Configure SSHD in Mandrake 9.0

[Shadow07]

Does anyone know of any good articles on how to configure SSHD on Mandrake 9.0? I have gerenated the RSA/DSA key pair, and the service has started. However, I cannot connect with F-Secure SSH client with password authentication.

Any suggestions?

Thanks.

 

[n0cmonkey]

Is this SSH.com's sshd or OpenSSH's sshd?

If its OpenSSH:
Check out openssh.com's docs. They are typically pretty good.
post your /etc/ssh/sshd_config
Post whether you installed from Mandrake RPMs or compiled from source.

 

[Shadow07]

It is just a basic install. I just installed Mandrake 9.0 (Internet Installation CD's), and I selected to have the SSHD installed during setup. I have created the RSA and DSA keys.

I have added the following lines:

LoginGraceTIme 600
PermitRootLogin no
PasswordAuthentication yes
PermitEmptyPasswords no

That is it. All I want to do is allow local users to SSH into this server. I want only password authentication, as I don't want to manage public keys on the local server.

Thanks.

 

[Shadow07]

sshd version OpenSSH_3.4p1

 

[n0cmonkey]

Does your client give you any errors? Does it connect? Try running a cli client with -v for verbose so you can see what is going on.

 

[Shadow07]

I'm using the F-Secure SSH Client for WIN32. The version I'm running on the client is 5.2 Build 11. I've never had any problems using the client before when attempting an SSH connection.

This is what I'm getting when I enable debugging on the client:

debug: OnKillFocus: old mask 0
debug: constructor
debug: Connect()
debug: CBConnectDone
debug: Setting new keys and algorithms
debug: Allocating cipher: name: none, key_len: 16.
debug: Setting new keys and algorithms
debug: Allocating cipher: name: none, key_len: 16.
debug: client supports 1 auth methods: 'password'
debug: local ip = 192.168.2.15, local port = 3370
debug: remote ip = 192.168.2.14, remote port = 22
debug: remote hostname is "192.168.2.14".
debug: Wrapping...
debug: Disconnecting: reason code: 10 message: 'Connection closed by remote host.'
debug: DISCONNECT received: Connection closed by remote host.
debug: CBAuthenticated(result 0)
debug: CBDisconnect(reason 10, local 1, msg Connection closed by remote host.
debug: OnKillFocus: old mask 0
debug: CBDestroyNotify
debug: Destroying SshConn object.
debug: Destroying transport stream.
debug: Destroying SshTransportCommon object.
debug: Cleaning up after a key exchange.
debug: CBDestroyProtocol
debug: destructor
debug: Freeing pki. (host_pki != NULL, user_pki = NULL)
debug: Free certificate manager.
debug: memory left 0


I believe the problem is with the server. I can telnet to port 22, but obviously I'm not going to be able to connect with just a telnet session.

All I want to do is be able to connect to it and authenticate with local usernames/passwords. I don't want to create a VPN connection, and I don't want others to be able to use this SSHD as a VPN server. I already have a VPN server up and running.

Thanks.

 

[Nothinman]

Check the logs in /var/log and/or run sshd in debug mode.

 

[Shadow07]

Well, I checked for a log file in the location you told me, and I didn't find one. However, I ran SSHD -d, and when I attempted to connect, I got the following from the command line on the linux box:

debug1: Connection refused by tcp wrapper

And the session is then dropped, and I get the error on the client that it couldn't connect.

HELP!!!!!!!!!!

 

[cleverhandle]

Make sure you're allowing connections in /etc/hosts.allow and /etc/hosts.deny. See the hosts_access man page for details.

 

[Shadow07]

But I don't want to have to enter in every single IP address or host name. I just want to be able to authenticate using a username and password combo. If I need to put the public key of the workstation on the server, then I can do that.

 

[Nothinman]

/var/log is a directory containing log files.

hosts.deny is too strict then, the aforementioned hosts_access man page describes the format of the files.

 

[Shadow07]

I have figured it out. I was because in the HOSTS.DENY file, it would deny all but the local host. I guess this is what happens when you install the server in HIGH SECURITY mode.

It's working now as it should.

Thanks.

 

[Shadow07]

Ok. I have rebooted the server, and now the same entry in the HOSTS.DENY file has come back. Where would I prevent this change from? Also, since I don't have XWindows running, or have xfree86 installed, how would I go about removing some services that start during bootup. Like, IPTABLES and SHOREWALL for instance?

Thanks.

 

[n0cmonkey]

Originally posted by: Shadow07
Ok. I have rebooted the server, and now the same entry in the HOSTS.DENY file has come back. Where would I prevent this change from?

Check your startup scripts. Also, with RedHat I think there is a daemon or something that is running at high level sec, it may be the same for Mandrake.

Also, since I don't have XWindows running, or have xfree86 installed, how would I go about removing some services that start during bootup. Like, IPTABLES and SHOREWALL for instance?

Thanks.

What does X have to do with removing IPTables and Shorewall from startup?

Edit your /etc/rc3.d scripts/links.

 

[Shadow07]

I know how to stop services within an Xwindows session (i.e. using SystemDrake, or the Control Panel). I believe I searched through those scripts, but I'm not completely certain. I will look through them today.

Thanks.