FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Debian > Debian User

 
 
LinkBack Thread Tools
 
Old 09-10-2010, 07:24 PM
brownh
 
Default SSH: remote login returns "invalid user"

Sorry for a FAQ, but I searched around without sucess. I'm runing
debian a local LAN and can ssh between the hosts without a
problem. However, I intend to use one host remotely (a laptop that I
want to use to access my home machine). I do not have password
encryption set up. My LAN is three machines connected to a common hub
using the same domain name.

I ssh successfully between local hosts on my LAN in this fashion:

$ ssh -X account@localhostname

To prepare for taking my laptop into the field, I try this to access
my home machine (server):

# ssh -X account@domainname

In the server's /var/log/auth.log I get:

Sep 10 13:04:37 engels sshd[27266]: Failed none for invalid user
brownh from 192.168.1.4 port 33279 ssh2

Here the password is "none", which suggests to me that is is not
getting the password, although it is typed in at the Password:
prompt. Then the user brownh (my account on the client host which is
initiating the ssh connection) is not valid, although the its IP
address is right.

Haines Brown



--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 87mxrpbdvt.fsf@teufel.historicalMaterialism.info"> http://lists.debian.org/87mxrpbdvt.fsf@teufel.historicalMaterialism.info
 
Old 09-10-2010, 08:59 PM
Claudius Hubig
 
Default SSH: remote login returns "invalid user"

brownh <brownh@historicalMaterialism.info> wrote:
>Sorry for a FAQ, but I searched around without sucess. I'm runing
>debian a local LAN and can ssh between the hosts without a
>problem. However, I intend to use one host remotely (a laptop that I
>want to use to access my home machine). I do not have password
>encryption set up. My LAN is three machines connected to a common hub
>using the same domain name.
>
>I ssh successfully between local hosts on my LAN in this fashion:
>
> $ ssh -X account@localhostname
>
>To prepare for taking my laptop into the field, I try this to access
>my home machine (server):
>
> # ssh -X account@domainname
>
>In the server's /var/log/auth.log I get:
>
> Sep 10 13:04:37 engels sshd[27266]: Failed none for invalid user
> brownh from 192.168.1.4 port 33279 ssh2
>
>Here the password is "none", which suggests to me that is is not
>getting the password, although it is typed in at the Password:
>prompt. Then the user brownh (my account on the client host which is
>initiating the ssh connection) is not valid, although the its IP
>address is right.
>
>Haines Brown

Could you post the file /etc/ssh/sshd_config from the server and the
files /etc/ssh/ssh_config and ~/.config from the client? You could
also try running ssh with -vv which usually outputs more information.

Best regards,

Claudius Hubig

--
I need to discuss BUY-BACK PROVISIONS with at least six studio SLEAZEBALLS!!

http://chubig.net/



--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: i6e67o$pvh$1@dough.gmane.org">http://lists.debian.org/i6e67o$pvh$1@dough.gmane.org
 
Old 09-10-2010, 09:01 PM
Claudius Hubig
 
Default SSH: remote login returns "invalid user"

Claudius Hubig <nfs_2010@chubig.net> wrote:
>Could you post the file /etc/ssh/sshd_config from the server and the
>files /etc/ssh/ssh_config and ~/.config from the client? You could

I’m sorry, I meant to write ~/.ssh/config.

>also try running ssh with -vv which usually outputs more information.

Best regards,

Claudius
--
QOTD:
"There may be no excuse for laziness, but I'm sure looking."

http://chubig.net/



--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: i6e6b1$pvh$2@dough.gmane.org">http://lists.debian.org/i6e6b1$pvh$2@dough.gmane.org
 
Old 09-11-2010, 11:15 AM
brownh
 
Default SSH: remote login returns "invalid user"

Claudius, thank you for troubling with my problem.

The problem, again: I have no trouble logging a client host
(brownh@teufel) [you are not old enough to remember Fritz and Rainer]
with a server host (haines@engels) over the LAN, but not over the
Internet, the client user account (brownh@historicalMaterialism.info)
to client user account (haines@historicalMaterialism.info)

$ ssh -vv haines@historicalMaterialism.info

...
debug1: Next authentication method: password
engels@historicalmaterialism.info's password:
debug2: we sent a password packet, wait for reply
debug1: Authentications that can continue: publickey,password
Permission denied, please try again.

I don't know if this means a file permission problem or if the
password was unacceptable. The password I provided was definitely that
of the account (haines) on the client machine (engels).

Here is ~/.ssh/ssh_config on client:

ForwardAgent yes
X11Forwarding yes

I did not edit the ssh_config files on client or server, and what
follows are the defaults.

Here is /etc/ssd/sshd_config file, via ssh, from server (I prune
commented lines):

# Package generated configuration file
Port 22
Protocol 2
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_dsa_key
UsePrivilegeSeparation yes

KeyRegenerationInterval 3600
ServerKeyBits 768

SyslogFacility AUTH
LogLevel INFO

LoginGraceTime 120
PermitRootLogin yes
StrictModes yes

RSAAuthentication yes
PubkeyAuthentication yes

IgnoreRhosts yes
RhostsRSAAuthentication no
HostbasedAuthentication no

PermitEmptyPasswords no

ChallengeResponseAuthentication no

X11Forwarding yes
X11DisplayOffset 10
PrintMotd no
PrintLastLog yes
TCPKeepAlive yes

AcceptEnv LANG LC_*

Subsystem sftp /usr/lib/openssh/sftp-server

UsePAM yes

Here is /etc/ssh/sshd_config on client:

# Package generated configuration file
Port 22
Protocol 2
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_dsa_key
UsePrivilegeSeparation yes

KeyRegenerationInterval 3600
ServerKeyBits 768

SyslogFacility AUTH
LogLevel INFO

LoginGraceTime 120
PermitRootLogin yes
StrictModes yes

RSAAuthentication yes
PubkeyAuthentication yes

IgnoreRhosts yes
RhostsRSAAuthentication no
HostbasedAuthentication no

PermitEmptyPasswords no

ChallengeResponseAuthentication no

X11Forwarding yes
X11DisplayOffset 10
PrintMotd no
PrintLastLog yes
TCPKeepAlive yes

AcceptEnv LANG LC_*

Subsystem sftp /usr/lib/openssh/sftp-server

UsePAM yes

Haines


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 87iq2cbkeu.fsf@teufel.historicalMaterialism.info"> http://lists.debian.org/87iq2cbkeu.fsf@teufel.historicalMaterialism.info
 
Old 09-11-2010, 01:23 PM
David Jardine
 
Default SSH: remote login returns "invalid user"

On Sat, Sep 11, 2010 at 07:15:53AM -0400, brownh wrote:
> Claudius, thank you for troubling with my problem.
>
> The problem, again: I have no trouble logging a client host
> (brownh@teufel) [you are not old enough to remember Fritz and Rainer]
> with a server host (haines@engels) over the LAN, but not over the
> Internet, the client user account (brownh@historicalMaterialism.info)
> to client user account (haines@historicalMaterialism.info)
>
> $ ssh -vv haines@historicalMaterialism.info
>
> ...
> debug1: Next authentication method: password
> engels@historicalmaterialism.info's password:
> debug2: we sent a password packet, wait for reply
> debug1: Authentications that can continue: publickey,password
> Permission denied, please try again.
>
> I don't know if this means a file permission problem or if the
> password was unacceptable. The password I provided was definitely that
> of the account (haines) on the client machine (engels).

Have you got /etc/hosts.allow and /etc/hosts.deny configured to allow
access from outside your local network?

Cheers,
David


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 20100911132306.GA1947@gennes.augarten">http://lists.debian.org/20100911132306.GA1947@gennes.augarten
 
Old 09-11-2010, 02:00 PM
brownh
 
Default SSH: remote login returns "invalid user"

David Jardine <david@jardine.de> writes:

> Have you got /etc/hosts.allow and /etc/hosts.deny configured to allow
> access from outside your local network?

David, good question. I had understood /etc/hosts.allow only as a way
to define a selection, and so left it empty for the server, for it
should allow any host to access.

However, I now discover that I have ALL: LOCAL on the client
machine. No idea why I put it there. I fear that this might in fact
prevent the kind of non-local ssh connections that I'm having
difficulties with. Is that so?

