- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - Linux
- >
- putty to client CentOS 4 server auth error after u...
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-07-2008 04:53 AM
тАО10-07-2008 04:53 AM
putty to client CentOS 4 server auth error after username
However if I run putty from a PC on the clients lan it works fine.
any thoughts? same putty edition same settings - it used to work a few mnths back
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-07-2008 05:49 PM
тАО10-07-2008 05:49 PM
Re: putty to client CentOS 4 server auth error after username
It sounds like a network setting change (e.g. firewall). If it worked before, and you haven't changed anything on the putty computer, they may have either changed the 'main' firewall or altered the iptables on the CentOS machine to only accept SSH/Telnet from local connections.
I'd try to sniff some packets (e.g. WireShark) to see what the actual packets are doing just before the error message.
-Gfuss
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-07-2008 07:00 PM
тАО10-07-2008 07:00 PM
Re: putty to client CentOS 4 server auth error after username
is a free implementation of Telnet and SSH
for Win32 and Unix platforms, [...]". Are
you using it as a Telnet client or as an SSH
client? The "No supported authentication
methods" message sounds like SSH.
> [...] if I run putty from a PC on the
> clients lan [...]
On what do you run it when you're "from
remote"?
> [...] same putty edition same settings
> [...]
What's the same as what, where?
Does using putty's "-v" option tell you
anything interesting?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-07-2008 08:24 PM
тАО10-07-2008 08:24 PM
Re: putty to client CentOS 4 server auth error after username
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-08-2008 03:03 AM
тАО10-08-2008 03:03 AM
Re: putty to client CentOS 4 server auth error after username
Yes I am using Putty to ssh not telent
I can connect on the lan using a XP pro workstation using the same version of putty (have tried version 0.58 & 0.60)
I try from remote again using XP Pro workstation and Putty 0.58 & 0.60
I even tried this morning to remove openssh-server and reinstall using yum to do both.
One I checked the IPTAbles and listed below.
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT
-A RH-Firewall-1-INPUT -p 50 -j ACCEPT
-A RH-Firewall-1-INPUT -p 51 -j ACCEPT
-A RH-Firewall-1-INPUT -p udp --dport 5353 -d xxx.0.0.xxx -j ACCEPT
-A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
I will make a note that I cannot ssh from the server to an external location.. i type,,
ssh address
i get a blank line and nothing.. till I quit ssh.
Hope this might enlighten some.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-08-2008 03:54 AM
тАО10-08-2008 03:54 AM
Re: putty to client CentOS 4 server auth error after username
Being green to iptables, it doesn't appear to be blocking SSH
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j
Append the rule (-A - as order doesn't matter), the rule is for NEW connections via tcp with a destination of 22 (ssh). It ends with -j, however, and I'm wondering if it should be -j ACCEPT to jump to ACCEPT.
While this doesn't help much, I still think it is a firewall issue especially since you are unable to connect from the server to another location via SSH.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-08-2008 03:55 AM
тАО10-08-2008 03:55 AM
Re: putty to client CentOS 4 server auth error after username
I just realized the SSH line does end with -j ACCEPT, however, I didn't have it in my clipboard. Disregard my posting above about adding ACCEPT.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-08-2008 09:40 PM
тАО10-08-2008 09:40 PM
Re: putty to client CentOS 4 server auth error after username
Maybe the password authentication (for root at least) has been disabled for users coming from any place other than the client's LAN?
If the server is accessible over the Internet, there are various worms and other malware attempting to guess weak root passwords.
The current recommended practice for SSH is to *not* allow direct root logins over the Internet, and consider using SSH public key authentication whenever possible.
If your client has a requirement to keep a log of people using root-level access, direct root login is a *bad* thing: it does not create a record of *who* used the root-level access, just that someone did. This is an instant security audit failure in most security-sensitive environments.
MK
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-08-2008 11:20 PM
тАО10-08-2008 11:20 PM
Re: putty to client CentOS 4 server auth error after username
I thought that if a user in passwd had /bin/bash on the end of their record they had access to ssh?
Or am I missing something?
or is there a better way of doing this?
All howto's seem to relate to internal only examples..
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-09-2008 07:33 PM
тАО10-09-2008 07:33 PM
Re: putty to client CentOS 4 server auth error after username
Examine the configuration file /etc/ssh/sshd_config on the server. Refer to "man sshd_config" for details.
If the "PermitRootLogin" option is set to any value other than "yes", you are not going to get in using password authentication with the username "root". (There are four possible settings, not just "yes" or "no".)
If the sshd_config file contains any AllowUsers/DenyUsers/AllowGroups/DenyGroups keywords, only the allowed users can log in using SSH.
If the "PasswordAuthentication" is set to "no", SSH will require the use of stronger authentication methods from all users. The error message suggests this might be the cause.
If, as you say, you could login to the server as root while not on the client's LAN a few months ago, the server's security was in a very poor state back then. Maybe someone has since then clued up and made the server more secure.
MK