Rocksolid Light

Welcome to novaBBS (click a section below)

mail  files  register  nodelist  faq  login

A Linux machine! because a 486 is a terrible thing to waste! (By jjs@wintermute.ucr.edu, Joe Sloan)


computers / comp.security.ssh / Re: temporarily disable StrictHostChecking an allow passwordauth via keyboard?

SubjectAuthor
* Re: temporarily disable StrictHostChecking an allow passwordauth via keybNiYa193
`- Re: temporarily disable StrictHostChecking an allow passwordauthWilliam Unruh

1
Subject: Re: temporarily disable StrictHostChecking an allow passwordauth via keyboard?
From: NiYa193
Newsgroups: comp.security.ssh
Date: Fri, 10 Jul 2020 12:11 UTC
References: 1 2
X-Received: by 2002:ac8:6d17:: with SMTP id o23mr73196978qtt.127.1594383102942;
Fri, 10 Jul 2020 05:11:42 -0700 (PDT)
X-Received: by 2002:ac8:38dc:: with SMTP id g28mr52433119qtc.26.1594383102690;
Fri, 10 Jul 2020 05:11:42 -0700 (PDT)
Path: i2pn2.org!i2pn.org!weretis.net!feeder7.news.weretis.net!proxad.net!feeder1-2.proxad.net!209.85.160.216.MISMATCH!news-out.google.com!nntp.google.com!postnews.google.com!google-groups.googlegroups.com!not-for-mail
Newsgroups: comp.security.ssh
Date: Fri, 10 Jul 2020 05:11:42 -0700 (PDT)
In-Reply-To: <OyxVl.17580$pr6.3608@flpi149.ffdc.sbc.com>
Complaints-To: groups-abuse@google.com
Injection-Info: google-groups.googlegroups.com; posting-host=103.69.140.100; posting-account=p51PfAoAAADb1QFAKYvTA0umYqyR4FcU
NNTP-Posting-Host: 103.69.140.100
References: <7ee57$4a262f1f$557ff839$28965@news.inode.at> <OyxVl.17580$pr6.3608@flpi149.ffdc.sbc.com>
User-Agent: G2/1.0
MIME-Version: 1.0
Message-ID: <ddac47c8-537b-49f4-91a8-4a4b252fa34ao@googlegroups.com>
Subject: Re: temporarily disable StrictHostChecking an allow passwordauth via keyboard?
From: 1556579...@qq.com (NiYa193)
Injection-Date: Fri, 10 Jul 2020 12:11:42 +0000
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
View all headers
在 2009年6月4日星期四 UTC+8上午12:30:38,Darren Dunham写道:
peter pilsl <pilsl@goldfisch.at> wrote:
I tried:

ssh -o "StrictHostKeyChecking no" -o "PasswordAuthentication yes"
root@vmhost.local

but it doesnt work:

Offending key in /home/peter/.ssh/known_hosts:10
Password authentication is disabled to avoid man-in-the-middle attacks.
Keyboard-interactive authentication is disabled to avoid
man-in-the-middle attacks.
Permission denied (publickey,password).

Right.  Because "StrictHostKeyChecking" only affects whether keys are
added to the known_hosts file.  It doesn't affect existing keys. 

And my standard-rescue-disk has ssh enabled but no public key installed..

any idea?

Change the known_hosts file temporarily so there is no existing key.

ssh -o "StrictHostKeyChecking no" -o "UserKnownHostsFile /dev/null" -o
  "PasswordAuthentication yes"

Or put all that into a config file and use that alternate config file:

ssh -F insecure_config <temphost>

If you use a global known_hosts file rather than just the per-user one,
you'll need to override it as well.

--
Darren

Thanks.
This command helps me.
ssh -o "StrictHostKeyChecking no" -o "UserKnownHostsFile /dev/null" -o "PasswordAuthentication yes"


Subject: Re: temporarily disable StrictHostChecking an allow passwordauth via keyboard?
From: William Unruh
Newsgroups: comp.security.ssh
Organization: A noiseless patient Spider
Date: Fri, 10 Jul 2020 15:45 UTC
References: 1 2 3
Path: i2pn2.org!i2pn.org!eternal-september.org!feeder.eternal-september.org!reader01.eternal-september.org!.POSTED!not-for-mail
From: unr...@invalid.ca (William Unruh)
Newsgroups: comp.security.ssh
Subject: Re: temporarily disable StrictHostChecking an allow passwordauth
via keyboard?
Date: Fri, 10 Jul 2020 15:45:49 -0000 (UTC)
Organization: A noiseless patient Spider
Lines: 48
Message-ID: <rea2fd$oet$1@dont-email.me>
References: <7ee57$4a262f1f$557ff839$28965@news.inode.at>
<OyxVl.17580$pr6.3608@flpi149.ffdc.sbc.com>
<ddac47c8-537b-49f4-91a8-4a4b252fa34ao@googlegroups.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf8
Content-Transfer-Encoding: 8bit
Injection-Date: Fri, 10 Jul 2020 15:45:49 -0000 (UTC)
Injection-Info: reader02.eternal-september.org; posting-host="c295ba91b31f029311f44f0c45231114";
logging-data="25053"; mail-complaints-to="abuse@eternal-september.org"; posting-account="U2FsdGVkX1+5YIAxDp/0fgn7eWtqQX0a"
User-Agent: slrn/1.0.3 (Linux)
Cancel-Lock: sha1:K05p2g+Hao3AXUo/WoD9ItQj/hg=
View all headers
On 2020-07-10, NiYa193 <1556579665@qq.com> wrote:
在 2009年6月4日星期四 UTC+8上午12:30:38,Darren Dunham写道:
peter pilsl <pilsl@goldfisch.at> wrote:
I tried:

ssh -o "StrictHostKeyChecking no" -o "PasswordAuthentication yes"
root@vmhost.local

but it doesnt work:

Offending key in /home/peter/.ssh/known_hosts:10
Password authentication is disabled to avoid man-in-the-middle attacks.
Keyboard-interactive authentication is disabled to avoid
man-in-the-middle attacks.
Permission denied (publickey,password).

Right.  Because "StrictHostKeyChecking" only affects whether keys are
added to the known_hosts file.  It doesn't affect existing keys. 

And my standard-rescue-disk has ssh enabled but no public key installed.

any idea?

Change the known_hosts file temporarily so there is no existing key.

ssh -o "StrictHostKeyChecking no" -o "UserKnownHostsFile /dev/null" -o
  "PasswordAuthentication yes"

Or put all that into a config file and use that alternate config file:

ssh -F insecure_config <temphost>

If you use a global known_hosts file rather than just the per-user one,
you'll need to override it as well.

Or you can erase line 10 of the knownhosts file. It is probable that the
destination changed their ssh credentials and ths the problem If you
know they have not, then this is probably a man-in-the-middle attack and
you just gave away your password to an attacker.



--
Darren

Thanks.
This command helps me.
ssh -o "StrictHostKeyChecking no" -o "UserKnownHostsFile /dev/null" -o "PasswordAuthentication yes"


1
rocksolid light 0.7.2
clearneti2ptor