Haines


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 87aanobcsz.fsf@teufel.historicalMaterialism.info"> http://lists.debian.org/87aanobcsz.fsf@teufel.historicalMaterialism.info
 
Old 09-11-2010, 02:24 PM
David Jardine
 
Default SSH: remote login returns "invalid user"

On Sat, Sep 11, 2010 at 10:00:12AM -0400, brownh wrote:
> David Jardine <david@jardine.de> writes:
>
> > Have you got /etc/hosts.allow and /etc/hosts.deny configured to allow
> > access from outside your local network?
>
> David, good question. I had understood /etc/hosts.allow only as a way
> to define a selection, and so left it empty for the server, for it
> should allow any host to access.
>
> However, I now discover that I have ALL: LOCAL on the client
> machine. No idea why I put it there. I fear that this might in fact
> prevent the kind of non-local ssh connections that I'm having
> difficulties with. Is that so?

That ALL: LOCAL entry is there by default. I don't know much about this
myself, but

man hosts.allow

will give you all the details you want.

Cheers,
David


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 20100911142451.GA2153@gennes.augarten">http://lists.debian.org/20100911142451.GA2153@gennes.augarten
 
Old 09-11-2010, 04:57 PM
brownh
 
Default SSH: remote login returns "invalid user"

David Jardine <david@jardine.de> writes:

> That ALL: LOCAL entry is there by default. I don't know much about
> this myself, but

That would explain its presence on my lenny box, but my newly
installed sqeeze box has nothing uncommented in that file. So I guess
squeeze changed the default.

>From the manual, ALL:LOCAL in hosts.allow would admit connections with
local user accounts, and I get the sense that it overrides the default
ALL:ALL, which would exclude access from hosts not on the LOCAL LAN. I
don't expect to use this box as a server for hosts outside my LAN.

However, I don't see this as being relevant to my problem, for it is
not my (client) lenny machine that has a problem, but when lenny tries
to gain ssh access to the server, squeeze, and for this server, the
hosts.allow file is empty and so is open to the world.

I did comment the ALL:LOCAL on the lenny box, and tried to access it
by ssh from the squeeze box (the opposite direction to that I raised
in my question), but permission denied here as well.

So my problem is broader than just the configuration of one box. Just
to be sure, a sanity check: from the account
brownh@historicalMaterialism.info on one box I am trying to ssh to the
account haines@historicalMaterialism.info, on a different box on the
LAN. I can ssh from one user account to another on the LAN, but can't
ssh between them via my provider's server by appending the domain name
to the user account name:

$ ssh haines@historicalmaterialism.info

Haines


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 8762ycb4ku.fsf@teufel.historicalMaterialism.info"> http://lists.debian.org/8762ycb4ku.fsf@teufel.historicalMaterialism.info
 
Old 09-11-2010, 05:48 PM
Claudius Hubig
 
Default SSH: remote login returns "invalid user"

brownh <brownh@historicalMaterialism.info> wrote:
>Claudius, thank you for troubling with my problem.
>
>The problem, again: I have no trouble logging a client host
>(brownh@teufel) [you are not old enough to remember Fritz and Rainer]
>with a server host (haines@engels) over the LAN, but not over the
>Internet,

I’m sorry I have to ask again. You are trying to connect to a host "historicalmaterialism.info" and login as user "haines"? Why and how do you differentiate between client hosts and server hosts and most importantly

>the client user account (brownh@historicalMaterialism.info)
>to client user account (haines@historicalMaterialism.info)

that mean? Are you trying to connect to "historicalmaterialism.info"
from that very host, with your current account being "brownh" and you
want to login as "haines"?

Also:

> $ ssh -vv haines@historicalMaterialism.info

You tell ssh to log in as user haines on the host historicalmaterialism.info here.

>
> ...
> debug1: Next authentication method: password
> engels@historicalmaterialism.info's password:

But here, your username is suddenly engels – why?

> debug2: we sent a password packet, wait for reply
> debug1: Authentications that can continue: publickey,password
> Permission denied, please try again.


