OpenSSH vs ssh.com
Rob Hagopian
rob at hagopian.net
Mon Dec 4 16:01:18 EST 2000
openssh-snap-20001204 vs F-SECURE SSH Version 2.0.12 (from BigIP v3.3)
doesn't work for protocol 2 (but is fine for protocol 1), any ideas what
would cause this? Below are full debug outputs. In addition, the prior
snapshot I had on the machine caused the following output in the sshd on
the BigIP machine:
Dec 4 03:18:44 b1abv sshd[144]: connection from "10.30.12.11"
Dec 4 03:18:44 b1abv sshd[15841]: DNS lookup failed for "10.30.12.11".
Dec 4 03:18:45 b1abv sshd[15841]: got bad packet when verifying user
root's publickey.
Dec 4 03:18:45 b1abv sshd[15841]: Remote host disconnected: Connection
closed.
Dec 4 03:18:45 b1abv sshd[15841]: connection lost: 'Connection closed.'
sshd -v output:
b1abv:~# /usr/contrib/sbin/sshd -v
WARNING: Development-time debugging not compiled in.
WARNING: To enable, configure with --enable-debug and recompile.
WARNING: Development-time debugging not compiled in.
WARNING: To enable, configure with --enable-debug and recompile.
debug: Reading private host key from /etc/ssh2/hostkey
debug: Key comment: 1024-bit dsa hostkey
debug: Reading public host key from: /etc/ssh2/hostkey.pub
debug: Becoming server.
debug: Creating listener
debug: Listener created
sshd[18717]: Listener created on port 22.
sshd[18717]: Daemon is running.
debug: Running event loop
sshd[18717]: connection from "10.30.12.11"
debug: ssh_server_wrap: creating transport protocol
debug: ssh_server_wrap: creating userauth protocol
sshd[18717]: DNS lookup failed for "10.30.12.11".
debug: new_connection_callback returning
debug: Remote version: SSH-2.0-OpenSSH_2.3.0p2
debug: ssh_sigchld_real_callback
debug: ssh_sigchld_process_pid: no handler for pid 18722 code 0
debug: ssh_user_validate_secure_rpc_password: not yet implemented
debug: ssh_user_validate_kerberos_password: not yet implemented
debug: ssh_user_validate_secure_rpc_password: not yet implemented
debug: ssh_user_validate_kerberos_password: not yet implemented
debug: ssh_user_validate_secure_rpc_password: not yet implemented
debug: ssh_user_validate_kerberos_password: not yet implemented
sshd[18717]: Remote host disconnected: Authentication method
disabled. (user 'prod', client address '10.30.12.11:648', requested
service 'ssh-connection')
sshd[18717]: User authentication failed: 'Authentication method
disabled. (user 'prod', client address '10.30.12.11:648', requested
service 'ssh-connection')'
debug: Exiting event loop
ssh output:
%ssh -v b1abv
SSH Version OpenSSH_2.3.0p2, protocol versions 1.5/2.0.
Compiled with SSL (0x0090581f).
debug: Reading configuration data /usr/etc/ssh_config
debug: Applying options for *
debug: ssh_connect: getuid 0 geteuid 0 anon 0
debug: Connecting to b1abv [216.200.130.7] port 22.
debug: Allocated local port 648.
debug: Connection established.
debug: identity file /usr/dh/home/prod/.ssh/identity type 0
debug: identity file /usr/dh/home/prod/.ssh/id_dsa type 3
debug: Remote protocol version 1.99, remote software version 2.0.12
F-SECURE SSH
debug: match: 2.0.12 F-SECURE SSH pat ^2\.0\.
Enabling compatibility mode for protocol 2.0
debug: Local version string SSH-2.0-OpenSSH_2.3.0p2
debug: send KEXINIT
debug: done
debug: wait KEXINIT
debug: got kexinit: diffie-hellman-group1-sha1
debug: got kexinit: ssh-dss
debug: got
kexinit: 3des-cbc,cast128-cbc,blowfish-cbc,twofish-cbc,arcfour,none
debug: got
kexinit: 3des-cbc,cast128-cbc,blowfish-cbc,twofish-cbc,arcfour,none
debug: got kexinit: hmac-md5,md5-8,none
debug: got kexinit: hmac-md5,md5-8,none
debug: got kexinit: none,zlib
debug: got kexinit: none,zlib
debug: got kexinit:
debug: got kexinit:
debug: first kex follow: 0
debug: reserved: 0
debug: done
debug: kex: server->client 3des-cbc hmac-md5 none
debug: kex: client->server 3des-cbc hmac-md5 none
debug: Sending SSH2_MSG_KEXDH_INIT.
debug: bits set: 507/1024
debug: Wait SSH2_MSG_KEXDH_REPLY.
debug: Got SSH2_MSG_KEXDH_REPLY.
debug: Host 'b1abv' is known and matches the DSA host key.
debug: bits set: 500/1024
debug: len 40 datafellows 63
debug: ssh_dss_verify: signature correct
debug: Wait SSH2_MSG_NEWKEYS.
debug: GOT SSH2_MSG_NEWKEYS.
debug: send SSH2_MSG_NEWKEYS.
debug: done: send SSH2_MSG_NEWKEYS.
debug: done: KEX2.
debug: send SSH2_MSG_SERVICE_REQUEST
debug: buggy server: service_accept w/o service
debug: got SSH2_MSG_SERVICE_ACCEPT
debug: authentications that can continue: publickey,password
debug: next auth method to try is publickey
debug: try pubkey: /usr/dh/home/prod/.ssh/id_dsa
debug: read SSH2 private key done: name dsa w/o comment success 1
debug: sig size 20 20
debug: datafellows
debug: authentications that can continue: publickey,password
debug: next auth method to try is publickey
debug: next auth method to try is password
prod at b1abv's password:
debug: authentications that can continue: publickey,password
debug: next auth method to try is password
Permission denied, please try again.
prod at b1abv's password:
debug: authentications that can continue: publickey,password
debug: next auth method to try is password
Permission denied, please try again.
prod at b1abv's password:
Received disconnect: 12: Authentication method disabled.
debug: Calling cleanup 0x805b184(0x0)
-Rob
More information about the openssh-unix-dev
mailing list