[Bug 1167] sftp fails to HP - UX os even when pubic keys are present in HP-UX

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Fri Mar 3 03:20:52 EST 2006


http://bugzilla.mindrot.org/show_bug.cgi?id=1167

           Summary: sftp fails to HP - UX os even when pubic keys are
                    present in HP-UX
           Product: Portable OpenSSH
           Version: 3.7.1p2
          Platform: Other
        OS/Version: HP-UX
            Status: NEW
          Keywords: help-wanted
          Severity: major
          Priority: P2
         Component: sftp
        AssignedTo: bitbucket at mindrot.org
        ReportedBy: manikandan.selvaraju at wipro.com
                CC: manikandan.selvaraju at wipro.com


Hi,

I have SSH installed in a HP-UX system.
Its version is 
SOE-openssh-3.7.1p2-pwexp26, SSH protocols 1.5/2.0, OpenSSL 0.9.7d 17 Mar 2004.

Now when i try to use sftp from other systems  to HP -UX where ssh is installed
it is not working fine as excepted.

In brief i will mention the steps i followed.

1) Create a ssh-agent (client)by giving 
    eval `ssh-agent`
    And get its PID.

2)Then set the environment variables as
    --  export SSH_AGENT_PID=<ssh-agent_PID>>
    Then go to “cd /tmp” and then do a “ls -lrt” to find some directory which
is of name “ssh-___” and then get into that ssh-____ directory … you will have
some file with the name “agent.xxxxx”
    -- export SSH_AUTH_SOCK=<complete path as you find from above pwd command >

3)Then create the ssh keys by giving
#ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (//.ssh/id_rsa): 
//.ssh/id_rsa already exists.
Overwrite (y/n)? y
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 
Your identification has been saved in //.ssh/id_rsa.
Your public key has been saved in //.ssh/id_rsa.pub.
The key fingerprint is:
8d:30:30:54:63:76:ff:bb:46:f7:55:2f:fb:7a:f9:2d root at wcary2qw

There enter the passphrase of some 8 characters.

4)Then add the keys to ssh-agent by giving
#ssh-add 
Enter passphrase for //.ssh/id_rsa: 
Identity added: //.ssh/id_rsa (//.ssh/id_rsa)
#
Enter the passphrase typed before.

4)Copy the public key(id_rsa.pub) and put the public key in the HP -UX
corresponding user's home directory under .ssh directory in authorized_keys
file.
  Suppose if we are giving 
    #sftp xxxx at 47.128.213.56
   Then go /home/xxxx/.ssh 
   #touch authorized_keys
   #chmod 777 authorized_keys 
  Paste the public key inside this file.

5)Now when you do sftp xxxx at 47.128.213.56 it will not ask for password it will
directly go to sftp prompt
    #sftp xxxx at 47.128.213.56
    sftp>

This as excepted.The same scenario is working for all os but for HP -UX it is
not working.

So could anyone throw some lights on this issue.

Debug mode details obtained when tried sftp to HP-UX system


#sftp -v -v -v xxxx at 47.128.213.56
OpenSSH_4.2p1, OpenSSL 0.9.7c 30 Sep 2003
debug1: Reading configuration data /usr/etc/ssh_config
debug3: Seeding PRNG from /usr/libexec/ssh-rand-helper
debug2: ssh_connect: needpriv 0
debug1: Connecting to 47.128.213.56[47.128.213.56] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: identity file /home/root/.ssh/identity type 0
debug3: Not a RSA1 key file /home/root/.ssh/id_rsa.
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug3: key_read: missing keytype
debug2: key_type_from_name: unknown key type 'Proc-Type:'
debug3: key_read: missing keytype
debug2: key_type_from_name: unknown key type 'DEK-Info:'
debug3: key_read: missing keytype
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug2: key_type_from_name: unknown key type '-----END'
debug3: key_read: missing keytype
debug1: identity file /home/root/.ssh/id_rsa type 1
debug3: Not a RSA1 key file /home/root/.ssh/id_dsa.
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug3: key_read: missing keytype
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug2: key_type_from_name: unknown key type '-----END'
debug3: key_read: missing keytype
debug1: identity file /home/root/.ssh/id_dsa type 2
debug1: Remote protocol version 1.99, remote software version
SOE-openssh-3.7.1p2-pwexp26
debug1: no match: SOE-openssh-3.7.1p2-pwexp26
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.2
debug2: fd 4 setting O_NONBLOCK
debug3: RNG is ready, skipping seeding
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit:
diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit:
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc at lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit:
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc at lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit:
hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160 at openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit:
hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160 at openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib at openssh.com,zlib
debug2: kex_parse_kexinit: none,zlib at openssh.com,zlib
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: first_kex_follows 0 
debug2: kex_parse_kexinit: reserved 0 
debug2: kex_parse_kexinit:
diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit:
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc
debug2: kex_parse_kexinit:
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc
debug2: kex_parse_kexinit:
hmac-md5,hmac-sha1,hmac-ripemd160,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit:
hmac-md5,hmac-sha1,hmac-ripemd160,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: 
debug2: kex_parse_kexinit: first_kex_follows 0 
debug2: kex_parse_kexinit: reserved 0 
debug2: mac_init: found hmac-md5
debug1: kex: server->client aes128-cbc hmac-md5 none
debug2: mac_init: found hmac-md5
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug2: dh_gen_key: priv key bits set: 120/256
debug2: bits set: 510/1024
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug3: check_host_in_hostfile: filename /home/root/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 6
debug1: Host '47.129.249.42' is known and matches the RSA host key.
debug1: Found key in /home/root/.ssh/known_hosts:6
debug2: bits set: 500/1024
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /home/root/.ssh/id_rsa (20077848)
debug2: key: /home/root/.ssh/id_dsa (20077868)
debug3: input_userauth_banner
###############################################################
#                                                             #
# Access to this network and the information on it are        #
# lawfully available only for approved purposes by employees  #
# of Nortel Networks and other users authorized by Nortel     #
# Networks. If you are not an employee of Nortel Networks     #
# or an authorized user, do not attempt to log on. Other      #
# than where prohibited by law and subject to legal           #
# requirements, Nortel Networks reserves the right to review  #
# any information in any form on this network at any time.    #
#                                                             #
###############################################################
*
**
****** IMPORTANT NOTE ******

Please note that in order to improve performance
in this Exceed Pool, additional servers have been
added.

In order to ensure the pool is properly load
balanced, please telnet/Exceed into ZCARXSS1, not
the individual server names.

Thank you for your cooperation.

** This server reboots every Sunday morning 
** between 5:30am and 6:00am

****************************
**
*



debug1: Authentications that can continue: publickey,password
debug3: start over, passed a different list publickey,password
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /home/root/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,password
debug1: Offering public key: /home/root/.ssh/id_dsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,password
debug2: we did not send a packet, disable method
debug3: authmethod_lookup password
debug3: remaining preferred: ,password
debug3: authmethod_is_enabled password
debug1: Next authentication method: password
xxxx at 47.128.213.56's password:




------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.




More information about the openssh-bugs mailing list