Heh?
Paul Wouters
paul at xtdnet.nl
Wed Apr 4 21:02:10 EST 2001
On Tue, 3 Apr 2001, Niels Provos wrote:
> Paul, something is broken in your openssh install.
Definately. But is it the client or the server?
I've sent it to the portable OpenSSH bug address.
I'm using OpenSSH 2.5.2p2-1.7 on a RedHat 7.0 with all updates.
Sometimes I can login fine, and sometimes I can't. It actually seems to
almost alternate, "success,failed,success,failed,success" because at
some point I thought it was a hostname problem (using host or FQDN), but
it isn't
Traces of the two with ssh -v -l root:
Failed:
[root at bofh /root]# ssh -v -l root undoable.xtdnet.nl
OpenSSH_2.5.2p2, SSH protocols 1.5/2.0, OpenSSL 0x0090581f
debug1: Seeding random number generator
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: ssh_connect: getuid 0 geteuid 0 anon 1
debug1: Connecting to undoable.xtdnet.nl [213.160.202.1] port 22.
debug1: Connection established.
debug1: identity file /root/.ssh/identity type 0
debug1: unknown identity file /root/.ssh/id_rsa
debug1: identity file /root/.ssh/id_rsa type -1
debug1: identity file /root/.ssh/id_dsa type 2
debug1: Remote protocol version 1.99, remote software version OpenSSH_2.5.2p2
debug1: match: OpenSSH_2.5.2p2 pat ^OpenSSH
Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_2.5.2p2
debug1: send KEXINIT
debug1: done
debug1: wait KEXINIT
debug1: got kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
debug1: got kexinit: ssh-rsa,ssh-dss
debug1: got kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael128-cbc,rijndael192-cbc,rijndael256-cbc,rijndael-cbc at lysator.liu.se
debug1: got kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael128-cbc,rijndael192-cbc,rijndael256-cbc,rijndael-cbc at lysator.liu.se
debug1: got kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160 at openssh.com,hmac-sha1-96,hmac-md5-96
debug1: got kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160 at openssh.com,hmac-sha1-96,hmac-md5-96
debug1: got kexinit: none,zlib
debug1: got kexinit: none,zlib
debug1: got kexinit:
debug1: got kexinit:
debug1: first kex follow: 0
debug1: reserved: 0
debug1: done
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: Sending SSH2_MSG_KEX_DH_GEX_REQUEST.
debug1: Wait SSH2_MSG_KEX_DH_GEX_GROUP.
debug1: Got SSH2_MSG_KEX_DH_GEX_GROUP.
debug1: dh_gen_key: priv key bits set: 123/256
debug1: bits set: 1013/2049
debug1: Sending SSH2_MSG_KEX_DH_GEX_INIT.
debug1: Wait SSH2_MSG_KEX_DH_GEX_REPLY.
debug1: Got SSH2_MSG_KEXDH_REPLY.
debug1: Host 'undoable.xtdnet.nl' is known and matches the RSA host key.
debug1: Found key in /root/.ssh/known_hosts2:14
debug1: bits set: 992/2049
debug1: ssh_rsa_verify: signature correct
debug1: Wait SSH2_MSG_NEWKEYS.
debug1: GOT SSH2_MSG_NEWKEYS.
debug1: send SSH2_MSG_NEWKEYS.
debug1: done: send SSH2_MSG_NEWKEYS.
debug1: done: KEX2.
debug1: send SSH2_MSG_SERVICE_REQUEST
debug1: service_accept: ssh-userauth
debug1: got SSH2_MSG_SERVICE_ACCEPT
debug1: authentications that can continue: publickey,password
debug1: next auth method to try is publickey
debug1: try privkey: /root/.ssh/id_rsa
debug1: try pubkey: /root/.ssh/id_dsa
debug1: authentications that can continue: publickey,password
debug1: next auth method to try is password
root at undoable.xtdnet.nl's password:
debug1: ssh-userauth2 successful: method password
debug1: channel 0: new [client-session]
debug1: send channel open 0
debug1: Entering interactive session.
debug1: client_init id 0 arg 0
debug1: Requesting X11 forwarding with authentication spoofing.
debug1: channel request 0: shell
debug1: channel 0: open confirm rwindow 0 rmax 16384
Last login: Wed Apr 4 20:46:55 2001 from node146c7.a2000.nl
debug1: client_input_channel_req: channel 0 rtype exit-signal reply 0
debug1: channel 0: rcvd eof
debug1: channel 0: output open -> drain
debug1: channel 0: rcvd close
debug1: channel 0: input open -> closed
debug1: channel 0: close_read
sh: /usr/X11R6/bin/xauth: No such file or directory
debug1: channel 0: obuf empty
debug1: channel 0: output drain -> closed
debug1: channel 0: close_write
debug1: channel 0: send close
debug1: channel 0: is dead
debug1: channel_free: channel 0: status: The following connections are open:
#0 client-session (t4 r0 i8/0 o128/0 fd -1/-1)
Connection to undoable.xtdnet.nl closed.
debug1: Transferred: stdin 0, stdout 0, stderr 42 bytes in 0.1 seconds
debug1: Bytes per second: stdin 0.0, stdout 0.0, stderr 324.8
debug1: Exit status -1
[root at bofh /root]#
Working:
[root at bofh /root]# ssh -v -l root undoable.xtdnet.nl
OpenSSH_2.5.2p2, SSH protocols 1.5/2.0, OpenSSL 0x0090581f
debug1: Seeding random number generator
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: ssh_connect: getuid 0 geteuid 0 anon 1
debug1: Connecting to undoable.xtdnet.nl [213.160.202.1] port 22.
