HPE Community
Operating System - HP-UX
1752664 Members
5898 Online
108788 Solutions
New Discussion

How to avoid taking "none" as initial authentication method for ssh?

 
abhishekjain_48
Advisor

‎05-27-2014 06:32 AM - last edited on ‎05-27-2014 08:36 PM by

‎05-27-2014 06:32 AM - last edited on ‎05-27-2014 08:36 PM by

How to avoid taking "none" as initial authentication method for ssh?

Hi,

 I have a stitution in which I am initiating an sftp session from my HPUX machine to a windows server 2008, in which I have an ssh server installed(vandyke vShell). So everything is working fine and I am able to establish the connection and do the transfer.

 The issue comes when I check the logs in my windows server. There I have some entries like:

 VShellSSH2 auth 32 - -User - - 0 0 0 0 - - "00032: Client specified user name User, resolved as User"

 VShellSSH2 auth 32 User - - 0 0 0 0 - - "00032: none for user User rejected because it is unavailable"

 VShellSSH2 auth 32 User - - 0 0 0 0 - - "00032: password for user User accepted"

 VShellSSH2 conn 32 User - - 0 0 0 0 - - "00032: Session channel open request accepted"

 

 I am having issue wiht this particular line "none for user User rejected because it is unavailable". What I want to do is to avoid this message from coming into logs. So after some research of my own I came to know that this was coming because ssh is using the initial athentication method as "none" and my server is rejecting it. I also came to know that this is a default behaviour of ssh and it uses the "none" auth method to know which all auhtentication methods are supported  by the server.

 So what I want to do is somehow use "password" as the initial auhtentication method instead of "none".

 I tried giving the command line parameter ssh  -o PreferredAuthentications=password  -o    PasswordAuthentication=yes, but it did not solved the issue. I was still getting the message in logs.

 I have considered not logging the authentication event in the vShell logs as a last resort, but I would not like to come to that.

Is there any way that I can avoid taking "none" as the initial auhthentication method?

Thanks

 

 

P.S. This thread has been moved from HP-UX > General to HP-UX > security. - Hp Forum Moderaor

0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.