AnsweredAssumed Answered

SSH Authentication Debugging

Question asked by travisd on Oct 13, 2011
Latest reply on Oct 17, 2011 by qualyschris

Are there any extra tools available to debug ssh authentication?  I have a couple of Solaris hosts that are giving me fits. I was successfully scanning one with password based authentication (over ssh, just not using keys). A second Solaris host (both are Sol 10, one SPARC, one x86) wouldn't work, despite both being seemingly identical builds, using the same authentication records, same password, etc.

 

Now the lab team has rebuild these, and neither will work. The ssh host keys have changed - are these cached anywhere that would need to be purged? I've tried purching the Asset DB for both hosts with no change.

 

Now I'm attempting SSH key authentication, still with no joy. I can use the exact same keys to SSH in from another *nix box, so I kow they work. I've tried with both RSA and DSA keys, and just DSA (with works from the other *nix box).

 

One thing I see in the logs is "Did not receive identification string from 10.42.71.99" (the Qualys scanner), but I can't tell is this is really part of the authentication process, or just normal VA scanning.

 

Any better places to look for debug info within Qualys? All I have to go on now is the "Unix Authentication Failed" QID.

Outcomes