[lug] Broken ssh

Hugh Brown hugh at vecna.com
Wed Mar 13 17:46:22 MST 2002


You might try logging in to slate and do your key generation there. 
ssh.com ssh and openssh ssh have different key formats.

Hugh

On Wed, 2002-03-13 at 16:58, Glenn Murray wrote:
> Hi,
> 
> I recently upgraded (i.e., am recovering from) Debian potato to
> testing (woody) and now ssh is broken to two non-Linux UNIX servers.
> It still works to a non-upgraded Linux box.
> 
> I generated new keys id_rsa and id_rsa.pub and appended the
> latter to ~/.ssh/authorized_keys on the remote machine.
> 
> >From below and fiddling with a config file I gather that the public
> key business is not working.  I really need passwordless connections
> for cvs access.
> 
> Any help would be greatly appreciated.
> 
> Thanks,
> Glenn Murray
> http://www.mines.edu/~gmurray
> 
> 
> .ssh/$ ssh -v 'gmurray at slate'
> OpenSSH_3.0.2p1 Debian 1:3.0.2p1-8, SSH protocols 1.5/2.0, OpenSSL 0x0090603f
> debug1: Reading configuration data /home/glenn/.ssh/config
> debug1: Applying options for *
> debug1: Reading configuration data /etc/ssh/ssh_config
> debug1: Seeding random number generator
> debug1: Rhosts Authentication disabled, originating port will not be trusted.
> debug1: restore_uid
> debug1: ssh_connect: getuid 1000 geteuid 1000 anon 1
> debug1: Connecting to slate [138.67.1.38] port 22.
> debug1: temporarily_use_uid: 1000/1000 (e=1000)
> debug1: restore_uid
> debug1: temporarily_use_uid: 1000/1000 (e=1000)
> debug1: restore_uid
> debug1: Connection established.
> debug1: identity file /home/glenn/.ssh/identity type 0
> debug1: identity file /home/glenn/.ssh/id_rsa type 1
> debug1: identity file /home/glenn/.ssh/id_dsa type -1
> debug1: Remote protocol version 1.99, remote software version 3.1.0 SSH Secure Shell (non-commercial)
> debug1: no match: 3.1.0 SSH Secure Shell (non-commercial)
> Enabling compatibility mode for protocol 2.0
> debug1: Local version string SSH-2.0-OpenSSH_3.0.2p1 Debian 1:3.0.2p1-8
> debug1: SSH2_MSG_KEXINIT sent
> debug1: SSH2_MSG_KEXINIT received
> debug1: kex: server->client aes128-cbc hmac-md5 none
> debug1: kex: client->server aes128-cbc hmac-md5 none
> debug1: dh_gen_key: priv key bits set: 133/256
> debug1: bits set: 506/1024
> debug1: sending SSH2_MSG_KEXDH_INIT
> debug1: expecting SSH2_MSG_KEXDH_REPLY
> debug1: Host 'slate' is known and matches the DSA host key.
> debug1: Found key in /home/glenn/.ssh/known_hosts2:1
> debug1: bits set: 512/1024
> debug1: ssh_dss_verify: signature correct
> debug1: kex_derive_keys
> debug1: newkeys: mode 1
> debug1: SSH2_MSG_NEWKEYS sent
> debug1: waiting for SSH2_MSG_NEWKEYS
> debug1: newkeys: mode 0
> debug1: SSH2_MSG_NEWKEYS received
> debug1: done: ssh_kex2.
> debug1: send SSH2_MSG_SERVICE_REQUEST
> debug1: service_accept: ssh-userauth
> debug1: got SSH2_MSG_SERVICE_ACCEPT
> debug1: authentications that can continue: hostbased,publickey,password
> debug1: next auth method to try is publickey
> debug1: try pubkey: /home/glenn/.ssh/id_rsa
> debug1: authentications that can continue: hostbased,publickey,password
> debug1: try privkey: /home/glenn/.ssh/id_dsa
> debug1: next auth method to try is password
> gmurray at slate's password:
> 
> _______________________________________________
> Web Page:  http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
-- 
------------------------------------
System Administrator/Unix Consultant
hugh at vecna.com
Vecna Technologies, Inc
6525 Belcrest Rd, Suite 612
Hyattsville MD, 20782
301.864.7253
http://www.vecna.com
------------------------------------
Linux Professional Institute Certified - Level 1
Sair Linux and GNU Certified Administrator
AIX Certified Specialist - System Support
------------------------------------




More information about the LUG mailing list