Kein Login mit ssh

[Blaubart]

Hallo,

ich habe ein Cubieboard, auf dem ein vorgefertigtes Images installiert ist. Höchstwahrscheinlich ein Debian-Ableger. Da ich mit Linux nicht so fit bin, kann ich das nicht mit Sicherheit sagen, aber falls jemand einen Befehl kennt, mit dem ich das abfragen kann, liefere ich das nach.

Nun zu dem Problem.
Ich kann mich mit ssh von meinem Computer aus nicht einloggen.
Hier mal ein paar Infos dazu:

Code: Alles auswählen

PC:~ root$ ssh root@192.168.178.12 -v
OpenSSH_7.9p1, LibreSSL 2.7.3
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 48: Applying options for *
debug1: Connecting to 192.168.178.12 [192.168.178.12] port 22.
debug1: Connection established.
debug1: identity file /Users/root/.ssh/id_rsa type -1
debug1: identity file /Users/root/.ssh/id_rsa-cert type -1
debug1: identity file /Users/root/.ssh/id_dsa type -1
debug1: identity file /Users/root/.ssh/id_dsa-cert type -1
debug1: identity file /Users/root/.ssh/id_ecdsa type -1
debug1: identity file /Users/root/.ssh/id_ecdsa-cert type -1
debug1: identity file /Users/root/.ssh/id_ed25519 type -1
debug1: identity file /Users/root/.ssh/id_ed25519-cert type -1
debug1: identity file /Users/root/.ssh/id_xmss type -1
debug1: identity file /Users/root/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_7.9
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6
debug1: match: OpenSSH_6.6 pat OpenSSH_6.5*,OpenSSH_6.6* compat 0x14000002
debug1: Authenticating to 192.168.178.12:22 as 'root'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: ecdh-sha2-nistp256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:Y95XEK6QWhIQEwULe53AfDrPZ8AwIsh+brYQD4G+EFU
debug1: Host '192.168.178.12' is known and matches the ECDSA host key.
debug1: Found key in /Users/root/.ssh/known_hosts:8
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey after 134217728 blocks
debug1: Will attempt key: /Users/root/.ssh/id_rsa 
debug1: Will attempt key: /Users/root/.ssh/id_dsa 
debug1: Will attempt key: /Users/root/.ssh/id_ecdsa 
debug1: Will attempt key: /Users/root/.ssh/id_ed25519 
debug1: Will attempt key: /Users/root/.ssh/id_xmss 
Connection closed by 192.168.178.12 port 22

Folgende Befehle hab ich direkt am Cubieboard abgesetzt:

Code: Alles auswählen

- uname -a
  Linux openvario-7-PQ070 3.4.90 #1 SMP PREEMPT Tue Mar 15 20:46:04 CET 2016 armv7l GNU/Linux

- cat /etc/os-release
  VERSION_ID="17119"
  NAME="Angstrom"
  ID="angstrom"
  PRETTY_NAME="The Ångström Distribution 17119"
  ANSI_COLOR="1;35"
  HOME_URL="http://www.angstrom-distribution.org"

- ps | grep ssh
  Keine Ausgabe

- ps
  PID TTY TIME CMD
  151 tty1  00:00:00 login
  160 tty1 00:00:00 sh
  1907 tty1 00:00:00 ps

- ps -x | grep ssh
  Warning: bad ps syntax, perhaps a bogus '-'? See http://procps.sf.net/faq.html
  1746 tty1   S+   0:00 grep ssh

Ich wäre sehr dankbar, wenn mir jemand einen Tip geben könnte, was ggf. falsch konfiguriert ist.

Bitte entschuldigt, wenn meine Angaben nicht ausreichen, ich liefere gerne nach, was fehlt!!

[towo]

In jeder anständigen Distribution ist es root verboten, sich per ssh einzuloggen.

