ssh klice zadane rucne a do ssh-agenta

oldfrog.linux na volny.cz oldfrog.linux na volny.cz
Pátek Duben 23 13:31:09 CEST 2004


Dobry den,

mam potize s pripojenim z linuxu k linuxu pomoci ssh.
Pokud zadam rucne cestu k soukromemu rsa klici

# ssh -i cesta/klic server

probehne pripojeni v poradku. Pokud nastartuji
agenta, pridam jen ten jeden soukromy rsa klic,
je take vse v poradku, prihlasim se dle ocekavani
pomoci

# ssh-add cesta/klic
# ssh server

Pokud vsak pridam vetsi pocet klicu, dojde u nektereho
ze stroju k chybe

    Received disconnect from 192.168.24.1: 2: \
      Too many authentication failures for root

V logu toho stroje pak najdu

    Apr 23 13:17:16 tyls auth.info sshd[210]: \
       Failed publickey for root from 192.168.0.1 port 33813 ssh2
    Apr 23 13:17:16 tyls auth.info sshd[210]: \
       Failed publickey for root from 192.168.0.1 port 33813 ssh2
    Apr 23 13:17:16 tyls auth.info sshd[210]: \
       Failed publickey for root from 192.168.0.1 port 33813 ssh2
    Apr 23 13:17:16 tyls auth.info sshd[210]: \
       Failed publickey for root from 192.168.0.1 port 33813 ssh2
    Apr 23 13:17:16 tyls auth.info sshd[210]: \
       Failed publickey for root from 192.168.0.1 port 33813 ssh2
    Apr 23 13:17:16 tyls auth.info sshd[210]: \
    Disconnecting: Too many authentication failures for root

Pri rucnim zadani ssh klice a uspesnem prihlaseni je v logu proste jen

    Apr 23 13:19:23 tyls auth.info sshd[211]: \
       Accepted publickey for root from 192.168.0.1 port 34066 ssh2

Zda se, ze zalezi na poradi zadavani ssh klicu do agenta.
Napada nekoho mozna pricina? Opravdu nemohu na nic kloudneho
prijit.

Za napady dekuji,
OldFrog.


VERZE ssh na vsechn strojich (a konfigurace prakticky totozna):
  OpenSSH_3.7.1p2, SSH protocols 1.5/2.0, OpenSSL 0.9.7b 10 Apr 2003
  sshd version OpenSSH_3.7.1p2


-- 
------------------------------
Ondrej Nemecek alias 'OldFrog'

tel (domu):     241766035
tel (prace):    222090701
icq:            250163477
------------------------------



Další informace o konferenci Linux