Contenu | Rechercher | Menus

Annonce

Si vous rencontrez des soucis à rester connecté sur le forum (ou si vous avez perdu votre mot de passe) déconnectez-vous et reconnectez-vous depuis cette page, en cochant la case "Me connecter automatiquement lors de mes prochaines visites". Attention, le forum rencontre actuellement quelques difficultés. En cas d'erreur 502, il ne faut pas re-valider l'envoi d'un message ou l'ouverture d'une discussion, au risque de créer un doublon.

La section divers se réorganise ! De nouvelles sous-sections à venir. (plus d'infos + donner son avis)

#1 Le 26/02/2013, à 18:18

kr2sis

authentification failed : Remaining athentification methods :

bonjour
apres une petite config du fichier "sshd_config"
voici sur quoi je tombe (souci : j'ai essyé de commenter et décommenter certaines variables sans résultat)
j'ai deux utilisateurs dans le groupe "sftpusers" qui ne peuvent se connecter

...
18:02:19.142 Starting first key exchange.
18:02:19.209 Server version string: SSH-2.0-OpenSSH_5.5p1 Debian-6+squeeze3
18:02:19.648 New host key received. Algorithm: ssh-rsa, Size: 2048 bits, MD5 Fingerprint: ae:35:dc:8c:65:d4:14:4d:5d:d6:64:1d:2a:9d:32:b8, Bubble-Babble: xorif-helim-sonat-gyhyg-tolat-kanic-tupyn-tosyr-manyd-pyzig-tibiv-pogul-riraz-tenyc-pyloc-gykan-farys-suvyb-vyxex.
18:02:19.652 First key exchange completed.
18:02:19.655 Key exchange: diffie-hellman-group14-sha1. Session encryption: aes256-ctr, MAC: hmac-sha1, compression: none.
18:02:19.747 Attempting 'password' authentication.
18:02:21.912 Authentication failed. Remaining authentication methods: 'publickey,password,hostbased'.
18:02:29.659 Attempting 'password' authentication.
18:02:31.324 Authentication failed. Remaining authentication methods: 'publickey,password,hostbased'.
18:02:34.708 Session terminated on user's request.

mon fichier "sshd_config

# Package generated configuration file
# See the sshd_config(5) manpage for details

# What ports, IPs and protocols we listen for
Port 666
# Use these options to restrict which interfaces/protocols sshd will bind to
#ListenAddress ::
#ListenAddress 0.0.0.0
Protocol 2
# HostKeys for protocol version 2
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_dsa_key
#Privilege Separation is turned on for security
UsePrivilegeSeparation yes

# Lifetime and size of ephemeral version 1 server key
KeyRegenerationInterval 3600
ServerKeyBits 768

# Logging
SyslogFacility AUTH
LogLevel INFO

# Authentication:
LoginGraceTime 120
PermitRootLogin no
StrictModes yes

RSAAuthentication yes
PubkeyAuthentication yes
#AuthorizedKeysFile     %h/.ssh/authorized_keys

# Don't read the user's ~/.rhosts and ~/.shosts files
IgnoreRhosts yes
# For this to work you will also need host keys in /etc/ssh_known_hosts
RhostsRSAAuthentication yes
# similar for protocol version 2
HostbasedAuthentication yes
# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
#IgnoreUserKnownHosts yes

# To enable empty passwords, change to yes (NOT RECOMMENDED)
PermitEmptyPasswords no

# Change to yes to enable challenge-response passwords (beware issues with
# some PAM modules and threads)
ChallengeResponseAuthentication no

# Change to no to disable tunnelled clear text passwords
PasswordAuthentication yes

# Kerberos options
#KerberosAuthentication no
#KerberosGetAFSToken no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes

# GSSAPI options
#GSSAPIAuthentication no
#GSSAPICleanupCredentials yes

X11Forwarding no
X11DisplayOffset 10
PrintMotd no
PrintLastLog yes
TCPKeepAlive yes
#UseLogin no

#MaxStartups 10:30:60
#Banner /etc/issue.net

# Allow client to pass locale environment variables
AcceptEnv LANG LC_*

Subsystem sftp internal-sftp

# Set this to 'yes' to enable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will
# be allowed through the ChallengeResponseAuthentication and
# PasswordAuthentication.  Depending on your PAM configuration,
# PAM authentication via ChallengeResponseAuthentication may bypass
# the setting of "PermitRootLogin without-password".
# If you just want the PAM account and session checks to run without
# PAM authentication, then enable this but set PasswordAuthentication
# and ChallengeResponseAuthentication to 'no'.
UsePAM yes

Match group ftpusers
AllowTcpForwarding no
ForceCommand internal-sftp
ChrootDirectory /home

auriez vous une solution pour je puisse conecter mes utilisateurs svp ?

merci à vous

Hors ligne

Haut de page ↑