[Blaubart]

Ich weiß, aber hier ist es zunächst mal erlaubt. Das kann ich später ändern, wenn das Login überhaupt funktioniert.
Hier mal die Einträge meiner /etc/ssh/sshd_config:

Code: Alles auswählen

Port 22
Protocol 2
PermitRootLogin yes
PermitEmptyPasswords yes
ChallengeResponseAuthetication yes
UsePAM yes
UsePrivelegeSeparation yes
Compression no
ClientAliveInterval 15
ClientAliveCountMax 4
Subsystem sftp /usr/lib/openssh/sftp-server

[TomL]

Ich weiß, aber hier ist es zunächst mal erlaubt.

Die Einträge in der Conf sind erst mal nur Einträge in einer Text-Datei... nicht mehr, nicht weniger. Zu einer Erlaubnis werden sie erst, wenn auf dem System ein Dienst läuft, der diese Conf verwendet.

Code: Alles auswählen

$ dpkg -l openssh-server
Gewünscht=Unbekannt/Installieren/R=Entfernen/P=Vollständig Löschen/Halten
||/ Name           Version            Architektur  Beschreibung
+++-==============-==================-============-=================================================================
ii  openssh-server 1:7.9p1-10+deb10u1 amd64        secure shell (SSH) server, for secure access from remote machines


$ systemctl status ssh.service
● ssh.service - OpenBSD Secure Shell server
   Loaded: loaded (/lib/systemd/system/ssh.service; enabled; vendor preset: enabled)
   Active: active (running) since Sat 2019-12-21 12:00:50 CET; 5 days ago

[Blaubart]

OK, SSH scheint gar nicht zu laufen. Das ist merkwürdig, denn angeblich geht das bei dem von mir installierten Image. Hier mal die Ausgabe der beiden Befehle:

Code: Alles auswählen

dpkg -l openssh-server
-sh: dpkg: command not found

systemctl status ssh.service
* ssh.server.service
Loaded: not-found (Reason: No such file or directory)
Active: inactive (dead)

[mat6937]

OK, SSH scheint gar nicht zu laufen. Das ist merkwürdig, ...

Teste mal auf deinem Cubieboard mit:

Code: Alles auswählen

sudo netstat -tlpena | grep -i ssh
ps -fC sshd
which sshd

und aus dem (W)LAN mit:

Code: Alles auswählen

nc -zv <IP-Adresse-Cubieboard> 22

(oder gleichwertig).

[Blaubart]

Hier die Ausgaben:

sudo netstat -tlpena | grep -i ssh
netstat: invalid option -- 'p'
BusyBox v1.22.1 (2015-12-30 17:17:02 CET) multi-call binary.

Usage: netstat [-ral ] [-tuwx] [-en]

ps -fC sshd
UID PID PPID C STIME TTY TIME CMD

which sshd
/usr/sbin/sshd

nc -zv 192.168.178.12 22
Connection to 192.168.178.12 port 22 [tcp/ssh] succeeded!

[mat6937]

ps -fC sshd
UID PID PPID C STIME TTY TIME CMD

which sshd
/usr/sbin/sshd

nc -zv 192.168.178.12 22
Connection to 192.168.178.12 port 22 [tcp/ssh] succeeded!

D. h. netstat und ps (auf deinem OS) kennen diese Optionen nicht. Der sshd wird schon auf dem Port 22 lauschen.

Versuch mal (temporär) mit:

Code: Alles auswählen

AuthenticationMethods password
PubkeyAuthentication no
PasswordAuthentication yes
PermitRootLogin yes
PermitEmptyPasswords no
UsePAM no
UseDNS no

in der sshd_config.

[Blaubart]

Einstellungen wie vorgeschlagen angepasst und neu gestartet:

