# Telnet RSA Secure Login Failed



## valoel (Feb 10, 2011)

Hello, need help. I'm trying to telnet to my FreeBSD machine, then I'm trying to test telnet in my machine.

Then I got a warning, here is the warning:


```
creative# telnet localhost
Trying ::1...
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
Trying SRA secure login:
User (root): root
Password:
[ SRA login failed ]
User (root):
```

Then here is the sockstat


```
USER     COMMAND    PID   FD PROTO  LOCAL ADDRESS         FOREIGN ADDRESS
root     sshd       1088  3  tcp4   192.168.7.2:22        192.168.1.2:62075
squid    diskd-daem 1079  0  stream -> ??
squid    diskd-daem 1079  1  stream -> ??
squid    diskd-daem 1078  0  stream -> ??
squid    diskd-daem 1078  1  stream -> ??
squid    diskd-daem 1077  0  stream -> ??
squid    diskd-daem 1077  1  stream -> ??
squid    diskd-daem 1076  0  stream -> ??
squid    diskd-daem 1076  1  stream -> ??
root     inetd      1047  5  tcp4   *:23                  *:*
root     inetd      1047  6  dgram  -> /var/run/logpriv
root     sshd       1009  3  tcp4   *:22                  *:*
squid    diskd-daem 1008  0  stream -> ??
squid    diskd-daem 1008  1  stream -> ??
squid    squid      958   3  dgram  -> /var/run/logpriv
squid    squid      958   6  udp4   *:58204               *:*
squid    squid      958   10 stream -> ??
squid    squid      958   13 tcp4   192.168.7.2:8080      192.168.7.1:43453
squid    squid      958   14 stream -> ??
squid    squid      958   17 stream -> ??
squid    squid      958   18 tcp4   192.168.7.2:8080      192.168.7.1:43647
squid    squid      958   19 tcp4   192.168.7.2:64498     50.16.127.4:80
squid    squid      958   20 stream -> ??
squid    squid      958   22 tcp4   192.168.7.2:62242     58.27.22.33:80
squid    squid      958   23 stream -> ??
squid    squid      958   26 tcp4   *:8080                *:*
squid    squid      958   27 udp4   *:3130                *:*
squid    squid      958   28 tcp4   192.168.7.2:52292     66.220.149.18:80
squid    squid      958   29 tcp4   192.168.7.2:61020     58.27.86.207:80
squid    squid      958   30 tcp4   192.168.7.2:57298     66.220.149.32:80
squid    squid      958   31 tcp4   192.168.7.2:60421     74.125.235.41:80
squid    squid      958   32 tcp4   192.168.7.2:61737     66.220.151.89:80
squid    squid      958   33 tcp4   192.168.7.2:50046     65.54.82.152:80
squid    squid      958   34 tcp4   192.168.7.2:56275     69.63.189.31:80
squid    squid      958   35 tcp4   192.168.7.2:62964     69.63.189.31:80
squid    squid      958   36 tcp4   192.168.7.2:57248     202.152.1.200:80
squid    squid      958   37 tcp4   192.168.7.2:53230     125.56.199.18:80
squid    squid      958   40 tcp4   192.168.7.2:51608     58.27.22.10:80
squid    squid      958   41 tcp4   192.168.7.2:51713     202.152.1.200:80
squid    squid      958   43 tcp4   192.168.7.2:61992     125.56.199.16:80
squid    squid      958   44 tcp4   192.168.7.2:50754     66.220.147.33:80
squid    squid      958   57 tcp4   192.168.7.2:58299     92.123.154.57:80
squid    squid      958   63 tcp4   192.168.7.2:53136     66.220.145.45:80
squid    squid      958   66 tcp4   192.168.7.2:53064     58.27.22.10:80
squid    squid      958   70 tcp4   192.168.7.2:50967     92.123.154.215:80
squid    squid      958   72 tcp4   192.168.7.2:64580     58.27.86.64:80
squid    squid      958   73 tcp4   192.168.7.2:63790     58.27.22.10:80
squid    squid      958   74 tcp4   192.168.7.2:57494     125.56.199.40:80
squid    squid      958   78 tcp4   192.168.7.2:63801     125.56.199.49:80
squid    squid      958   79 tcp4   192.168.7.2:57622     92.123.154.66:80
squid    squid      958   82 tcp4   192.168.7.2:61660     58.27.22.26:80
squid    squid      958   93 tcp4   192.168.7.2:51296     92.123.154.57:80
squid    squid      958   96 tcp4   192.168.7.2:50094     92.123.154.99:80
squid    squid      958   103tcp4   192.168.7.2:58639     58.27.22.35:80
root     squid      956   3  dgram  -> /var/run/logpriv
root     syslogd    889   4  dgram  /var/run/log
root     syslogd    889   5  dgram  /var/run/logpriv
root     devd       835   4  stream /var/run/devd.pipe
```

Anybody know what should I do to fix this SRA login failed?

Thank you for the attention :e


----------



## SirDice (Feb 10, 2011)

Don't use telnet. Use ssh(1) instead. Telnet is horribly insecure. Never, ever allow root to telnet. Don't even consider it.


----------



## valoel (Feb 10, 2011)

I'm trying to use ssh, but there appears a warning when I try to remote FreeBSD from mikrotik, the warning is 


```
Enabling compatibility mode for protocol 2.0, Unable to find an authentication method.
```
 


```
Port 22
Protocol 2
AddressFamily any
ListenAddress 0.0.0.0
#ListenAddress ::

# Disable legacy (protocol version 1) support in the server for new
# installations. In future the default will change to require explicit
# activation of protocol 1
Protocol 2

# HostKey for protocol version 1
HostKey /etc/ssh/ssh_host_key
# HostKeys for protocol version 2
HostKey /etc/ssh/ssh_host_dsa_key

# Lifetime and size of ephemeral version 1 server key
#KeyRegenerationInterval 1h
#ServerKeyBits 1024

# Logging
# obsoletes QuietMode and FascistLogging
#SyslogFacility AUTH
#LogLevel INFO

# Authentication:

#LoginGraceTime 2m
PermitRootLogin yes
#StrictModes yes
MaxAuthTries 6
MaxSessions 10

RSAAuthentication yes
PubkeyAuthentication yes
#AuthorizedKeysFile     .ssh/authorized_keys

# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
#RhostsRSAAuthentication no
```


----------



## SirDice (Feb 10, 2011)

Leave the configuration file for SSH alone, unless you really know what you are doing. Do NOT enable root to login directly. Use su(1) or install security/sudo.


----------



## DutchDaemon (Feb 10, 2011)

```
PermitRootLogin yes
```

Switch that off, please.


----------



## valoel (Feb 11, 2011)

Of course I have doing "permitrootlogin yes" but it didn't work. still can't remote FreeBSD via mikrotik.


----------



## SirDice (Feb 14, 2011)

Use a normal user account to login. Post any errors if that doesn't work.


----------



## DutchDaemon (Feb 14, 2011)

valoel said:
			
		

> Of course I have doing "permitrootlogin yes" but it didn't work. still can't remote FreeBSD via mikrotik.



The emphasis in my post was on *Switch that off, please*.


----------

