SSH 2.2.0

Gary E. Miller gem at rellim.com
Thu Jun 22 08:21:23 EST 2000 

Yo All!

I have been playing with SSH 2.2.0 from www.ssh.com.  I can not
connect to openssh 2.2.1p1 using Ver 2 protocol from ssh Ver 2.2.0.
Ver 1 works fine.

See below for the debug output from both ends

If I force hmac-md5 (-m hmac-md5) from the sender it works!
The other 3 choices fail: hmac-sha1; hmac-md5-96; and none.

I have no problem connecting to this openssh host (hobbes) from
SeccureCRT Ver 3.1b2 or SSH V 2.0.13.

I also have no problem connecting from SecureCRT 3.1b2 to ssh 2.2.0
(after I select "Standard Server" on the client end).

Any ideas?

RGDS
GARY
---------------------------------------------------------------------------
Gary E. Miller Rellim 20340 Empire Ave, Suite E-3, Bend, OR 97701
	gem at rellim.com  Tel:+1(541)382-8588 Fax: +1(541)382-8676

[root at a ~]# ssh -V
ssh: SSH Secure Shell 2.2.0 (non-commercial version) on i686-pc-linux-gnu
[root at a ~]# ssh -v -l gem -p 4040 hobbes.rellim.com
debug: hostname is 'hobbes.rellim.com'.
debug: Unable to open /root/.ssh2/ssh2_config
debug: connecting to hobbes.rellim.com...
debug: entering event loop
debug: ssh_client_wrap: creating transport protocol
debug: SshAuthMethodClient/sshauthmethodc.c:99/ssh_client_authentication_initialize: Added "publickey" to usable methods.
debug: SshAuthMethodClient/sshauthmethodc.c:99/ssh_client_authentication_initialize: Added "password" to usable methods.
debug: Ssh2Client/sshclient.c:1097/ssh_client_wrap: creating userauth protocol
debug: Ssh2Common/sshcommon.c:350/ssh_common_wrap: local ip = 192.168.254.148, local port = 1034
debug: Ssh2Common/sshcommon.c:352/ssh_common_wrap: remote ip = 204.17.205.2, remote port = 4040
debug: SshConnection/sshconn.c:1853/ssh_conn_wrap: Wrapping...
debug: Ssh2Transport/trcommon.c:593/ssh_tr_input_version: Remote version: SSH-1.99-OpenSSH_2.1.1
debug: Remote version: SSH-1.99-OpenSSH_2.1.1
debug: SshUnixUserFiles/sshunixuserfiles.c:200/ssh_blob_read: file /root/.ssh2/hostkeys/key_4040_hobbes.rellim.com.pub does not exist.
debug: SshUnixUserFiles/sshunixuserfiles.c:200/ssh_blob_read: file /etc/ssh2/hostkeys/key_4040_hobbes.rellim.com.pub does not exist.
Host key not found from database.
Key fingerprint:
xodat-besid-vulot-nimet-hygyv-dovak-ryraf-cugiz-dazyl-tireg-bixox
You can get a public key's fingerprint by running
% ssh-keygen -F publickey.pub
on the keyfile.
Are you sure you want to continue connecting (yes/no)? yes
Host key saved to /root/.ssh2/hostkeys/key_4040_hobbes.rellim.com.pub
host key for hobbes.rellim.com, accepted by root Wed Jun 21 2000 15:07:20 -0700
debug: Ssh2Common/sshcommon.c:132/ssh_common_disconnect: DISCONNECT received: Message authentication check fails.
warning: Authentication failed.
debug: Ssh2/ssh2.c:76/client_disconnect: locally_generated = TRUE
Disconnected; MAC error (Message authentication check fails.).
debug: uninitializing event loop


On the other end:

hobbes:/usr/adm# sshd -p 4040 -d
debug: sshd version OpenSSH_2.1.1
debug: Seeding random number generator
debug: read DSA private key done
debug: Seeding random number generator
debug: Bind to port 4040 on 0.0.0.0.
Server listening on 0.0.0.0 port 4040.
Generating 768 bit RSA key.
debug: Seeding random number generator
debug: Seeding random number generator
RSA key generation complete.
debug: Server will not fork when running in debugging mode.
Connection from 216.200.191.195 port 1034
debug: Client protocol version 1.99; client software version 2.2.0 SSH Secure Shell (non-commercial)
Enabling compatibility mode for protocol 2.0
debug: Local version string SSH-1.99-OpenSSH_2.1.1
debug: send KEXINIT
debug: done
debug: wait KEXINIT
debug: got kexinit: diffie-hellman-group1-sha1
debug: got kexinit: ssh-dss
debug: got kexinit: 3des-cbc,blowfish-cbc,twofish-cbc,arcfour
debug: got kexinit: 3des-cbc,blowfish-cbc,twofish-cbc,arcfour
debug: got kexinit: hmac-sha1,hmac-md5,hmac-md5-96,none
debug: got kexinit: hmac-sha1,hmac-md5,hmac-md5-96,none
debug: got kexinit: none,zlib
debug: got kexinit: none,zlib
debug: got kexinit: 
debug: got kexinit: 
debug: first kex follow: 1 
debug: reserved: 0 
debug: done
debug: kex: client->server 3des-cbc hmac-sha1 none
debug: kex: server->client 3des-cbc hmac-sha1 none
debug: Wait SSH2_MSG_KEXDH_INIT.
debug: bits set: 523/1024
debug: bits set: 505/1024
debug: sig size 20 20
debug: send SSH2_MSG_NEWKEYS.
debug: done: send SSH2_MSG_NEWKEYS.
debug: Wait SSH2_MSG_NEWKEYS.
debug: GOT SSH2_MSG_NEWKEYS.
debug: done: KEX2.
Disconnecting: Corrupted HMAC on input.
debug: Calling cleanup 0x805f650(0x0)

More information about the openssh-unix-dev mailing list