PC:~ root$ ssh root@192.168.178.12 -vvv
OpenSSH_7.9p1, LibreSSL 2.7.3
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 48: Applying options for *
debug2: resolve_canonicalize: hostname 192.168.178.12 is address
debug2: ssh_connect_direct
debug1: Connecting to 192.168.178.12 [192.168.178.12] port 22.
debug1: Connection established.
debug1: identity file /Users/root/.ssh/id_rsa type -1
debug1: identity file /Users/root/.ssh/id_rsa-cert type -1
debug1: identity file /Users/root/.ssh/id_dsa type -1
debug1: identity file /Users/root/.ssh/id_dsa-cert type -1
debug1: identity file /Users/root/.ssh/id_ecdsa type -1
debug1: identity file /Users/root/.ssh/id_ecdsa-cert type -1
debug1: identity file /Users/root/.ssh/id_ed25519 type -1
debug1: identity file /Users/root/.ssh/id_ed25519-cert type -1
debug1: identity file /Users/root/.ssh/id_xmss type -1
debug1: identity file /Users/root/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_7.9
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6
debug1: match: OpenSSH_6.6 pat OpenSSH_6.5*,OpenSSH_6.6* compat 0x14000002
debug2: fd 3 setting O_NONBLOCK
debug1: Authenticating to 192.168.178.12:22 as 'root'
debug2: compat_kex_proposal: original KEX proposal: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,ext-info-c
debug2: compat_kex_proposal: compat KEX proposal: curve25519-sha256,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,ext-info-c
debug3: hostkeys_foreach: reading file "/Users/root/.ssh/known_hosts"
debug3: record_hostkey: found key type ECDSA in file /Users/root/.ssh/known_hosts:8
debug3: load_hostkeys: loaded 1 keys from 192.168.178.12
debug3: order_hostkeyalgs: prefer hostkeyalgs: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
debug3: send packet: type 20
debug1: SSH2_MSG_KEXINIT sent
debug3: receive packet: type 20
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,ext-info-c
debug2: host key algorithms: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519-cert-v01@openssh.com,rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa
debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib@openssh.com,zlib
debug2: compression stoc: none,zlib@openssh.com,zlib
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug2: peer server KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: host key algorithms: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ssh-ed25519
debug2: ciphers ctos: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: ciphers stoc: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: MACs ctos: hmac-md5-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-ripemd160-etm@openssh.com,hmac-sha1-96-etm@openssh.com,hmac-md5-96-etm@openssh.com,hmac-md5,hmac-sha1,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: MACs stoc: hmac-md5-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-ripemd160-etm@openssh.com,hmac-sha1-96-etm@openssh.com,hmac-md5-96-etm@openssh.com,hmac-md5,hmac-sha1,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: compression ctos: none
debug2: compression stoc: none
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug1: kex: algorithm: ecdh-sha2-nistp256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug3: send packet: type 30
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug3: receive packet: type 31
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:Y95XEK6QWhIQEwULe53AfDrPZ8AwIsh+brYQD4G+EFU
debug3: hostkeys_foreach: reading file "/Users/root/.ssh/known_hosts"
debug3: record_hostkey: found key type ECDSA in file /Users/root/.ssh/known_hosts:8
debug3: load_hostkeys: loaded 1 keys from 192.168.178.12
debug1: Host '192.168.178.12' is known and matches the ECDSA host key.
debug1: Found key in /Users/root/.ssh/known_hosts:8
debug3: send packet: type 21
debug2: set_newkeys: mode 1
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug3: receive packet: type 21
debug1: SSH2_MSG_NEWKEYS received
debug2: set_newkeys: mode 0
debug1: rekey after 134217728 blocks
debug2: compat_kex_proposal: original KEX proposal: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1
debug2: compat_kex_proposal: compat KEX proposal: curve25519-sha256,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1
debug1: Will attempt key: /Users/root/.ssh/id_rsa
debug1: Will attempt key: /Users/root/.ssh/id_dsa
debug1: Will attempt key: /Users/root/.ssh/id_ecdsa
debug1: Will attempt key: /Users/root/.ssh/id_ed25519
debug1: Will attempt key: /Users/root/.ssh/id_xmss
debug2: pubkey_prepare: done
debug3: send packet: type 5
Connection closed by 192.168.178.12 port 22

[mat6937]

Einstellungen wie vorgeschlagen angepasst und neu gestartet:

PC:~ root$ ssh root@192.168.178.12 -vvv
OpenSSH_7.9p1, LibreSSL 2.7.3
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 48: Applying options for *
...
Connection closed by 192.168.178.12 port 22

Kommentiere mal auf ssh-Client-Seite, alle Zeilen in der Datei "/etc/ssh/ssh_config" aus und versuch erneut.

