems that I, as a Genoo n00b, am certainly not qualified to fix...so I went back down to the stable version of baselayout.
This also solved my problem with ssh. How they're related, I have no idea... |
|
| Back to top |
|
|
|
Networking & Security
