VMware Cloud Community
eldingo
Contributor
Contributor
‎09-24-2009 02:09 PM
Jump to solution

sshd_config file messed up

Hello All:

I think I messed up the sshd_config file. I was trying to test "PermiRootLogin Yes" now the service would not start, would not even let me establish putty connection. at the ESX server console I am getting error: "Starting sshd:/etc/sshd_config line 36: Bad yes/without-password/forced-commands-only/no argument: Yes". I have pasted the sshd_config file below. Please advise how to fix it.

  1. $OpenBSD: sshd_config,v 1.59 2002/09/25 11:17:16 markus Exp $

  1. This is the sshd server system-wide configuration file. See

  1. sshd_config(5) for more information.

  1. This sshd was compiled with PATH=/usr/local/bin:/bin:/usr/bin

  1. The strategy used for options in the default sshd_config shipped with

  1. OpenSSH is to specify options with their default value where

  1. possible, but leave them commented. Uncommented options change a

  1. default value.

#Port 22

Protocol 2

#ListenAddress 0.0.0.0

#ListenAddress ::

  1. HostKey for protocol version 1

#HostKey /etc/ssh/ssh_host_key

  1. HostKeys for protocol version 2

#HostKey /etc/ssh/ssh_host_rsa_key

#HostKey /etc/ssh/ssh_host_dsa_key

  1. Lifetime and size of ephemeral version 1 server key

#KeyRegenerationInterval 3600

#ServerKeyBits 768

  1. Logging

#obsoletes QuietMode and FascistLogging

SyslogFacility AUTH

LogLevel VERBOSE

  1. Authentication:

#LoginGraceTime 120

PermitRootLogin Yes

#StrictModes yes

#RSAAuthentication yes

#PubkeyAuthentication yes

#AuthorizedKeysFile .ssh/authorized_keys

  1. rhosts authentication should not be used

#RhostsAuthentication no

  1. Don't read the user's ~/.rhosts and ~/.shosts files

#IgnoreRhosts yes

  1. For this to work you will also need host keys in /etc/ssh/ssh_known_hosts

#RhostsRSAAuthentication no

  1. similar for protocol version 2

#HostbasedAuthentication no

  1. Change to yes if you don't trust ~/.ssh/known_hosts for

  1. RhostsRSAAuthentication and HostbasedAuthentication

#IgnoreUserKnownHosts no

  1. To disable tunneled clear text passwords, change to no here!

#PasswordAuthentication yes

#PermitEmptyPasswords no

  1. Change to no to disable s/key passwords

#ChallengeResponseAuthentication yes

  1. Kerberos options

#KerberosAuthentication no

#KerberosOrLocalPasswd yes

#KerberosTicketCleanup yes

#AFSTokenPassing no

  1. Kerberos TGT Passing only works with the AFS kaserver

#KerberosTgtPassing no

  1. Set this to 'yes' to enable PAM keyboard-interactive authentication

  1. Warning: enabling this may bypass the setting of 'PasswordAuthentication'

#PAMAuthenticationViaKbdInt no

#X11Forwarding no

#X11DisplayOffset 10

#X11UseLocalhost yes

#PrintMotd yes

#PrintLastLog yes

#KeepAlive yes

#UseLogin no

#UsePrivilegeSeparation yes

#PermitUserEnvironment no

#Compression yes

#MaxStartups 10

  1. no default banner path

#Banner /some/path

#VerifyReverseMapping no

#ShowPatchLevel no

  1. override default of no subsystems

Subsystem sftp /usr/libexec/openssh/sftp-server

Ciphers aes256-cbc,aes128-cbc

0 Kudos
1 Solution

Accepted Solutions
admin
Immortal
Immortal
‎09-24-2009 02:43 PM
Jump to solution

Change the "Yes" after PermitRootLogin to "yes", it's case sensitive and doesn't like the capital Y.

Alex






www.phdvirtual.com - esXpress backup

View solution in original post

0 Kudos
2 Replies
admin
Immortal
Immortal
‎09-24-2009 02:43 PM
Jump to solution

Change the "Yes" after PermitRootLogin to "yes", it's case sensitive and doesn't like the capital Y.

Alex






www.phdvirtual.com - esXpress backup

0 Kudos
eldingo
Contributor
Contributor
‎09-25-2009 06:46 AM
Jump to solution

That was it. Thanks Mittel!!

0 Kudos