Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Odd ssh password prompt

    Scheduled Pinned Locked Moved General pfSense Questions
    4 Posts 2 Posters 1.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • W
      wkk2
      last edited by

      I have a 2.0.3 system with an odd ssh password prompt issues.  "ssh user@ip"  will connect to the system.

      I get a "Password:" prompt that doesn't allow me to login. If I hit return three times, the prompt changes to "user@ip password:"  This prompt will accept the password and allow me to login.

      I've tried multiple clients with the same result.

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        If you're using ssh from the console, run it with "ssh -v user@ip" and perhaps there will be something useful in the verbose output

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • W
          wkk2
          last edited by

          I tried that.  It showed the 1st "Password" prompts were keyboard-interactive and the 2nd batch was "password".  I'm not sure why.

          debug3: authmethod_is_enabled keyboard-interactive
          debug1: Next authentication method: keyboard-interactive
          debug2: userauth_kbdint
          debug2: we sent a keyboard-interactive packet, wait for reply
          debug3: Wrote 96 bytes for a total of 1205
          debug2: input_userauth_info_req
          debug2: input_userauth_info_req: num_prompts 1
          Password:
          debug3: packet_send2: adding 32 (len 18 padlen 14 extra_pad 64)
          debug3: Wrote 80 bytes for a total of 1285
          debug1: Authentications that can continue: publickey,password,keyboard-interactive
          debug2: userauth_kbdint
          debug2: we sent a keyboard-interactive packet, wait for reply
          debug3: Wrote 96 bytes for a total of 1381
          debug2: input_userauth_info_req
          debug2: input_userauth_info_req: num_prompts 1
          Password:
          debug3: packet_send2: adding 32 (len 18 padlen 14 extra_pad 64)
          debug3: Wrote 80 bytes for a total of 1461
          debug1: Authentications that can continue: publickey,password,keyboard-interactive
          debug2: userauth_kbdint
          debug2: we sent a keyboard-interactive packet, wait for reply
          debug3: Wrote 96 bytes for a total of 1557
          debug2: input_userauth_info_req
          debug2: input_userauth_info_req: num_prompts 1
          Password:
          debug3: packet_send2: adding 32 (len 18 padlen 14 extra_pad 64)
          debug3: Wrote 80 bytes for a total of 1637
          debug1: Authentications that can continue: publickey,password,keyboard-interactive
          debug2: we did not send a packet, disable method
          debug3: authmethod_lookup password
          debug3: remaining preferred:
          debug3: authmethod_is_enabled password
          debug1: Next authentication method: password
          USER@IPADDR's password:

          Answering this prompt worked.

          1 Reply Last reply Reply Quote 0
          • jimpJ
            jimp Rebel Alliance Developer Netgate
            last edited by

            The keyboard-interactive method is more secure flexible, but not all SSH servers support it or have it enabled.

            It allows for things like multiple prompts to implement multi-factor auth and so on.

            Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

            Need help fast? Netgate Global Support!

            Do not Chat/PM for help!

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.