[Bug 1168] sftp fails to HP - UX os even when pubic keys are present in HP-UX
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Fri Mar 3 03:32:53 EST 2006
http://bugzilla.mindrot.org/show_bug.cgi?id=1168
Summary: sftp fails to HP - UX os even when pubic keys are
present in HP-UX
Product: Portable OpenSSH
Version: 3.7.1p2
Platform: Other
OS/Version: HP-UX
Status: NEW
Keywords: help-wanted
Severity: major
Priority: P2
Component: sftp
AssignedTo: bitbucket at mindrot.org
ReportedBy: manikandan.selvaraju at wipro.com
CC: manikandan.selvaraju at wipro.com
Hi,
I have SSH installed in a HP-UX system.
Its version is
SOE-openssh-3.7.1p2-pwexp26, SSH protocols 1.5/2.0, OpenSSL 0.9.7d 17 Mar 2004.
Now when i try to use sftp from other systems to HP -UX where ssh is installed
it is not working fine as excepted.
In brief i will mention the steps i followed.
1) Create a ssh-agent (client)by giving
eval `ssh-agent`
And get its PID.
2)Then set the environment variables as
-- export SSH_AGENT_PID=<ssh-agent_PID>>
Then go to cd /tmp and then do a ls -lrt to find some directory which
is of name ssh-___ and then get into that ssh-____ directory
you will have
some file with the name agent.xxxxx
-- export SSH_AUTH_SOCK=<complete path as you find from above pwd command >
3)Then create the ssh keys by giving
#ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (//.ssh/id_rsa):
//.ssh/id_rsa already exists.
Overwrite (y/n)? y
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in //.ssh/id_rsa.
Your public key has been saved in //.ssh/id_rsa.pub.
The key fingerprint is:
8d:30:30:54:63:76:ff:bb:46:f7:55:2f:fb:7a:f9:2d root at wcary2qw
There enter the passphrase of some 8 characters.
4)Then add the keys to ssh-agent by giving
#ssh-add
Enter passphrase for //.ssh/id_rsa:
Identity added: //.ssh/id_rsa (//.ssh/id_rsa)
#
Enter the passphrase typed before.
4)Copy the public key(id_rsa.pub) and put the public key in the HP -UX
corresponding user's home directory under .ssh directory in authorized_keys
file.
Suppose if we are giving
#sftp xxxx at 47.128.213.56
Then go /home/xxxx/.ssh
#touch authorized_keys
#chmod 777 authorized_keys
Paste the public key inside this file.
5)Now when you do sftp xxxx at 47.128.213.56 it will not ask for password it will
directly go to sftp prompt
#sftp xxxx at 47.128.213.56
sftp>
This as excepted.The same scenario is working for all os but for HP -UX it is
not working.
So could anyone throw some lights on this issue.
Debug mode details obtained when tried sftp to HP-UX system
#sftp -v -v -v xxxx at 47.128.213.56
OpenSSH_4.2p1, OpenSSL 0.9.7c 30 Sep 2003
debug1: Reading configuration data /usr/etc/ssh_config
debug3: Seeding PRNG from /usr/libexec/ssh-rand-helper
debug2: ssh_connect: needpriv 0
debug1: Connecting to 47.128.213.56[47.128.213.56] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: identity file /home/root/.ssh/identity type 0
debug3: Not a RSA1 key file /home/root/.ssh/id_rsa.
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug3: key_read: missing keytype
debug2: key_type_from_name: unknown key type 'Proc-Type:'
debug3: key_read: missing keytype
debug2: key_type_from_name: unknown key type 'DEK-Info:'
debug3: key_read: missing keytype
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug2: key_type_from_name: unknown key type '-----END'
debug3: key_read: missing keytype
debug1: identity file /home/root/.ssh/id_rsa type 1
debug3: Not a RSA1 key file /home/root/.ssh/id_dsa.
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug3: key_read: missing keytype
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug2: key_type_from_name: unknown key type '-----END'
debug3: key_read: missing keytype
debug1: identity file /home/root/.ssh/id_dsa type 2
debug1: Remote protocol version 1.99, remote software version
SOE-openssh-3.7.1p2-pwexp26
debug1: no match: SOE-openssh-3.7.1p2-pwexp26
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.2
debug2: fd 4 setting O_NONBLOCK
debug3: RNG is ready, skipping seeding
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit:
diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit:
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc at lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit:
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc at lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit:
hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160 at openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit:
hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160 at openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib at openssh.com,zlib
debug2: kex_parse_kexinit: none,zlib at openssh.com,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit:
diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit:
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc
debug2: kex_parse_kexinit:
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc
debug2: kex_parse_kexinit:
hmac-md5,hmac-sha1,hmac-ripemd160,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit:
hmac-md5,hmac-sha1,hmac-ripemd160,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_init: found hmac-md5
debug1: kex: server->client aes128-cbc hmac-md5 none
debug2: mac_init: found hmac-md5
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug2: dh_gen_key: priv key bits set: 120/256
debug2: bits set: 510/1024
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug3: check_host_in_hostfile: filename /home/root/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 6
debug1: Host '47.129.249.42' is known and matches the RSA host key.
debug1: Found key in /home/root/.ssh/known_hosts:6
debug2: bits set: 500/1024
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /home/root/.ssh/id_rsa (20077848)
debug2: key: /home/root/.ssh/id_dsa (20077868)
debug3: input_userauth_banner
###############################################################
# #
# Access to this network and the information on it are #
# lawfully available only for approved purposes by employees #
# of Nortel Networks and other users authorized by Nortel #
# Networks. If you are not an employee of Nortel Networks #
# or an authorized user, do not attempt to log on. Other #
# than where prohibited by law and subject to legal #
# requirements, Nortel Networks reserves the right to review #
# any information in any form on this network at any time. #
# #
###############################################################
*
**
****** IMPORTANT NOTE ******
Please note that in order to improve performance
in this Exceed Pool, additional servers have been
added.
In order to ensure the pool is properly load
balanced, please telnet/Exceed into ZCARXSS1, not
the individual server names.
Thank you for your cooperation.
** This server reboots every Sunday morning
** between 5:30am and 6:00am
****************************
**
*
debug1: Authentications that can continue: publickey,password
debug3: start over, passed a different list publickey,password
debug3: preferred publickey,keyboard-interactive,password
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /home/root/.ssh/id_rsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,password
debug1: Offering public key: /home/root/.ssh/id_dsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: publickey,password
debug2: we did not send a packet, disable method
debug3: authmethod_lookup password
debug3: remaining preferred: ,password
debug3: authmethod_is_enabled password
debug1: Next authentication method: password
xxxx at 47.128.213.56's password:
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the openssh-bugs
mailing list