ssh-agent and ssh2 servers...

Michael Alan Dorman mdorman at debian.org
Tue Sep 19 08:38:04 EST 2000


I'm not on the mailing list, so I'd appreciate it if you could cc: me,
though I will keep an eye on the archives.

I am running openssh 2.2.0p1 on Debian GNU/Linux.  I was pleased to
see that 2.2.0p1 had support for DSA keys in the agent, and I have
successfully used the v2 protocol to another openssh server with the
agent providing authentication.

I am also able to successfully connect to an ssh.com-2.1.0 server
using DSA authentication, but the ssh-agent doesn't seem to provide
authentication in this instance.

Trying to figure out if this was just my issue or a genuine bug, I
found the following comment in the cvs log of ssh-agent.c:

  add SSH2/DSA support to the agent and some other DSA related
  cleanups.  (note that we cannot talk to ssh.com's ssh2 agents)

It is not clear to me if this comment is intended to mean that openssh
can't talk to the ssh-agent from ssh2 (which wouldn't surprise me a
bit), or if it should really read "(note that we cannot talk to
ssh.com's ssh2 servers)"

My question may be a result of me misunderstanding how the agent
works, but at first glance it would seem that if ssh-agent is able to
handle authenticating to another openssh server using the v2 protocol,
then it ought to work with an ssh.com server using the v2 protocol.

Could someone clarify whether this is a issue with the openssh agent,
or perhaps a bug in what _is_ an older version of ssh.com's ssh?  And
if it's an issue with the openssh agent, is there any possibility of
it being resolved, or does ssh.com's server use some sort of
proprietary protocol that makes interoperability impossible?

I appreciate any information anyone can provide.

Mike





More information about the openssh-unix-dev mailing list