[lug] ssh question

John E. Koontz koontz at boulder.nist.gov
Tue Jul 23 18:48:15 MDT 2002

At 09:09 AM 7/23/2002 -0600, Wayde wrote:
> > What do you see with the -v parameter?
>About a solid screen full of banter between the two computers.  The
>connection gets made, the two machines seem to be able to validate that
>they are who they say they are, etc..  This all looks good.  Then the
>S/Key authentication starts.

This banter is usually good stuff (if verbose), when debugging ssh problems.

I've checked Barrett & Silverman's ORA ssh book.  S/Key is a one-time 
password scheme implemented only in OpenSSH 

To keep the OpenSSH server (sshd) from supporting S/KEY use this keyword:

SkeyAuthentication no

See also 

With contemporary ssh2 authentication, it appears that if S/KEY is turned 
on, you tend to get it by default.  It may be that the 
AllowedAuthentications and RequiredAuthentications (subset of former) don't 
include password, which I think was what you wanted.

John E. Koontz

More information about the LUG mailing list