Bug#916843: SSH-Login problems
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
This was confirmed as a configuration issue:
> andrew@a68n:~$ ssh user@detst
> ssh: connect to host detst port 22: Connection refused
> andrew@a68n:~$ ssh root@detst
> ssh: connect to host detst port 22: Connection refused
> andrew@a68n:~$ ssh user@detst
> Linux detst 4.19.0-1-amd64 #1 SMP Debian 4.19.12-1 (2018-12-22) x86_64
>
> The programs included with the Debian GNU/Linux system are free software;
> the exact distribution terms for each program are described in the
> individual files in /usr/share/doc/*/copyright.
>
> Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
> permitted by applicable law.
> Last login: Fri Dec 21 11:16:42 2018 from 192.168.0.58
> user@detst:~$ cat /etc/ssh/sshd_config
> # $OpenBSD: sshd_config,v 1.103 2018/04/09 20:41:22 tj Exp $
>
> # This is the sshd server system-wide configuration file. See
> # sshd_config(5) for more information.
>
> # This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin
>
> # The strategy used for options in the default sshd_config shipped with
> # OpenSSH is to specify options with their default value where
> # possible, but leave them commented. Uncommented options override the
> # default value.
>
> #Port 22
> #AddressFamily any
> #ListenAddress 0.0.0.0
> #ListenAddress ::
>
> #HostKey /etc/ssh/ssh_host_rsa_key
> #HostKey /etc/ssh/ssh_host_ecdsa_key
> #HostKey /etc/ssh/ssh_host_ed25519_key
>
> # Ciphers and keying
> #RekeyLimit default none
>
> # Logging
> #SyslogFacility
> AUTH #LogLevel
> INFO
> #
> Authentication:
> #LoginGraceTime
> 2m PermitRootLogin
> without-password #StrictModes
> yes #MaxAuthTries
> 6 #MaxSessions
> 10
> #PubkeyAuthentication yes
>
> # Expect .ssh/authorized_keys2 to be disregarded by default in future.
> #AuthorizedKeysFile .ssh/authorized_keys .ssh/authorized_keys2
>
> #AuthorizedPrincipalsFile none
>
> #AuthorizedKeysCommand none
> #AuthorizedKeysCommandUser nobody
>
> # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
> #HostbasedAuthentication no
> # Change to yes if you don't trust ~/.ssh/known_hosts for
> # HostbasedAuthentication
> #IgnoreUserKnownHosts no
> # Don't read the user's ~/.rhosts and ~/.shosts files
> #IgnoreRhosts yes
>
> # To disable tunneled clear text passwords, change to no here!
> #PasswordAuthentication yes
> #PermitEmptyPasswords no
>
> # Change to yes to enable challenge-response passwords (beware issues with
> # some PAM modules and threads)
> ChallengeResponseAuthentication no
>
> # Kerberos options
> #KerberosAuthentication no
> #KerberosOrLocalPasswd yes
> #KerberosTicketCleanup yes
> #KerberosGetAFSToken no
>
> # GSSAPI options
> #GSSAPIAuthentication no
> #GSSAPICleanupCredentials yes
> #GSSAPIStrictAcceptorCheck yes
> #GSSAPIKeyExchange no
>
> # Set this to 'yes' to enable PAM authentication, account processing,
> # and session processing. If this is enabled, PAM authentication will
> # be allowed through the ChallengeResponseAuthentication and
> # PasswordAuthentication. Depending on your PAM configuration,
> # PAM authentication via ChallengeResponseAuthentication may bypass
> # the setting of "PermitRootLogin without-password".
> # If you just want the PAM account and session checks to run without
> # PAM authentication, then enable this but set PasswordAuthentication
> # and ChallengeResponseAuthentication to 'no'.
> UsePAM yes
>
> #AllowAgentForwarding yes
> #AllowTcpForwarding yes
> #GatewayPorts no
> X11Forwarding yes
> #X11DisplayOffset 10
> #X11UseLocalhost yes
> #PermitTTY yes
> PrintMotd no
> #PrintLastLog yes
> #TCPKeepAlive yes
> #PermitUserEnvironment no
> #Compression delayed
> #ClientAliveInterval 0
> #ClientAliveCountMax 3
> #UseDNS no
> #PidFile /var/run/sshd.pid
> #MaxStartups 10:30:100
> #PermitTunnel no
> #ChrootDirectory none
> #VersionAddendum none
>
> # no default banner path
> #Banner none
>
> # Allow client to pass locale environment variables
> AcceptEnv LANG LC_*
>
> # override default of no subsystems
> #Subsystem sftp /usr/lib/openssh/sftp-server
>
> # Example of overriding settings on a per-user basis
> #Match User anoncvs
> # X11Forwarding no
> # AllowTcpForwarding no
> # PermitTTY no
> # ForceCommand cvs server
> user@detst:~$
Particularly this:
> > # override default of no subsystems
> > #Subsystem sftp /usr/lib/openssh/sftp-server
-----BEGIN PGP SIGNATURE-----
iF0EARECAB0WIQTF9uNaslvnJpWt8kXn6sEfJS3nCwUCXD8YAwAKCRDn6sEfJS3n
C8TAAJ0Zj0e3mpjwWXx1dnCJ7JF30brU+QCfTKc4M7U+AJhy2FGm0Ychn5QIojI=
=B0h8
-----END PGP SIGNATURE-----
Reply to: