I have a ssh tunnel setup between work and home, port 8022 on my home system is forwarded to port 22 on my work system, so I can ssh into work on port 8022.
After some recent update, I can no longer ssh into work from home when I am running as my normal user at home. I get permission denied.
When I su -l to root at home and try to ssh into work, it works fine.
What the heck is up with that? Who changed what that could have that effect?
I get the same password prompt. I type the same password. I'm lost here.
(fully updated fedora 19 64bit at home and at work).
On 22 November 2013 07:28, Tom Horsley horsley1953@gmail.com wrote:
I have a ssh tunnel setup between work and home, port 8022 on my home system is forwarded to port 22 on my work system, so I can ssh into work on port 8022.
After some recent update, I can no longer ssh into work from home when I am running as my normal user at home. I get permission denied.
Hi: What about ssh -vvvv your_host To get and idea what could be happening.
Kind regards
On Fri, 22 Nov 2013 08:56:32 -0500 Carlos "casep" Sepulveda wrote:
What about ssh -vvvv your_host To get and idea what could be happening.
Yea, I did that and everything was the same as root right up to the point where it refused to take the password.
But to make things even more mysterious, it started working when I tried again later (I don't think I could have typed the password wrong 3 times in a row right after having no problem typing it correctly when running as root, but you never know).
On 22Nov2013 09:04, Tom Horsley horsley1953@gmail.com wrote:
On Fri, 22 Nov 2013 08:56:32 -0500 Carlos "casep" Sepulveda wrote:
What about ssh -vvvv your_host To get and idea what could be happening.
Yea, I did that and everything was the same as root right up to the point where it refused to take the password.
But to make things even more mysterious, it started working when I tried again later (I don't think I could have typed the password wrong 3 times in a row right after having no problem typing it correctly when running as root, but you never know).
It is often more instructive to look at /var/log/secure on the server. The client (you) gets told to go away. The server (work) records _why_.
Cheers,
On 11/23/2013 10:47 AM, Cameron Simpson wrote:
On 22Nov2013 09:04, Tom Horsley horsley1953@gmail.com wrote:
On Fri, 22 Nov 2013 08:56:32 -0500 Carlos "casep" Sepulveda wrote:
What about ssh -vvvv your_host To get and idea what could be happening.
Yea, I did that and everything was the same as root right up to the point where it refused to take the password.
But to make things even more mysterious, it started working when I tried again later (I don't think I could have typed the password wrong 3 times in a row right after having no problem typing it correctly when running as root, but you never know).
It is often more instructive to look at /var/log/secure on the server. The client (you) gets told to go away. The server (work) records _why_.
Cheers,
If I'm unsure I sometimes just type the ssh password in a new terminal or gedit page then copy and paste to the ssh terminal and hit <enter> almost straight away. Making sure not to copy spaces before or after the password. Have found that freehand typing password in ssh fails occasionally. Roger
Roger wrote:
If I'm unsure I sometimes just type the ssh password in a new terminal or gedit page then copy and paste to the ssh terminal and hit <enter> almost straight away. Making sure not to copy spaces before or after the password. Have found that freehand typing password in ssh fails occasionally. Roger
Write it on the screen a printing mode where anyone can see it? Really? What could possibly go wrong?
May I suggest using key access only, and password the key locally? Then the password never goes over the network and you have a nice commented line in authorized_hosts in case you change or invalidate the key, not using a key for more than one computer? Can I suggest that, please?
On 11/22/2013 04:34 PM, Bill Davidsen wrote:
Roger wrote:
If I'm unsure I sometimes just type the ssh password in a new terminal or gedit page then copy and paste to the ssh terminal and hit <enter> almost straight away. Making sure not to copy spaces before or after the password. Have found that freehand typing password in ssh fails occasionally. Roger
Write it on the screen a printing mode where anyone can see it? Really? What could possibly go wrong?
That all depends on where you are. If you're working at home, and can be sure that either nobody's looking over your shoulder or that anybody who is isn't interested in stealing your password, that's safe; if you're doing it at work, in an internet cafe or a hotel lobby, you're probably more of a trusting soul than I am.
On Fri, 22 Nov 2013 07:28:53 -0500 Tom Horsley horsley1953@gmail.com wrote:
I have a ssh tunnel setup between work and home, port 8022 on my home system is forwarded to port 22 on my work system, so I can ssh into work on port 8022.
After some recent update, I can no longer ssh into work from home when I am running as my normal user at home. I get permission denied.
When I su -l to root at home and try to ssh into work, it works fine.
What the heck is up with that? Who changed what that could have that effect?
I get the same password prompt. I type the same password. I'm lost here.
(fully updated fedora 19 64bit at home and at work).
I also have fully updated F19 32- and 64-bit systems with a different port. Nothing has happened to my ssh.
Try using ssh -vvv and see if you can find something.
Are you sure that there is not some other issue (eg. SELinux). Are you sure that the firewall is set up. Here are some notes from my installation (needed after F18):
#changing port number of incoming ssh: # # # # sudo semanage port -p tcp -a -t ssh_port_t ****** # # where ****** is the port number desired # # get into system-config firewall and open the port ****** for tcp # # add the port number ****** in /etc/ssh/sshd_config replacing Port 22 (default) # #
# doing the same using the new-fangled firewalld (not sure if the above has to be done, but the latter has to):
# Start firewall-config. # # At the top, notice there is a drop down menu. Pull down and select "Persistent Configuration". # # Select the Services Tab and then Edit Services. # # Find the ssh entry and click +Add # # Add the port you want # # Click on the green "reload" icon. # # You're done
I doubt this is the issue because you say that things worked for you until recently but I still thought that I would mention this.
HTH, Ranjan
____________________________________________________________ FREE ONLINE PHOTOSHARING - Share your photos online with your friends and family! Visit http://www.inbox.com/photosharing to find out more!
Allegedly, on or about 22 November 2013, Tom Horsley sent:
What the heck is up with that? Who changed what that could have that effect?
Issues with your ISP? Changes with your work network...
-
Bill Davidsen -
Cameron Simpson -
Carlos "casep" Sepulveda -
Joe Zeff -
Ranjan Maitra -
Roger -
Tim -
Tom Horsley