Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 26 replies
  • Subscribers 2 subscribers
  • Views 18153 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

No supported authentication methods available when trying to connect over SSH

maya
Hi,

I am running Astaro Security Gateway v8.306. Enabled SSH, allowed network = any (I know it is not recommended, I just need to get it working with the basic settings first), password authentication only, set the loginuser password, checked the log: the SSH server is listening on port 22. 

On the client PC I can telnet to the port 22 on the ASG host (using the external IP host address). 

But when I try to log in using Putty or WinSCP I am getting the same error all the time:
Disconnected: No supported authentication methods available (server sent: publickey)

Also I do not see any login attempts in the SSH server log.

I've read a lot of threads and cannot find any solution. What am I doing wrong?


This thread was automatically locked due to age.
Parents
  • 0
    No, no equipment. I tried one thing right now.
    1) Disable the DNAT rule I configured and try to access the ASG by the external IP address and port 22
    Checked the firewall log and seeing this:

    /var/log/packetfilter.log:2012:12:04-17:59:11 ASG host name ulogd[5871]: id="2000" severity="info" sys="SecureNet" sub="packetfilter" name="Packet logged" action="log" fwrule="60021" initf="eth3.150" srcmac="x" dstmac="x" srcip="86.46.44.6" dstip="87.198.***.***" proto="6" length="52" tos="0x18" prec="0x00" ttl="115" srcport="56239" dstport="22" tcpflags="SYN"

    This is the only record in the file with my IP address. Looks like the packets were not dropped or anything, just logged?

    Checked the SSH server log - nothing

    2) Enable the DNAT rule and connect to the translated port 222
    Firewall log:

    /var/log/packetfilter.log:2012:12:04-18:24:33 ASG host name ulogd[5871]: id="2000" severity="info" sys="SecureNet" sub="packetfilter" name="Packet logged" action="log" fwrule="60021" initf="eth3.150" srcmac="x" dstmac="x" srcip="86.46.44.6" dstip="87.198.***.***" proto="6" length="52" tos="0x18" prec="0x00" ttl="115" srcport="56982" dstport="222" tcpflags="SYN"

    SSH server log:

    /var/log/sshd.log:2012:12:04-18:10:50 ASG hostname sshd[9851]: Accepted publickey for loginuser from 86.46.44.6 port 56503 ssh2

    Does it make any sense?
Reply
  • 0
    No, no equipment. I tried one thing right now.
    1) Disable the DNAT rule I configured and try to access the ASG by the external IP address and port 22
    Checked the firewall log and seeing this:

    /var/log/packetfilter.log:2012:12:04-17:59:11 ASG host name ulogd[5871]: id="2000" severity="info" sys="SecureNet" sub="packetfilter" name="Packet logged" action="log" fwrule="60021" initf="eth3.150" srcmac="x" dstmac="x" srcip="86.46.44.6" dstip="87.198.***.***" proto="6" length="52" tos="0x18" prec="0x00" ttl="115" srcport="56239" dstport="22" tcpflags="SYN"

    This is the only record in the file with my IP address. Looks like the packets were not dropped or anything, just logged?

    Checked the SSH server log - nothing

    2) Enable the DNAT rule and connect to the translated port 222
    Firewall log:

    /var/log/packetfilter.log:2012:12:04-18:24:33 ASG host name ulogd[5871]: id="2000" severity="info" sys="SecureNet" sub="packetfilter" name="Packet logged" action="log" fwrule="60021" initf="eth3.150" srcmac="x" dstmac="x" srcip="86.46.44.6" dstip="87.198.***.***" proto="6" length="52" tos="0x18" prec="0x00" ttl="115" srcport="56982" dstport="222" tcpflags="SYN"

    SSH server log:

    /var/log/sshd.log:2012:12:04-18:10:50 ASG hostname sshd[9851]: Accepted publickey for loginuser from 86.46.44.6 port 56503 ssh2

    Does it make any sense?
Children
No Data