Imagine I'm setting up a honeypot, what would be the quickest way to setup SSHD to just accept any connection? and yes, this is really insecure, so please don't copy 🙂
Might be useful (put pam_permit
on the auth
stack)… I just don't have much experience with PAM, and am currently reading though the docs.
https://unix.stackexchange.com/questions/124187/accept-any-private-key-for-authentication
For some background to the actual problem, I have a client computer that is behind a firewall, and it tries to setup a reverse SSH tunnel by connecting outbound first (so I can connect back to it)… while it does keep trying to connect, it's as though the key its using is no longer valid (which is odd) or something else is failing.
The servers logs shows that client closes the connection, other clients can connect fine…
debug1: Forked child 29472.
Set /proc/self/oom_score_adj to 0
debug1: rexec start in 5 out 5 newsock 5 pipe 7 sock 8
debug1: inetd sockets after dupping: 3, 3
Connection from CLIENT_IP port 46186
debug1: Client protocol version 2.0; client software version OpenSSH_6.0p1 Debian-4+deb7u2
debug1: match: OpenSSH_6.0p1 Debian-4+deb7u2 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.0p1 Debian-4+deb7u2
debug1: permanently_set_uid: 105/65534 [preauth]
debug1: list_hostkey_types: ssh-rsa,ssh-dss [preauth]
debug1: SSH2_MSG_KEXINIT sent [preauth]
debug1: SSH2_MSG_KEXINIT received [preauth]
debug1: kex: client->server aes128-ctr hmac-md5 none [preauth]
debug1: kex: server->client aes128-ctr hmac-md5 none [preauth]
debug1: expecting SSH2_MSG_KEX_ECDH_INIT [preauth]
debug1: SSH2_MSG_NEWKEYS sent [preauth]
debug1: expecting SSH2_MSG_NEWKEYS [preauth]
debug1: SSH2_MSG_NEWKEYS received [preauth]
debug1: KEX done [preauth]
debug1: userauth-request for user tunnel service ssh-connection method none [preauth]
debug1: attempt 0 failures 0 [preauth]
debug1: PAM: initializing for "tunnel"
debug1: PAM: setting PAM_RHOST to "server"
debug1: PAM: setting PAM_TTY to "ssh"
debug1: userauth-request for user tunnel service ssh-connection method publickey [preauth]
debug1: attempt 1 failures 0 [preauth]
debug1: test whether pkalg/pkblob are acceptable [preauth]
debug1: Checking blacklist file /usr/share/ssh/blacklist.DSA-1024
debug1: Checking blacklist file /etc/ssh/blacklist.DSA-1024
debug1: temporarily_use_uid: 1001/1001 (e=0/0)
debug1: trying public key file /home/tunnel/.ssh/authorized_keys
debug1: fd 4 clearing O_NONBLOCK
debug1: restore_uid: 0/0
debug1: temporarily_use_uid: 1001/1001 (e=0/0)
debug1: trying public key file /home/tunnel/.ssh/authorized_keys2
debug1: Could not open authorized keys '/home/tunnel/.ssh/authorized_keys2': No such file or directory
debug1: restore_uid: 0/0
Failed publickey for tunnel from CLIENT_IP port 46186 ssh2
Connection closed by CLIENT_IP [preauth]
debug1: do_cleanup [preauth]
debug1: monitor_read_log: child log fd closed
debug1: do_cleanup
debug1: PAM: cleanup
debug1: Killing privsep child 29473
Best Answer
This worked... but as this basically removes all forms of authentication, DO NOT DO THIS...
Where any other lines which start with
auth
(aka the module) were commented out... you should also check any@include
lines, as they may include files that set furtherauth
modules, e.g.Then I had to make sure that the SSHD config did NOT set any of these:
And for good measure, a password was set on the account (otherwise treated as disabled).