Question - Remote SSH in BT4 R2

[maddestelf]

Hello,

I recently upgraded to BT4 R2 and I'm having difficulties getting OpenSSH to work correctly. I need to be able to remotely access the box through SSH, but I don't want to allow root login (only su to root).

In BT4 Final, this was very simple... I added a new user through "Users and Groups", disabled password authentication, generated a public/private key pair for my user in Putty, pasted the public key in authorized_keys file, and set PermitRootLogin to no.

In BT4 R2, I've been unable to successfully SSH to the box after creating a new user. Each time I try, I get a "No supported authentication methods available". However, when I change PermitRootLogin to Yes, my key is accepted and I'm able to SSH as root just fine. I've tried the following steps when adding a new user:

1. Tried going through the "Users and Groups" menu link, but it's broken in R2. When you click it, the message "The platform you are running is not supported by this tool" appears. I selected Ubuntu 8.04 in order to run it, but a new user didn't appear to be added correctly.

2. I followed the advice here. This allowed me to successfully add a new user, but I still couldn't SSH into the box.

I feel like I'm missing a very obvious solution... any help would be appreciated. And let me know if you need more information.

[barbsie]

I suppose you are able to start your sshd on BT4rc2?

ON BT: First add a new user, edit sshd_config and remove rootlogin, restart sshd

Code:

root@bt:~# adduser testssh
Adding user `testssh' ...
Adding new group `testssh' (1000) ...
Adding new user `testssh' (1000) with group `testssh' ...
Creating home directory `/home/testssh' ...
Copying files from `/etc/skel' ...
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully
Changing the user information for testssh
Enter the new value, or press ENTER for the default
        Full Name []:
        Room Number []:
        Work Phone []:
        Home Phone []:
        Other []:
Is the information correct? [Y/n]

root@bt:~# nano /etc/ssh/sshd_config
root@bt:~# service ssh restart
Restarting OpenBSD Secure Shell server: sshd.
root@bt:~#

On remote system use the ssh-copy-id script to copy over your key:

Code:

fw@xps:~$ ssh-copy-id testssh@192.168.1.9
testssh@192.168.1.9's password: 
Now try logging into the machine, with "ssh 'testssh@192.168.1.9'", and check in:

  .ssh/authorized_keys

to make sure we haven't added extra keys that you weren't expecting.

fw@xps:~$ ssh testssh@192.168.1.9
BackTrack 4 R2 (CodeName Nemesis) Security Auditing

For more information visit: http://www.backtrack-linux.org/
testssh@bt:~$ exit
logout
Connection to 192.168.1.9 closed.

Hope this helps.

[cgelici]

I am trying to get remote ssh working. I setup ssh to listen on port 443.
I forwarded port 443 on my router to my static IP 192.168.1.22

When I scan my Public IP:

Code:

root@bt:/etc/ssh# nmap -sS xx.xxx.xxx.xxx -p 443

Starting Nmap 5.35DC1 ( http://nmap.org ) at 2011-04-10 15:54 CEST
Nmap scan report for ipxxx-xxx-xxx-xx.adsl2.static.versatel.nl (xx.xxx.xxx.xxx)
Host is up (0.0019s latency).
PORT    STATE  SERVICE
443/tcp closed https

Nmap done: 1 IP address (1 host up) scanned in 0.25 seconds

Shouldn't this be open now ?

Results of netstat -antp | grep 443

Code:

root@bt:~# netstat -antp | grep 443
tcp        0      0 0.0.0.0:443             0.0.0.0:*               LISTEN      5438/sshd
tcp6       0      0 :::443                  :::*                    LISTEN      5438/sshd

DynDNS port checker says port 443 on my public IP is OPEN en listening.

I tried using a live usb distro on another pc to connect but it wont work with public ip only local. The same with Putty on Windows. (the other laptop is on the same network but I entered the public IP)