[Blaubart]

Auf dem Cubieboard ist nun die /etc/ssh/ssh_config /etc/ssh/ssh_config_bak verschoben

PC:ssh root$ ssh root@192.168.178.12 -vvv
OpenSSH_7.9p1, LibreSSL 2.7.3
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 48: Applying options for *
debug2: resolve_canonicalize: hostname 192.168.178.12 is address
debug2: ssh_connect_direct
debug1: Connecting to 192.168.178.12 [192.168.178.12] port 22.
debug1: Connection established.
debug1: identity file /Users/root/.ssh/id_rsa type -1
debug1: identity file /Users/root/.ssh/id_rsa-cert type -1
debug1: identity file /Users/root/.ssh/id_dsa type -1
debug1: identity file /Users/root/.ssh/id_dsa-cert type -1
debug1: identity file /Users/root/.ssh/id_ecdsa type -1
debug1: identity file /Users/root/.ssh/id_ecdsa-cert type -1
debug1: identity file /Users/root/.ssh/id_ed25519 type -1
debug1: identity file /Users/root/.ssh/id_ed25519-cert type -1
debug1: identity file /Users/root/.ssh/id_xmss type -1
debug1: identity file /Users/root/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_7.9
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6
debug1: match: OpenSSH_6.6 pat OpenSSH_6.5*,OpenSSH_6.6* compat 0x14000002
debug2: fd 3 setting O_NONBLOCK
debug1: Authenticating to 192.168.178.12:22 as 'root'
debug2: compat_kex_proposal: original KEX proposal: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,ext-info-c
debug2: compat_kex_proposal: compat KEX proposal: curve25519-sha256,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,ext-info-c
debug3: hostkeys_foreach: reading file "/Users/root/.ssh/known_hosts"
debug3: record_hostkey: found key type ECDSA in file /Users/root/.ssh/known_hosts:8
debug3: load_hostkeys: loaded 1 keys from 192.168.178.12
debug3: order_hostkeyalgs: prefer hostkeyalgs: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
debug3: send packet: type 20
debug1: SSH2_MSG_KEXINIT sent
debug3: receive packet: type 20
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,ext-info-c
debug2: host key algorithms: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519-cert-v01@openssh.com,rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa
debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib@openssh.com,zlib
debug2: compression stoc: none,zlib@openssh.com,zlib
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug2: peer server KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: host key algorithms: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ssh-ed25519
debug2: ciphers ctos: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: ciphers stoc: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: MACs ctos: hmac-md5-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-ripemd160-etm@openssh.com,hmac-sha1-96-etm@openssh.com,hmac-md5-96-etm@openssh.com,hmac-md5,hmac-sha1,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: MACs stoc: hmac-md5-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-ripemd160-etm@openssh.com,hmac-sha1-96-etm@openssh.com,hmac-md5-96-etm@openssh.com,hmac-md5,hmac-sha1,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: compression ctos: none
debug2: compression stoc: none
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug1: kex: algorithm: ecdh-sha2-nistp256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug3: send packet: type 30
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug3: receive packet: type 31
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:Y95XEK6QWhIQEwULe53AfDrPZ8AwIsh+brYQD4G+EFU
debug3: hostkeys_foreach: reading file "/Users/root/.ssh/known_hosts"
debug3: record_hostkey: found key type ECDSA in file /Users/root/.ssh/known_hosts:8
debug3: load_hostkeys: loaded 1 keys from 192.168.178.12
debug1: Host '192.168.178.12' is known and matches the ECDSA host key.
debug1: Found key in /Users/root/.ssh/known_hosts:8
debug3: send packet: type 21
debug2: set_newkeys: mode 1
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug3: receive packet: type 21
debug1: SSH2_MSG_NEWKEYS received
debug2: set_newkeys: mode 0
debug1: rekey after 134217728 blocks
debug2: compat_kex_proposal: original KEX proposal: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1
debug2: compat_kex_proposal: compat KEX proposal: curve25519-sha256,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1
debug1: Will attempt key: /Users/root/.ssh/id_rsa
debug1: Will attempt key: /Users/root/.ssh/id_dsa
debug1: Will attempt key: /Users/root/.ssh/id_ecdsa
debug1: Will attempt key: /Users/root/.ssh/id_ed25519
debug1: Will attempt key: /Users/root/.ssh/id_xmss
debug2: pubkey_prepare: done
debug3: send packet: type 5
Connection closed by 192.168.178.12 port 22

