[winswitch] SSH login failure with winswitch
shanew at shanew.net
Wed Aug 20 15:11:21 BST 2014
On Wed, 20 Aug 2014, Antoine Martin wrote:
> On 20/08/14 19:39, Shane Williams wrote:
>> I've been trying for a while to use winswitch between several
>> systems. First, trying to connect from OSX to a Linux workstation,
>> but then from one Linux workstation to another (I'm running gentoo on
>> both Linux boxes).
>> In each case, what I've found is that it looks like SSH isn't able to
>> connect with the password, despite the fact that I can connect between
>> systems using ssh at the command line (these are systems I connect to
>> regularly, so I feel very confident I'm not mistyping the password).
>> In particular, what I'm seeing in the logs are entries like:
>> Aug 20 07:27:54 xxxxxx sshd: SSH: Server;Ltype: Version;Remote:
>> 192.168.1.9-56825;Protocol: 2.0;Client: Twisted
>> Aug 20 07:27:54 xxxxxx sshd: SSH: Server;Ltype: Kex;Remote:
>> 192.168.1.9-56825;Enc: aes256-ctr;MAC: hmac-sha1;Comp: none [preauth]
>> Aug 20 07:27:54 xxxxxx sshd: SSH: Server;Ltype: Authname;Remote:
>> 192.168.1.9-56825;Name: shanew [preauth]
>> Aug 20 07:27:54 xxxxxx sshd: Postponed keyboard-interactive for
>> shanew from 192.168.1.9 port 56825 ssh2 [preauth]
>> Aug 20 07:27:54 xxxxxx last message repeated 2 times
>> Aug 20 07:27:54 xxxxxx sshd: Failed keyboard-interactive/pam for
>> shanew from 192.168.1.9 port 56825 ssh2
>> Aug 20 07:27:54 xxxxxx sshd: Disconnecting: Too many
>> authentication failures for shanew [preauth]
>> I haven't tried using keys yet, but I get the impression that keys
>> shouldn't be necessary to connect.
> Correct. Keys are nice, but should not be needed.
>> Any suggestions?
> Yes... (I assume that you've checked your username, etc):
> * on Linux, especially with distros like gentoo, you may need to add an
> "askpass" utility to your environment to ensure that you get prompted
> for a password
> * could be an incompatibility with the Twisted library you have
> installed (on Linux only, we ship our own one with OSX builds)
> * OSX, I will try to test again, what version are you using?
> (unfortunately, I don't have every version available for testing..)
I emerged x11-ssh-askpass, and when I try to connect to the remote
server, it doesn't pop anything up. I tried removing my password from
the connection configuration screen thinking that might prompt the
askpass, and noticed something interesting. When I have an empty or
incorrect password entered in the configuration, I get errors like
this on the remote side (in auth.log):
Aug 20 09:00:11 xxxxxx sshd: Bad protocol version identification
'set_salt 'cfcb532196ab4b7c8f51c3c9dd907adf'' from 192.168.1.9 port
Aug 20 09:00:12 xxxxxx sshd: Bad protocol version identification
'set_salt '4994cf6a6b4b44ba82e33ec39110c99e'' from 192.168.1.9 port 60289
In fact, now even if I set the password back to the correct one, I
still see errors like that in the remote auth.log. I don't know if
that represents progress or a step backwards?
If there's a specific version of twisted (core or conch) that I should
be using, let me know. I have at least a few options to choose from
I don't have the OSX machine in front of me, but I'll let you know
what version it's on once I've had a look.
Public key #7BBC68D9 at | Shane Williams
http://pgp.mit.edu/ | System Admin - UT iSchool
All syllogisms contain three lines | shanew at shanew.net
Therefore this is not a syllogism | www.ischool.utexas.edu/~shanew
More information about the shifter-users