~/console/lab-notizen/mrv|569% ssh InReach@mrvir InReach@mrvir's password: InReach:0 >enable Password:******** InReach:0 >>show subscriber mylocal char Subscriber Name: mylocal Rlogin Ded. Service: Preferred Service: Dedicated Service: Security: User Login Mode : CLI User Password: Enabled Maximum Connections: 5 Maximum Sessions: 4 Command Logging: Disabled Audit Logging : Disabled Idle Timeout: 0 User Prompt: mylocal Web Login Mode: Config Screen Pause: Enabled Forward Switch: ^F Local Switch: ^L Backward Switch: ^B Rlogin Transparent: Disabled Dialback Feature: Disabled Dialback Number: Menu Name: /config/M_mylocal Web Menu Name: /config/M_mylocal Port Access list: 0-3 Remote Access list: Ssh Web_Server Console Outlet Access list: Outlet Group Access list: InReach:0 >>exit InReach:0 >~. ----------^ Syntax Error InReach:0 >Connection to mrvir closed. ~/console/lab-notizen/mrv|570% ssh -v mylocal@mrvir -p 2422 OpenSSH_3.7.1p2, SSH protocols 1.5/2.0, OpenSSL 0.9.7b 10 Apr 2003 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug1: Connecting to mrvir [192.168.101.5] port 2422. debug1: Connection established. debug1: identity file /home/ottonormal/.ssh/identity type 0 debug1: identity file /home/ottonormal/.ssh/id_rsa type 1 debug1: identity file /home/ottonormal/.ssh/id_dsa type 2 debug1: Remote protocol version 2.0, remote software version LXSSH_3.7.1 debug1: no match: LXSSH_3.7.1 debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_3.7.1p2 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server->client aes128-cbc hmac-md5 none debug1: kex: client->server aes128-cbc hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug1: Host 'mrvir' is known and matches the RSA host key. debug1: Found key in /home/ottonormal/.ssh/known_hosts:128 debug1: ssh_rsa_verify: signature correct debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: SSH2_MSG_SERVICE_REQUEST sent debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey,password,keyboard-interactive debug1: Next authentication method: publickey debug1: Offering public key: /home/ottonormal/.ssh/id_rsa debug1: Authentications that can continue: publickey,password,keyboard-interactive debug1: Offering public key: /home/ottonormal/.ssh/id_dsa debug1: Authentications that can continue: publickey,password,keyboard-interactive debug1: Next authentication method: keyboard-interactive debug1: Authentications that can continue: publickey,password,keyboard-interactive debug1: Next authentication method: password mylocal@mrvir's password: debug1: Authentications that can continue: publickey,password,keyboard-interactive Permission denied, please try again. mylocal@mrvir's password: debug1: Authentications that can continue: publickey,password,keyboard-interactive Permission denied, please try again. mylocal@mrvir's password: debug1: Authentications that can continue: publickey,password,keyboard-interactive debug1: No more authentication methods to try. Permission denied (publickey,password,keyboard-interactive). debug1: Calling cleanup 0x80645d0(0x0) ~/console/lab-notizen/mrv|571% [ 3 times, right pw entered and correctly access denied. Then stored public rsa key with the web GUI] ~/console/lab-notizen/mrv|572% ssh -v mylocal@mrvir -p 2422 OpenSSH_3.7.1p2, SSH protocols 1.5/2.0, OpenSSL 0.9.7b 10 Apr 2003 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug1: Connecting to mrvir [192.168.101.5] port 2422. debug1: Connection established. debug1: identity file /home/ottonormal/.ssh/identity type 0 debug1: identity file /home/ottonormal/.ssh/id_rsa type 1 debug1: identity file /home/ottonormal/.ssh/id_dsa type 2 debug1: Remote protocol version 2.0, remote software version LXSSH_3.7.1 debug1: no match: LXSSH_3.7.1 debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_3.7.1p2 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server->client aes128-cbc hmac-md5 none debug1: kex: client->server aes128-cbc hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug1: Host 'mrvir' is known and matches the RSA host key. debug1: Found key in /home/ottonormal/.ssh/known_hosts:128 debug1: ssh_rsa_verify: signature correct debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: SSH2_MSG_SERVICE_REQUEST sent debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey,password,keyboard-interactive debug1: Next authentication method: publickey debug1: Offering public key: /home/ottonormal/.ssh/id_rsa debug1: Authentications that can continue: publickey,password,keyboard-interactive debug1: Offering public key: /home/ottonormal/.ssh/id_dsa debug1: Server accepts key: pkalg ssh-dss blen 434 debug1: Authentication succeeded (publickey). debug1: channel 0: new [client-session] debug1: Entering interactive session. Welcome to SuSE Linux 9.3 (i586) - Kernel 2.6.12.2 (ttyS0). susi login: ------- # on the log server, with password based authentication: Jul 11 16:20:53 mrvir -sshd: Local Login incorrect for mylocal Jul 11 16:21:03 mrvir -sshd: This subscriber is not allowed to connect: user: mylocal protocol: Console port: 2422 :Msg 25 Jul 11 16:21:03 mrvir -sshd[1785]: Failed password for mylocal from 192.168.100.2 port 51959 ssh2 Jul 11 16:21:06 mrvir -sshd[1785]: This subscriber is not allowed to connect: user: mylocal protocol: Console port: 2422 :Msg 25 Jul 11 16:21:06 mrvir -sshd[1785]: Failed password for mylocal from 192.168.100.2 port 51959 ssh2 Jul 11 16:21:11 mrvir -sshd[1785]: Local Login incorrect for mylocal Jul 11 16:21:11 mrvir -sshd[1785]: Failed password for mylocal from 192.168.100.2 port 51959 ssh2 Jul 11 16:21:11 mrvir -sshd[1785]: Connection closed by 192.168.100.2 [..] # key saved with the GUI: Jul 11 16:22:25 mrvir GUI Server[1782]: Conf-Info InReach Tcp/1782 3 0 2071 ssh-dss [my-public-ssh-dsa-key] [..] # now with ssh pub key based authentication: Jul 11 16:22:36 mrvir -sshd: Local Login incorrect for mylocal Jul 11 16:22:37 mrvir -sshd[1789]: calling MainVirtualListener(device = Tcp/1789) from lx_userauth_pubkey Jul 11 16:22:37 mrvir -sshd[1789]: Logging in with service type NAS Prompt User for user mylocal on tcp port 2422 :Msg 26 Jul 11 16:22:37 mrvir -sshd[1789]: Accepted publickey for mylocal from 192.168.100.2 port 48273 ssh2