[lug] openssh server update
John Hernandez
John.Hernandez at noaa.gov
Mon Mar 11 14:37:47 MST 2002
Same scenario works on two of my systems:
[user at client ~]$ ssh -1 -v server
OpenSSH_2.9p2, SSH protocols 1.5/2.0, OpenSSL 0x0090602f
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Seeding random number generator
debug1: Rhosts Authentication disabled, originating port will not be
trusted.
debug1: restore_uid
debug1: ssh_connect: getuid 500 geteuid 0 anon 1
debug1: Connecting to server [x.x.x.x] port 22.
debug1: temporarily_use_uid: 500/500 (e=0)
debug1: restore_uid
debug1: temporarily_use_uid: 500/500 (e=0)
debug1: restore_uid
debug1: Connection established.
debug1: read PEM private key done: type DSA
debug1: read PEM private key done: type RSA
debug1: identity file /home/user/.ssh/identity type -1
debug1: Remote protocol version 1.99, remote software version OpenSSH_3.1p1
debug1: match: OpenSSH_3.1p1 pat ^OpenSSH
debug1: Local version string SSH-1.5-OpenSSH_2.9p2
debug1: Waiting for server public key.
debug1: Received server public key (768 bits) and host key (1024 bits).
debug1: Host 'server' is known and matches the RSA1 host key.
debug1: Found key in /home/user/.ssh/known_hosts:1
debug1: Encryption type: 3des
debug1: Sent encrypted session key.
debug1: Installing crc compensation attack detector.
debug1: Received encrypted confirmation.
debug1: Doing password authentication.
user at server's password:
debug1: Requesting pty.
debug1: Requesting X11 forwarding with authentication spoofing.
debug1: Requesting shell.
debug1: Entering interactive session.
Where does yours die when you run with the -d flag?
Hugh Brown wrote:
> on my server:
>
>
> [server]# grep -v "^#" /etc/ssh/sshd_config
>
> Port 22
> Protocol 2,1
> HostKey /etc/ssh/ssh_host_key
> HostKey /etc/ssh/ssh_host_rsa_key
> HostKey /etc/ssh/ssh_host_dsa_key
> KeyRegenerationInterval 3600
> ServerKeyBits 768
> SyslogFacility AUTHPRIV
> LogLevel INFO
> LoginGraceTime 600
> StrictModes yes
> X11Forwarding yes
> Subsystem sftp /usr/libexec/openssh/sftp-server
>
> [server]# ssh -v localhost
> OpenSSH_3.1p1, SSH protocols 1.5/2.0, OpenSSL 0x0090581f
> debug1: Remote protocol version 1.99, remote software version
> OpenSSH_3.1p1
>
>
> [client]$ ssh -V
> OpenSSH_2.9p2, SSH protocols 1.5/2.0, OpenSSL 0x0090581f
>
> [client]$ ssh -1 server
> Disconnecting: Corrupted check bytes on input.
>
>
> The windows clients get similar problems.
>
> Hugh
>
> On Mon, 2002-03-11 at 15:40, Jonathan Briggs wrote:
>
>>Did you put Protocol 2,1 in your sshd_config file? I believe it used to
>>default to Protocol 2,1, but now it defaults to only Protocol 2.
>>I believe it still supports version 1 however.
>>
>>I just tested it. Yeah, it supports version 1. Try fixing your
>>sshd_config file.
>>
>>Hugh Brown wrote:
>>
>>
>>>I dutifully updated openssh on all of my servers, now as I side result.
>>>I can't connect to them using ssh v1 from putty or from older openssh
>>>clients.
>>>
>>>I get
>>>Corrupted check bytes on input.
>>>
>>>
>>>Or CRC errors on windows.
>>>
>>>The reason I care is that we are tunneling cvs over ssh which is
>>>bouncing through a firewall. I have a few windows users that rely upon
>>>putty and wincvs. I couldn't get putty to do agent forwarding for
>>>sshv2. If I could get that to work, all of the above is moot.
>>>
>>>
>>>Help.
>>>
>>>Hugh
>>>
>
>
>
> _______________________________________________
> Web Page: http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
>
--
- John Hernandez - Network Engineer - 303-497-6392 -
| National Oceanic and Atmospheric Administration |
| Mailstop R/OM12. 325 Broadway, Boulder, CO 80305 |
----------------------------------------------------
More information about the LUG
mailing list