[Bug 887] Problem connecting OpenSSH Client to a F-Secure SSH Server

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Wed Jun 30 11:29:21 EST 2004


           Summary: Problem connecting OpenSSH Client to a F-Secure SSH
           Product: Portable OpenSSH
           Version: -current
          Platform: All
        OS/Version: other
            Status: NEW
          Severity: major
          Priority: P2
         Component: sftp
        AssignedTo: openssh-bugs at mindrot.org
        ReportedBy: vcampitelli at yahoo.com

We recently install a Suse Linux Server version 8 however we are experiencing 
technical issues with the public keys which reside on a AIX 4.3.3 running F-
Secure Server. We regenerated the keys a multiple time but the problem is 
always there. To generate the keys we use the following command(usr/bin/ssh-
keygen -b 1024 -t dsa) and then we convert the pub file so the F-Secure can 
read it(ssh-keygen -e -f KEY_OPENSSH.pub > KEY_FSECURE.pub). We aren't able to 
connect with the public keys however we can connect with a password directly to 
the F-Secure Server.


Debug Mode
OpenSSH_3.4p1, SSH protocols 1.5/2.0, OpenSSL 0x0090607f
32459: debug1: Reading configuration data /etc/ssh/ssh_config
32459: debug1: Applying options for *
32459: debug1: Rhosts Authentication disabled, originating port will not be 
32459: debug1: ssh_connect: needpriv 0
32459: debug1: Connecting to [] port 10022.
32459: debug1: Connection established.
32459: debug1: identity file /root/.ssh/id_dsa type -1
32459: debug1: Remote protocol version 2.0, remote software version 2.3.1 F-
32459: debug1: match: 2.3.1 F-SECURE SSH pat 2.3.*
32459: Enabling compatibility mode for protocol 2.0
32459: debug1: Local version string SSH-2.0-OpenSSH_3.4p1
32459: debug1: SSH2_MSG_KEXINIT sent
32459: debug1: SSH2_MSG_KEXINIT received
32459: debug1: kex: server->client 3des-cbc hmac-md5 none
32459: debug1: kex: client->server 3des-cbc hmac-md5 none
32459: debug1: dh_gen_key: priv key bits set: 184/384
32459: debug1: bits set: 489/1024
32459: debug1: sending SSH2_MSG_KEXDH_INIT
32459: debug1: expecting SSH2_MSG_KEXDH_REPLY
32459: debug1: Host '' is known and matches the DSA host key.
32459: debug1: Found key in /root/.ssh/known_hosts:1
32459: debug1: bits set: 544/1024
32459: debug1: ssh_dss_verify: signature correct
32459: debug1: kex_derive_keys
32459: debug1: newkeys: mode 1
32459: debug1: SSH2_MSG_NEWKEYS sent
32459: debug1: waiting for SSH2_MSG_NEWKEYS
32459: debug1: newkeys: mode 0
32459: debug1: SSH2_MSG_NEWKEYS received
32459: debug1: done: ssh_kex2.
32459: debug1: send SSH2_MSG_SERVICE_REQUEST
32459: debug1: service_accept: ssh-userauth
32459: debug1: got SSH2_MSG_SERVICE_ACCEPT
32459: debug1: authentications that can continue: publickey
32459: debug1: next auth method to try is publickey
32459: debug1: try privkey: /root/.ssh/id_dsa
32459: debug1: PEM_read_PrivateKey failed
32459: debug1: read PEM private key done: type <unknown>
32459: debug1: no more auth methods to try
32459: Permission denied (publickey).
32459: debug1: Calling cleanup 0x8068090(0x0)
32458: Couldn't read packet: Connection reset by peer

ssh_config file

Host *
BatchMode yes
StrictHostKeyChecking ask
IdentityFile ~/.ssh/id_dsa
Port 9022


------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

More information about the openssh-bugs mailing list