Hello,

I have a problem with a Netware 6.5.7 server. I can't get SSH to work. I have a problem with authentication. When I want to try to login I get an Access Denied error. Novell LDAP is up and running.

Here is my config file :

# $OpenBSD: sshd_config,v 1.56 2002/06/20 23:37:12 markus Exp $
# NWConfVersion = 21

# This is the sshd server system-wide configuration file. See
# sshd_config(5) for more information.

# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin

# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented. Uncommented options change a
# default value.

Port 22
Protocol 2
ListenAddress 0.0.0.0
#ListenAddress ::

# HostKey for protocol version 1
HostKey /etc/ssh/ssh_host_key
# HostKeys for protocol version 2
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_dsa_key

# Lifetime and size of ephemeral version 1 server key
KeyRegenerationInterval 3600
ServerKeyBits 768

# Logging
#obsoletes QuietMode and FascistLogging
#SyslogFacility AUTH
LogLevel INFO
LogPath sys:/etc/ssh/logs
LogMaxRotateFiles 7
LogMaxFileSize 4
LogRotationInterval 24

# Authentication:

LoginGraceTime 600
#PermitRootLogin yes
#StrictModes yes

RSAAuthentication yes
PubkeyAuthentication yes
AuthorizedKeysFile /etc/ssh/keys/authorized_keys

# Change to yes if you don't trust /etc/ssh/known_hosts for
# RhostsRSAAuthentication and HostbasedAuthentication
IgnoreUserKnownHosts no

# To disable tunneled clear text passwords, change to no here!
PasswordAuthentication yes
#PermitEmptyPasswords no

# Change to no to disable s/key passwords
ChallengeResponseAuthentication yes

ClientAliveInterval 10
ClientAliveCountMax 6
KeepAlive yes
Compression yes

# no default banner path
#Banner /some/path

# override default of no subsystems
Subsystem sftp SYS:/SYSTEM/sftp-svr.nlm

#eDir (Novell Directory Services) specific options
eDirNameContext o=bibliotheek

# Multi server navigation, default yes
# yes, path is /servername/volume/dirpath
# no, path is /volume/dirpath
DoSFTPMultiServerNavigation yes

# Ignore users home dir unless on destination server, default no
IgnoreRemoteHomeDir no

# Proxy user and password for ldap searches, useful when
# anon binds are disabled. Name must be fully qualified
ProxyName cn=ldappxy,o=bibliotheek
ProxyPassword

# Allow SSH console session access, default yes
AllowSSHSessions yes

# Restrict users to their home directory and below, default no
RestrictToHomeDir no

# File that contains list of users that are not restricted
UnrestrictFile /etc/ssh/unrestrict.txt

# Ignore all eDir home directory settings, use defaults settings, default no
IgnoreAllHomeDir no

# Default settings for user without a home directory
# or when IgnoreAllHomeDir is yes, no defaults
#DefaultUserHomeDir /public
#DefaultUserHomeVolume sys
#DefaultUserHomeServer rhost

# File name transactions are done using UTF8
# default no
SSHDSendUTF8FileNames no

# UTF8 file names to clients in this space separated aware list if
# SSHDSendUTF8FileNames is 'yes'. If SSHDSendUTF8FileNames 'yes' and
# this list is empty then all clients are considered UTF8 aware.
#UTF8AwareClients WinSCP_release_3.7.6

# Space separated list of CommonName:FullDistinguishName pairs. Common name
# used during login will be converted to the FDN for authentication purposes.
# No default, maximum of 16
eDirNameContext OU=centrale.O=Bibliotheek
eDirNameContext OU=Personeel.OU=centrale.O=Bibliotheek

What could be the problem? I have an other server and that one is running fine.

John