ssh 2.1.1p1 can't connect; ssh 1.2.3 can
Paul D. Smith
pausmith at nortelnetworks.com
Fri Jun 16 02:37:08 EST 2000
My ISP supports connections via ssh. I was using OpenSSH 1.2.3
(portable) on Solaris 2.5.1 (with EGD), and I could connect to my ISP
just fine. They're using the proprietary sshd version 1.2.26 as far as I
can tell. A connect session looks like:
$ ssh-1.2.3 -v -l foobar xx.xx.xx.xx
SSH Version OpenSSH-1.2.3, protocol version 1.5.
Compiled with SSL.
debug: ssh_connect: getuid 390 geteuid 390 anon 1
debug: Connecting to xx.xx.xx.xx [xx.xx.xx.xx] port 22.
debug: Connection established.
debug: Remote protocol version 1.5, remote software version 1.2.26
debug: Waiting for server public key.
debug: Received server public key (768 bits) and host key (1024 bits).
debug: Host 'xx.xx.xx.xx' is known and matches the host key.
debug: Encryption type: 3des
debug: Sent encrypted session key.
debug: Installing crc compensation attack detector.
debug: Received encrypted confirmation.
debug: Trying RSA authentication via agent with 'psmith at lemming'
debug: Received RSA challenge from server.
debug: Sending response to RSA challenge.
debug: Remote: RSA authentication accepted.
debug: RSA authentication accepted by server.
debug: Requesting pty.
debug: Requesting authentication agent forwarding.
debug: Requesting shell.
debug: Entering interactive session.
...
$ exit
Connection to xx.xx.xx.xx closed.
debug: Transferred: stdin 5, stdout 709, stderr 36 bytes in 25.4 seconds
debug: Bytes per second: stdin 0.2, stdout 27.9, stderr 1.4
debug: Exit status 0
Now I've compiled OpenSSH 2.1.1p1 (same system, Solaris 2.5.1, but this
time using PRNG instead of EGD). This version works to _some_ systems
(for example, I can connect to my home system which is running Debian
GNU/Linux 2.2--running sshd from OpenSSH 1.2.3.
But, I can't connect to my ISP; I just time out. Here's a session:
$ ssh-2.1.1p1 -v -l foobar xx.xx.xx.xx
SSH Version OpenSSH_2.1.1, protocol versions 1.5/2.0.
Compiled with SSL (0x0090581f).
debug: loaded 21 entropy commands from /usr/global/etc/ssh_prng_cmds
debug: Seeding random number generator.
debug: OpenSSL random status is now 0
debug: 1 bytes from system calls
debug: Command 'arp -a -n' timed out
debug: Command 'last' timed out
debug: Command 'df' timed out
debug: 28 bytes from programs
debug: OpenSSL random status is now 1
debug: loading PRNG seed from file /export/home/psmith/.ssh/prng_seed
debug: ssh_connect: getuid 390 geteuid 0 anon 0
debug: Connecting to xx.xx.xx.xx [xx.xx.xx.xx] port 22.
debug: Seeding random number generator.
debug: OpenSSL random status is now 1
debug: 1 bytes from system calls
debug: 26 bytes from programs
debug: OpenSSL random status is now 1
debug: Allocated local port 827.
debug: connect: Connection timed out
debug: Trying again...
debug: Connecting to xx.xx.xx.xx [xx.xx.xx.xx] port 22.
debug: Allocated local port 850.
debug: connect: Connection timed out
debug: Trying again...
debug: Connecting to xx.xx.xx.xx [xx.xx.xx.xx] port 22.
debug: Allocated local port 892.
debug: connect: Connection timed out
debug: Trying again...
debug: Connecting to xx.xx.xx.xx [xx.xx.xx.xx] port 22.
debug: Allocated local port 755.
debug: connect: No route to host
Secure connection to xx.xx.xx.xx refused; reverting to insecure method.
Using rsh. WARNING: Connection will not be encrypted.
/usr/bin/rsh xx.xx.xx.xx -l foobar
xx.xx.xx.xx: No route to host
I tried reading the FAQ and skimming the list archives, but nothing
jumped out at me. Anyone have any thoughts?
--
-------------------------------------------------------------------------------
Paul D. Smith <psmith at baynetworks.com> Network Management Development
"Please remain calm...I may be mad, but I am a professional." --Mad Scientist
-------------------------------------------------------------------------------
These are my opinions---Nortel Networks takes no responsibility for them.
More information about the openssh-unix-dev
mailing list