>I don't know if this means a file permission problem or if the
>password was unacceptable. The password I provided was definitely that
>of the account (haines) on the client machine (engels).

OK, maybe I completely misunderstood the syntax – but wasn’t the part
before the "@" the username you want to login as? Here you call
"engels" a client machine, while above, engels was a username!

>Here is ~/.ssh/ssh_config on client:
>
> ForwardAgent yes
> X11Forwarding yes

Looks sane.

>I did not edit the ssh_config files on client or server, and what
>follows are the defaults.
>
>Here is /etc/ssd/sshd_config file, via ssh, from server (I prune
>commented lines):
>
> # Package generated configuration file
> Port 22
> Protocol 2
> HostKey /etc/ssh/ssh_host_rsa_key
> HostKey /etc/ssh/ssh_host_dsa_key
> UsePrivilegeSeparation yes
>
> KeyRegenerationInterval 3600
> ServerKeyBits 768
>
> SyslogFacility AUTH
> LogLevel INFO
>
> LoginGraceTime 120
> PermitRootLogin yes
> StrictModes yes
>
> RSAAuthentication yes
> PubkeyAuthentication yes
>
> IgnoreRhosts yes
> RhostsRSAAuthentication no
> HostbasedAuthentication no
>
> PermitEmptyPasswords no
>
> ChallengeResponseAuthentication no
>
> X11Forwarding yes
> X11DisplayOffset 10
> PrintMotd no
> PrintLastLog yes
> TCPKeepAlive yes
>
> AcceptEnv LANG LC_*
>
> Subsystem sftp /usr/lib/openssh/sftp-server
>
> UsePAM yes

So does this.

>Here is /etc/ssh/sshd_config on client:
>
> # Package generated configuration file
> Port 22
> Protocol 2
> HostKey /etc/ssh/ssh_host_rsa_key
> HostKey /etc/ssh/ssh_host_dsa_key
> UsePrivilegeSeparation yes
>
> KeyRegenerationInterval 3600
> ServerKeyBits 768
>
> SyslogFacility AUTH
> LogLevel INFO
>
> LoginGraceTime 120
> PermitRootLogin yes
> StrictModes yes
>
> RSAAuthentication yes
> PubkeyAuthentication yes
>
> IgnoreRhosts yes
> RhostsRSAAuthentication no
> HostbasedAuthentication no
>
> PermitEmptyPasswords no
>
> ChallengeResponseAuthentication no
>
> X11Forwarding yes
> X11DisplayOffset 10
> PrintMotd no
> PrintLastLog yes
> TCPKeepAlive yes
>
> AcceptEnv LANG LC_*
>
> Subsystem sftp /usr/lib/openssh/sftp-server
>
> UsePAM yes

And this.

I would guess it’s a great confusion with usernames and hosts, but
I’m not sure.

Best regards,

Claudius Hubig

--
Anything worth doing is worth overdoing.

http://chubig.net/



--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: i6gfe8$1dg$1@dough.gmane.org">http://lists.debian.org/i6gfe8$1dg$1@dough.gmane.org
 
Old 09-11-2010, 06:02 PM
David Jardine
 
Default SSH: remote login returns "invalid user"

On Sat, Sep 11, 2010 at 12:57:53PM -0400, brownh wrote:
> David Jardine <david@jardine.de> writes:
>
> > That ALL: LOCAL entry is there by default. I don't know much about
> > this myself, but
>
> That would explain its presence on my lenny box, but my newly
> installed sqeeze box has nothing uncommented in that file. So I guess
> squeeze changed the default.
>
> >From the manual, ALL:LOCAL in hosts.allow would admit connections with
> local user accounts, and I get the sense that it overrides the default
> ALL:ALL, which would exclude access from hosts not on the LOCAL LAN. I
> don't expect to use this box as a server for hosts outside my LAN.

Then why are you worried that you can't access it from outside the LAN,
ie, from your ISP's server? If you can communicate within the LAN only,
isn't that what you want? Or have I misunderstood your intentions?

Cheers,
David


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Archive: 20100911180252.GA2107@gennes.augarten">http://lists.debian.org/20100911180252.GA2107@gennes.augarten
 

Thread Tools




All times are GMT. The time now is 12:42 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org