debug1: Connection established.
debug1: identity file /root/.ssh/identity type 0
debug1: unknown identity file /root/.ssh/id_rsa
debug1: identity file /root/.ssh/id_rsa type -1
debug1: identity file /root/.ssh/id_dsa type 2
debug1: Remote protocol version 1.99, remote software version OpenSSH_2.5.2p2
debug1: match: OpenSSH_2.5.2p2 pat ^OpenSSH
Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_2.5.2p2
debug1: send KEXINIT
debug1: done
debug1: wait KEXINIT
debug1: got kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
debug1: got kexinit: ssh-rsa,ssh-dss
debug1: got kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192
-cbc,aes256-cbc,rijndael128-cbc,rijndael192-cbc,rijndael256-cbc,rijndael-cbc at lysator.liu.se
debug1: got kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael128-cbc,rijndael192-cbc,rijndael256-cbc,rijndael-cbc at lysator.liu.se
debug1: got kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160 at openssh.com,hmac-sha1-96,hmac-md5-96
debug1: got kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160 at openssh.com,hmac-sha1-96,hmac-md5-96
debug1: got kexinit: none,zlib
debug1: got kexinit: none,zlib
debug1: got kexinit:
debug1: got kexinit:
debug1: first kex follow: 0
debug1: reserved: 0
debug1: done
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: Sending SSH2_MSG_KEX_DH_GEX_REQUEST.
debug1: Wait SSH2_MSG_KEX_DH_GEX_GROUP.
debug1: Got SSH2_MSG_KEX_DH_GEX_GROUP.
debug1: dh_gen_key: priv key bits set: 137/256
debug1: bits set: 997/2049
debug1: Sending SSH2_MSG_KEX_DH_GEX_INIT.
debug1: Wait SSH2_MSG_KEX_DH_GEX_REPLY.
debug1: Got SSH2_MSG_KEXDH_REPLY.
debug1: Host 'undoable.xtdnet.nl' is known and matches the RSA host key.
debug1: Found key in /root/.ssh/known_hosts2:14
debug1: bits set: 1018/2049
debug1: ssh_rsa_verify: signature correct
debug1: Wait SSH2_MSG_NEWKEYS.
debug1: GOT SSH2_MSG_NEWKEYS.
debug1: send SSH2_MSG_NEWKEYS.
debug1: done: send SSH2_MSG_NEWKEYS.
debug1: done: KEX2.
debug1: send SSH2_MSG_SERVICE_REQUEST
debug1: service_accept: ssh-userauth
debug1: got SSH2_MSG_SERVICE_ACCEPT
debug1: authentications that can continue: publickey,password
debug1: next auth method to try is publickey
debug1: try privkey: /root/.ssh/id_rsa
debug1: try pubkey: /root/.ssh/id_dsa
debug1: authentications that can continue: publickey,password
debug1: next auth method to try is password
root at undoable.xtdnet.nl's password:
debug1: ssh-userauth2 successful: method password
debug1: channel 0: new [client-session]
debug1: send channel open 0
debug1: Entering interactive session.
debug1: client_init id 0 arg 0
debug1: Requesting X11 forwarding with authentication spoofing.
debug1: channel request 0: shell
debug1: channel 0: open confirm rwindow 0 rmax 16384
Last login: Wed Apr 4 20:51:19 2001 from node146c7.a2000.nl
sh: /usr/X11R6/bin/xauth: No such file or directory
[root at undoable /root]#
On the serverside I see just lots of:
Apr 4 20:49:25 undoable PAM_unix[6366]: (sshd) session closed for user root
Apr 4 20:50:54 undoable PAM_unix[6374]: (sshd) session opened for user root by (uid=0)
Apr 4 20:50:54 undoable PAM_unix[6374]: (sshd) session closed for user root
Apr 4 20:51:19 undoable PAM_unix[6379]: (sshd) session opened for user root by (uid=0)
Apr 4 20:51:19 undoable PAM_unix[6379]: (sshd) session closed for user root
Apr 4 20:51:32 undoable PAM_unix[6383]: (sshd) session opened for user root by (uid=0)
And in the secure log:
Apr 4 20:46:50 undoable sshd[6307]: Connection closed by 24.132.70.199
Apr 4 20:46:55 undoable sshd[6309]: Accepted password for ROOT from 24.132.70.199 port 62503 ssh2
Apr 4 20:48:01 undoable sshd[6335]: Did not receive identification string from 213.160.202.99.
Apr 4 20:48:03 undoable sshd[6333]: Connection closed by 24.132.70.199
Apr 4 20:48:53 undoable sshd[6338]: Accepted password for ROOT from 24.132.70.199 port 62505 ssh2
Apr 4 20:49:13 undoable sshd[6344]: Accepted password for ROOT from 24.132.70.199 port 62506 ssh2
Apr 4 20:49:25 undoable sshd[6366]: Accepted password for ROOT from 24.132.70.199 port 62508 ssh2
Apr 4 20:50:54 undoable sshd[6374]: Accepted password for ROOT from 24.132.70.199 port 62510 ssh2
Apr 4 20:51:19 undoable sshd[6379]: Accepted password for ROOT from 24.132.70.199 port 62511 ssh2
Apr 4 20:51:32 undoable sshd[6383]: Accepted password for ROOT from 24.132.70.199 port 62513 ssh2
Apr 4 20:53:03 undoable sshd[6412]: Did not receive identification string from 213.160.202.99.
I do notice the time is totally wrong, but after fixing that the problem didn't
go away either.
Cheers,
Paul
More information about the openssh-unix-dev
mailing list