[mat6937]

Auf dem Cubieboard ist nun die /etc/ssh/ssh_config /etc/ssh/ssh_config_bak verschoben

PC:ssh root$ ssh root@192.168.178.12 -vvv
OpenSSH_7.9p1, LibreSSL 2.7.3
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 48: Applying options for *
Connection closed by 192.168.178.12 port 22

Aber ich habe doch geschrieben:

Kommentiere mal auf ssh-Client-Seite, alle Zeilen in der Datei "/etc/ssh/ssh_config" aus und versuch erneut.

, dass es nicht um den cubieboard (als server) geht, sondern um den ssh-Client auf deinem Client-Gerät.

[Blaubart]

Mist, hab ich überlesen, sorry!! Da waren nur zwei Zeilen aktiv:
Host *
SendEnv LANG LC_*

PC:ssh root$ ssh root@192.168.178.12 -vvv
OpenSSH_7.9p1, LibreSSL 2.7.3
debug1: Reading configuration data /etc/ssh/ssh_config
debug2: resolve_canonicalize: hostname 192.168.178.12 is address
debug2: ssh_connect_direct
debug1: Connecting to 192.168.178.12 [192.168.178.12] port 22.
debug1: Connection established.
debug1: identity file /Users/root/.ssh/id_rsa type -1
debug1: identity file /Users/root/.ssh/id_rsa-cert type -1
debug1: identity file /Users/root/.ssh/id_dsa type -1
debug1: identity file /Users/root/.ssh/id_dsa-cert type -1
debug1: identity file /Users/root/.ssh/id_ecdsa type -1
debug1: identity file /Users/root/.ssh/id_ecdsa-cert type -1
debug1: identity file /Users/root/.ssh/id_ed25519 type -1
debug1: identity file /Users/root/.ssh/id_ed25519-cert type -1
debug1: identity file /Users/root/.ssh/id_xmss type -1
debug1: identity file /Users/root/.ssh/id_xmss-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_7.9
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6
debug1: match: OpenSSH_6.6 pat OpenSSH_6.5*,OpenSSH_6.6* compat 0x14000002
debug2: fd 3 setting O_NONBLOCK
debug1: Authenticating to 192.168.178.12:22 as 'root'
debug2: compat_kex_proposal: original KEX proposal: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,ext-info-c
debug2: compat_kex_proposal: compat KEX proposal: curve25519-sha256,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,ext-info-c
debug3: hostkeys_foreach: reading file "/Users/root/.ssh/known_hosts"
debug3: record_hostkey: found key type ECDSA in file /Users/root/.ssh/known_hosts:8
debug3: load_hostkeys: loaded 1 keys from 192.168.178.12
debug3: order_hostkeyalgs: prefer hostkeyalgs: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
debug3: send packet: type 20
debug1: SSH2_MSG_KEXINIT sent
debug3: receive packet: type 20
debug1: SSH2_MSG_KEXINIT received
debug2: local client KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,ext-info-c
debug2: host key algorithms: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519-cert-v01@openssh.com,rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa
debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
debug2: compression ctos: none,zlib@openssh.com,zlib
debug2: compression stoc: none,zlib@openssh.com,zlib
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug2: peer server KEXINIT proposal
debug2: KEX algorithms: curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: host key algorithms: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ssh-ed25519
debug2: ciphers ctos: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: ciphers stoc: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: MACs ctos: hmac-md5-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-ripemd160-etm@openssh.com,hmac-sha1-96-etm@openssh.com,hmac-md5-96-etm@openssh.com,hmac-md5,hmac-sha1,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: MACs stoc: hmac-md5-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-ripemd160-etm@openssh.com,hmac-sha1-96-etm@openssh.com,hmac-md5-96-etm@openssh.com,hmac-md5,hmac-sha1,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: compression ctos: none
debug2: compression stoc: none
debug2: languages ctos:
debug2: languages stoc:
debug2: first_kex_follows 0
debug2: reserved 0
debug1: kex: algorithm: ecdh-sha2-nistp256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug3: send packet: type 30
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug3: receive packet: type 31
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:Y95XEK6QWhIQEwULe53AfDrPZ8AwIsh+brYQD4G+EFU
debug3: hostkeys_foreach: reading file "/Users/root/.ssh/known_hosts"
debug3: record_hostkey: found key type ECDSA in file /Users/root/.ssh/known_hosts:8
debug3: load_hostkeys: loaded 1 keys from 192.168.178.12
debug1: Host '192.168.178.12' is known and matches the ECDSA host key.
debug1: Found key in /Users/root/.ssh/known_hosts:8
debug3: send packet: type 21
debug2: set_newkeys: mode 1
debug1: rekey after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug3: receive packet: type 21
debug1: SSH2_MSG_NEWKEYS received
debug2: set_newkeys: mode 0
debug1: rekey after 134217728 blocks
debug2: compat_kex_proposal: original KEX proposal: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1
debug2: compat_kex_proposal: compat KEX proposal: curve25519-sha256,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1
debug1: Will attempt key: /Users/root/.ssh/id_rsa
debug1: Will attempt key: /Users/root/.ssh/id_dsa
debug1: Will attempt key: /Users/root/.ssh/id_ecdsa
debug1: Will attempt key: /Users/root/.ssh/id_ed25519
debug1: Will attempt key: /Users/root/.ssh/id_xmss
debug2: pubkey_prepare: done
debug3: send packet: type 5
Connection closed by 192.168.178.12 port 22

