[lug] Broken ssh

Glenn Murray gmurray at Mines.EDU
Thu Mar 14 15:35:35 MST 2002 

Thanks for the suggestion, but it didn't seem to work.  

glenn/$ ls .ssh
id_rsa  known_hosts
glenn/$ ssh -vl gmurray slate
...
debug1: next auth method to try is publickey
debug1: try privkey: /home/glenn/.ssh/identity
debug1: try privkey: /home/glenn/.ssh/id_rsa
debug1: PEM_read_PrivateKey failed
debug1: read PEM private key done: type <unknown>
Enter passphrase for key '/home/glenn/.ssh/id_rsa':
debug1: try privkey: /home/glenn/.ssh/id_dsa
debug1: next auth method to try is password
gmurray at slate's password:

It turns out that I can connect to the remote machine with 

ssh -1 -l gmurray slate

so I can make it talk with ssh1.  But how do I make it work with CVS?
Naively setting CVS_RSH='ssh -1 ' failed.

I see in my package list that there is an "ssh2" (non-free) which I
could install instead of "ssh" (OpenSSH).  Is this a better
alternative?

Thanks,
Glenn Murray
http://www.mines.edu/~gmurray

On 13 Mar 2002, Hugh Brown wrote:

> You might try logging in to slate and do your key generation there. 
> ssh.com ssh and openssh ssh have different key formats.
> 
> Hugh
> 
> On Wed, 2002-03-13 at 16:58, Glenn Murray wrote:
> > Hi,
> > 
> > I recently upgraded (i.e., am recovering from) Debian potato to
> > testing (woody) and now ssh is broken to two non-Linux UNIX servers.
> > It still works to a non-upgraded Linux box.
> > 
> > I generated new keys id_rsa and id_rsa.pub and appended the
> > latter to ~/.ssh/authorized_keys on the remote machine.
> > 
> > >From below and fiddling with a config file I gather that the public
> > key business is not working.  I really need passwordless connections
> > for cvs access.
> > 
> > Any help would be greatly appreciated.
> > 
> > Thanks,
> > Glenn Murray
> > http://www.mines.edu/~gmurray
> > 
> > 
> > .ssh/$ ssh -v 'gmurray at slate'
> > OpenSSH_3.0.2p1 Debian 1:3.0.2p1-8, SSH protocols 1.5/2.0, OpenSSL 0x0090603f
> > debug1: Reading configuration data /home/glenn/.ssh/config
> > debug1: Applying options for *
> > debug1: Reading configuration data /etc/ssh/ssh_config
> > debug1: Seeding random number generator
> > debug1: Rhosts Authentication disabled, originating port will not be trusted.
> > debug1: restore_uid
> > debug1: ssh_connect: getuid 1000 geteuid 1000 anon 1
> > debug1: Connecting to slate [138.67.1.38] port 22.
> > debug1: temporarily_use_uid: 1000/1000 (e=1000)
> > debug1: restore_uid
> > debug1: temporarily_use_uid: 1000/1000 (e=1000)
> > debug1: restore_uid
> > debug1: Connection established.
> > debug1: identity file /home/glenn/.ssh/identity type 0
> > debug1: identity file /home/glenn/.ssh/id_rsa type 1
> > debug1: identity file /home/glenn/.ssh/id_dsa type -1
> > debug1: Remote protocol version 1.99, remote software version 3.1.0 SSH Secure Shell (non-commercial)
> > debug1: no match: 3.1.0 SSH Secure Shell (non-commercial)
> > Enabling compatibility mode for protocol 2.0
> > debug1: Local version string SSH-2.0-OpenSSH_3.0.2p1 Debian 1:3.0.2p1-8
> > debug1: SSH2_MSG_KEXINIT sent
> > debug1: SSH2_MSG_KEXINIT received
> > debug1: kex: server->client aes128-cbc hmac-md5 none
> > debug1: kex: client->server aes128-cbc hmac-md5 none
> > debug1: dh_gen_key: priv key bits set: 133/256
> > debug1: bits set: 506/1024
> > debug1: sending SSH2_MSG_KEXDH_INIT
> > debug1: expecting SSH2_MSG_KEXDH_REPLY
> > debug1: Host 'slate' is known and matches the DSA host key.
> > debug1: Found key in /home/glenn/.ssh/known_hosts2:1
> > debug1: bits set: 512/1024
> > debug1: ssh_dss_verify: signature correct
> > debug1: kex_derive_keys
> > debug1: newkeys: mode 1
> > debug1: SSH2_MSG_NEWKEYS sent
> > debug1: waiting for SSH2_MSG_NEWKEYS
> > debug1: newkeys: mode 0
> > debug1: SSH2_MSG_NEWKEYS received
> > debug1: done: ssh_kex2.
> > debug1: send SSH2_MSG_SERVICE_REQUEST
> > debug1: service_accept: ssh-userauth
> > debug1: got SSH2_MSG_SERVICE_ACCEPT
> > debug1: authentications that can continue: hostbased,publickey,password
> > debug1: next auth method to try is publickey
> > debug1: try pubkey: /home/glenn/.ssh/id_rsa
> > debug1: authentications that can continue: hostbased,publickey,password
> > debug1: try privkey: /home/glenn/.ssh/id_dsa
> > debug1: next auth method to try is password
> > gmurray at slate's password:
> > 
> > _______________________________________________
> > Web Page:  http://lug.boulder.co.us
> > Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> -- 
> ------------------------------------
> System Administrator/Unix Consultant
> hugh at vecna.com
> Vecna Technologies, Inc
> 6525 Belcrest Rd, Suite 612
> Hyattsville MD, 20782
> 301.864.7253
> http://www.vecna.com
> ------------------------------------
> Linux Professional Institute Certified - Level 1
> Sair Linux and GNU Certified Administrator
> AIX Certified Specialist - System Support
> ------------------------------------
> 
> _______________________________________________
> Web Page:  http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
>

More information about the LUG mailing list