SSH broken after Snow Leopard Upgrade

Discussion in 'macOS' started by stevegut78, Sep 8, 2009.

  1. stevegut78 macrumors member

    Joined:
    Feb 1, 2008
    #1
    Ok ever since the SL upgrade I cant ssh to my machine. I can't even ssh to it locally. I use ssh in order to work around the screen sharing without mobile me subscription. Ssh does not accept my password and after 3 failed attempts it quits. I've done ssh-keygen, sudo ssh... and even tried the full path /usr/bin/ssh (which I believed worked once) but I may have been hallucinating from all the madness.

    Here's the verbose logging...I'm afraid to muck with the ssh config files...Why would this all of a sudden stop working? Any ideas?

    xxxx-mac-pro:~ xxx$ sudo /usr/bin/ssh -v -L 6900:127.0.0.1:5900 -N user@dyndnsdomain.org
    Password:
    OpenSSH_5.1p1, OpenSSL 0.9.7l 28 Sep 2006
    debug1: Reading configuration data /etc/ssh_config
    debug1: Applying options for *
    debug1: Connecting to dyndnsdomain.org [0.0.0.0] port 22.
    debug1: Connection established.
    debug1: permanently_set_uid: 0/0
    debug1: identity file /var/root/.ssh/identity type -1
    debug1: identity file /var/root/.ssh/id_rsa type -1
    debug1: identity file /var/root/.ssh/id_dsa type -1
    debug1: Remote protocol version 2.0, remote software version OpenSSH_5.2
    debug1: match: OpenSSH_5.2 pat OpenSSH*
    debug1: Enabling compatibility mode for protocol 2.0
    debug1: Local version string SSH-2.0-OpenSSH_5.1
    debug1: Unspecified GSS failure. Minor code may provide more information
    No credentials cache found

    debug1: Unspecified GSS failure. Minor code may provide more information
    No credentials cache found

    debug1: Unspecified GSS failure. Minor code may provide more information


    debug1: SSH2_MSG_KEXINIT sent
    debug1: SSH2_MSG_KEXINIT received
    debug1: kex: server->client aes128-cbc hmac-md5 none
    debug1: kex: client->server aes128-cbc hmac-md5 none
    debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
    debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
    debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
    debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
    debug1: Host 'dyndnsdomain.org' is known and matches the RSA host key.
    debug1: Found key in /var/root/.ssh/known_hosts:1
    debug1: ssh_rsa_verify: signature correct
    debug1: SSH2_MSG_NEWKEYS sent
    debug1: expecting SSH2_MSG_NEWKEYS
    debug1: SSH2_MSG_NEWKEYS received
    debug1: SSH2_MSG_SERVICE_REQUEST sent
    debug1: SSH2_MSG_SERVICE_ACCEPT received
    debug1: Authentications that can continue: publickey,keyboard-interactive
    debug1: Next authentication method: publickey
    debug1: Trying private key: /var/root/.ssh/identity
    debug1: Trying private key: /var/root/.ssh/id_rsa
    debug1: Trying private key: /var/root/.ssh/id_dsa
    debug1: Next authentication method: keyboard-interactive
    Password:
    debug1: Authentications that can continue: publickey,keyboard-interactive
    Password:
    debug1: Authentications that can continue: publickey,keyboard-interactive
    Password:
    debug1: Authentications that can continue: publickey,keyboard-interactive
    debug1: No more authentication methods to try.
    Permission denied (publickey,keyboard-interactive).
     
  2. electroshock macrumors 6502a

    electroshock

    Joined:
    Sep 7, 2009
    #2
    All righty... here's what you do:

    $ sudo -s
    # /usr/sbin/sshd -p 27 -d

    Then in another window (preferrably when you're already on the Mac):

    $ ssh -v -p 27 localhost

    ...and try to login. It may fail, but the information from the sshd debug mode may help better pinpoint the exact reason for the auth failure.
     
  3. stevegut78 thread starter macrumors member

    Joined:
    Feb 1, 2008
    #3
    Thanks for the fast response. I will try when I get home and post back.
     
  4. stevegut78 thread starter macrumors member

    Joined:
    Feb 1, 2008
    #4
    ahhhh I'm an idiot. The local ssh worked which started getting me thinking... I recently did a fresh install on the ssh host and the username is the same but I had started it with a capital letter...I was forgetting that! DOH! Thanks, you got my mind working the right way :)
     
  5. electroshock macrumors 6502a

    electroshock

    Joined:
    Sep 7, 2009
    #5
    :)

    Glad to hear it worked out. I've certainly had days like that!
     
  6. jchiar macrumors newbie

    Joined:
    Mar 12, 2008
    #6
    I am having issues after snow leopard.
    I did what you stated and i see the issue. I got a workaround for allowing "keyboard interactive" authentication, but it wont allow save passwords.

    "debug1: Authentications that can continue: publickey,keyboard-interactive"

    How can you add "password" authentications?
     
  7. jchiar macrumors newbie

    Joined:
    Mar 12, 2008
    #7
    Acutually after researching, it appears "password authentication" is probably a bad option to choose.

    It appears it allows hacker to pound your system with password hack schemes.

    Going to try to use Public key/ private keys.
    Anyone have experience setting this up under Snow Leopard?
     

Share This Page