[mat6937]

Mist, hab ich überlesen, sorry!! Da waren nur zwei Zeilen aktiv:
Host *
SendEnv LANG LC_*

Gibt es evtl. noch eine 2. (userspezifische) config-Datei für den ssh-Client?
Oder ist der sshd-Server evtl. so kompiliert (gepatcht), dass eine Anmeldung mit Passwort gar nicht möglich ist?

[Blaubart]

Gibt es evtl. noch eine 2. (userspezifische) config-Datei für den ssh-Client?

Ich habe danach im Terminal gesucht, und nichts gefunden.

Oder ist der sshd-Server evtl. so kompiliert (gepatcht), dass eine Anmeldung mit Passwort gar nicht möglich ist?

Möglich ist das, aber sicher beantworten kann ich das nicht.

[Blaubart]

Ich hab jetzt mal einen anderen PC verwendet.

Mit den folgenden Einstellungen am ssh Server

Port 22
Protocol 2
PermitRootLogin yes
PermitEmptyPasswords yes
ChallengeResponseAuthetication yes
UsePAM yes
UsePrivelegeSeparation yes
Compression no
ClientAliveInterval 15
ClientAliveCountMax 4
Subsystem sftp /usr/lib/openssh/sftp-server

erhalte ich diese Ausgabe:

Code: Alles auswählen

root@PC2:/home/root# ssh root@192.168.178.12
ssh_exchange_identification: read: Connection reset by peer
root@PC2:/home/root# ssh root@192.168.178.12 -vvv
OpenSSH_7.6p1 Ubuntu-4ubuntu0.3, OpenSSL 1.0.2n  7 Dec 2017
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug2: resolving "192.168.178.12" port 22
debug2: ssh_connect_direct: needpriv 0
debug1: Connecting to 192.168.178.12 [192.168.178.12] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_rsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /root/.ssh/id_ed25519-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3
ssh_exchange_identification: read: Connection reset by peer

Mit den folgenden Einstellungen am ssh Server

AuthenticationMethods password
PubkeyAuthentication no
PasswordAuthentication yes
PermitRootLogin yes
PermitEmptyPasswords no
UsePAM no
UseDNS no

erhalte ich diese Ausgabe:

Code: Alles auswählen

Connection closed by 192.168.178.12 port 22

[mat6937]

Ich hab jetzt mal einen anderen PC verwendet.

Mit den folgenden Einstellungen am ssh Server

debug1: Local version string SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3
ssh_exchange_identification: read: Connection reset by peer[/code]

Mit den folgenden Einstellungen am ssh Server
erhalte ich diese Ausgabe:

Code: Alles auswählen

Connection closed by 192.168.178.12 port 22

Dann versuch mal auch mit pubkey-Anmeldung, statt mit der Passwort-Anmeldung.

