Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Secure-Shell
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

SSH failure, putty client log has 2005-10-10 17:19:27 Keyboard-inter

from [Alvin Wong] Network Security [Permanent Link]
Subject: SSH failure, putty client log has 2005-10-10 17:19:27 Keyboard-interactive authentication refused
Date: Tue, 11 Oct 2005 09:50:14 +0800 
Hi All,

I'm having problems accessing ssh for the following version , installed on Solaris 8

OpenSSH_4.2p1, OpenSSL 0.9.8 05 Jul 2005

When i ssh in from my LAN <http://www.experts-exchange.com/Security/Unix_Security/Q_21589363.html#>, it does not give me any problems. However when i set up a NAT from an external ip <http://www.experts-exchange.com/Security/Unix_Security/Q_21589363.html#> to this ip and i perform ssh to this external ip, i get the following error in putty client log

2005-10-10 17:19:27 Keyboard-interactive authentication <http://www.experts-exchange.com/Security/Unix_Security/Q_21589363.html#> refused

also, i get "access denied" from the console and any passwords for any user account fails.

In addition, 1 thing funny is that i noticed there is this message when i login via external ip:

                           ****USAGE WARNING****

This is a private computer system <http://www.experts-exchange.com/Security/Unix_Security/Q_21589363.html#>. This computer <http://www.experts-exchange.com/Security/Unix_Security/Q_21589363.html#> system, including all
related equipment, networks, and network devices (specifically including
Internet access) are provided only for authorized use. This computer system
may be monitored for all lawful purposes, including to ensure that its use
is authorized, for management of the system, to facilitate protection against
unauthorized access, and to verify security procedures, survivability, and
operational security. Monitoring includes active attacks by authorized entities
to test or verify the security of this system. During monitoring, information
may be examined, recorded, copied and used for authorized purposes. All
information, including personal information, placed or sent over this system
may be monitored.

Use of this computer system, authorized or unauthorized, constitutes consent
to monitoring of this system. Unauthorized use may subject you to criminal
prosecution. Evidence of unauthorized use collected during monitoring may be
used for administrative, criminal, or other adverse action. Use of this system
constitutes consent to monitoring for these purposes.
-------------------------------------------------------------
Here's my sshd config below, is there anything that i've done wrong here?

Port 22
#Protocol 2,1
#ListenAddress 0.0.0.0
#ListenAddress ::
HostKey /usr/local/etc/ssh_host_key
HostKey /usr/local/etc/ssh_host_rsa_key
HostKey /usr/local/etc/ssh_host_dsa_key
ServerKeyBits 768
LoginGraceTime 600
KeyRegenerationInterval 3600
PermitRootLogin yes
#
# Don't read ~/.rhosts and ~/.shosts files
IgnoreRhosts yes
# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
#IgnoreUserKnownHosts yes
StrictModes yes
X11Forwarding yes
X11DisplayOffset 10
PrintMotd no
KeepAlive yes

# Logging
SyslogFacility AUTH
LogLevel INFO
#obsoletes QuietMode and FascistLogging
#RhostsAuthentication no
#
# For this to work you will also need host keys in /usr/local/etc/ssh_known_hosts
RhostsRSAAuthentication no
#
RSAAuthentication yes

# To disable tunneled clear text passwords, change to no here!
PasswordAuthentication yes
PermitEmptyPasswords no
#AllowedAuthentications keyboard-interactive

# Comment to enable s/key passwords or PAM interactive authentication
# NB. Neither of these are compiled in by default. Please read the
# notes in the sshd(8) manpage before enabling this on a PAM system.
ChallengeResponseAuthentication no

# To change Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#AFSTokenPassing no
#KerberosTicketCleanup no

# Kerberos TGT Passing does only work with the AFS kaserver
#KerberosTgtPassing yes

#CheckMail yes
#UseLogin no

#MaxStartups 10:30:60
#Banner /etc/issue.net
ReverseMappingCheck no
Subsystem       sftp    /usr/local/libexec/sftp-server

I also added tcp wrappers though, i'm not sure if that's the reason why the whole thing is failing though cos i can still ssh in without any problems.

As in, i get the prompt except authentication fails when i type in the password.

Any ssh experts out there who can shed light on this problem? Or is there some setting i need to set in my firewall to allow other ports than port 22 to come in?

Thanks in Advance,
Alvin

[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  setting env. var in authorized_keys, 3.5p1, bobby temper
Next by Date:  Re: setting env. var in authorized_keys, 3.5p1, Derek Martin
Previous by Thread:  setting env. var in authorized_keys, 3.5p1, bobby temper
Next by Thread:  Re: SSH failure, putty client log has 2005-10-10 17:19:27 Keyboard-interactive authentication refused, Bartek Krajnik
Indexes:  [Date] [Thread] [Top] [All Lists]