Security
cancel
Showing results for 
Search instead for 
Did you mean: 

How to avoid taking "none" as initial authentication method for ssh?

Highlighted

How to avoid taking "none" as initial authentication method for ssh?

Hi,

 I have a stitution in which I am initiating an sftp session from my HPUX machine to a windows server 2008, in which I have an ssh server installed(vandyke vShell). So everything is working fine and I am able to establish the connection and do the transfer.

 The issue comes when I check the logs in my windows server. There I have some entries like:

 VShellSSH2 auth 32 - -User - - 0 0 0 0 - - "00032: Client specified user name User, resolved as User"

 VShellSSH2 auth 32 User - - 0 0 0 0 - - "00032: none for user User rejected because it is unavailable"

 VShellSSH2 auth 32 User - - 0 0 0 0 - - "00032: password for user User accepted"

 VShellSSH2 conn 32 User - - 0 0 0 0 - - "00032: Session channel open request accepted"

 

 I am having issue wiht this particular line "none for user User rejected because it is unavailable". What I want to do is to avoid this message from coming into logs. So after some research of my own I came to know that this was coming because ssh is using the initial athentication method as "none" and my server is rejecting it. I also came to know that this is a default behaviour of ssh and it uses the "none" auth method to know which all auhtentication methods are supported  by the server.

 So what I want to do is somehow use "password" as the initial auhtentication method instead of "none".

 I tried giving the command line parameter ssh  -o PreferredAuthentications=password  -o    PasswordAuthentication=yes, but it did not solved the issue. I was still getting the message in logs.

 I have considered not logging the authentication event in the vShell logs as a last resort, but I would not like to come to that.

Is there any way that I can avoid taking "none" as the initial auhthentication method?

Thanks

 

 

P.S. This thread has been moved from HP-UX > General to HP-UX > security. - Hp Forum Moderaor