[Blaubart]

Du meinst so?

AuthenticationMethods publickey
PubkeyAuthentication yes
PasswordAuthentication no
PermitRootLogin yes
PermitEmptyPasswords no
UsePAM no
UseDNS no

[mat6937]

Du meinst so?

AuthenticationMethods publickey
PubkeyAuthentication yes
PasswordAuthentication no
PermitRootLogin yes
PermitEmptyPasswords no
UsePAM no
UseDNS no

Ja, das wäre schon mal der 1. Schritt. Jetzt musst Du noch den pubkey erstellen und auf den Server übertragen.

[Blaubart]

Ich habe jetzt auf meinem PC einen Schlüssel im Pfad /User/root/ erstellt:

Code: Alles auswählen

ssh-keygen -t rsa -b 4096

als Name habe ich OV-key eingegeben

Den Schlüssel OV-key.pub habe ich auf dem Cubieboard in /etc/ssh kopiert.

Dann habe ich mich wie folgt versucht vom Client aus einzuloggen:

Code: Alles auswählen

ssh -i /Users/root/OV-key root@192.168.178.12
ssh_exchange_identification: read: Connection reset by peer

[mat6937]

[/code]
ssh_exchange_identification: read: Connection reset by peer
[/code]

Hm, ... dann weiß ich auch nicht weiter.
BTW: Es gab mal einen Fall, da hat das Herstellen der ssh-Verbindung nur mit einer bestimmten IPQoS-Konfiguration funktioniert. Versuch mal in der sshd_config und in der ssh_config mit der zusätzlichen Zeile:

Code: Alles auswählen

 IPQoS cs0 cs0

und auch mit der Zeile

Code: Alles auswählen

 IPQoS af23 af23

(statt der mit "cs0").

Wenn es damit auch nicht funktioniert und Du weitere IPQoS probieren willst, dann siehe:

IPQoS Specifies the IPv4 type-of-service or DSCP class for connections. Accepted values are “af11”, “af12”,
“af13”, “af21”, “af22”, “af23”, “af31”, “af32”, “af33”, “af41”, “af42”, “af43”, “cs0”, “cs1”, “cs2”,
“cs3”, “cs4”, “cs5”, “cs6”, “cs7”, “ef”, “lowdelay”, “throughput”, “reliability”, or a numeric value.
This option may take one or two arguments, separated by whitespace. If one argument is specified, it is
used as the packet class unconditionally. If two values are specified, the first is automatically
selected for interactive sessions and the second for non-interactive sessions. The default is “lowdelay”
for interactive sessions and “throughput” for non-interactive sessions.

[Blaubart]

Ich bin nun ein Stück weiter. Unter Windows kann ich mich mit dem Programm Bitvise SSH Client einloggen, wenn ich bei Authentication unter Initial method keyboard-interactive und unter Submethods bsdauth,pam,totp,pw,pwchange einstelle. Ich arbeite normalerweise mit einem Terminal bzw. unter Mac mit dem Programm Transmit. Dort habe ich eine vergleichbare Einstellung nicht gefunden. Wie kann man denn in der Konsole den Befehl so anpassen, dass keyboard-interactive genutzt wird?

[mat6937]

Wie kann man denn in der Konsole den Befehl so anpassen, dass keyboard-interactive genutzt wird?

Versuch mal mit:

Code: Alles auswählen

ssh -oKbdInteractiveAuthentication=yes -oKbdInteractiveDevices=bsdauth,pam,totp,pw,pwchange ...

oder in der /etc/ssh/ssh_config, mit:

Code: Alles auswählen

KbdInteractiveAuthentication yes
KbdInteractiveDevices bsdauth,pam,totp,pw,pwchange

[Blaubart]

beides klappt nicht:
Connection closed by 192.168.178.34 port 22

[noobadix]

Mal ganz unbedarft gefragt:
Läuft da auf dem Cupieboard vielleicht 'ne firewall? Was sagt "iptables -L"?