Rhosts Auth Issues with OpenSSH 2.9p1 on Solaris 2.7

Jeff Newton Jeff_Newton at pmc-sierra.com
Thu May 3 15:23:26 EST 2001 

I've installed OpenSSH 2.9p1 on Solaris 2.7 and I am trying to get rhost
authentication working.  Something appears to be wrong with the client
side as I can do rhost auth with a ssh1.2.27 client.  Any help would be
appreciated.

/opt/openssh-2.9p1/etc/ssh_config is:

ForwardX11 yes
RhostsAuthentication yes

/opt/openssh-2.9p1/etc/sshd_config is:

Port 22
IgnoreRhosts no
StrictModes yes
X11Forwarding yes
X11DisplayOffset 10
KeepAlive yes
SyslogFacility AUTH
LogLevel INFO
RhostsAuthentication yes
RhostsRSAAuthentication no
HostbasedAuthentication yes
RSAAuthentication yes
PasswordAuthentication yes
PermitEmptyPasswords no
Subsystem       sftp    /opt/openssh-2.9p1/libexec/sftp-server


Permissions:

newton at nighthawk [29] ls -l /opt/ssh/bin
total 23282
-rwxr-xr-x   1 root     other     355856 May  2 21:30 scp
-rwxr-xr-x   1 root     other     749044 May  2 21:30 sftp
lrwxrwxrwx   1 root     other          3 May  2 21:30 slogin -> ssh
-rws--x--x   1 root     other    3936684 May  2 21:30 ssh
-rwxr-xr-x   1 root     other    2004800 May  2 21:30 ssh-add
-rwxr-xr-x   1 root     other    1703916 May  2 21:30 ssh-agent
-rwxr-xr-x   1 root     other    2009980 May  2 21:30 ssh-keygen
-rwxr-xr-x   1 root     other    1073612 May  2 21:30 ssh-keyscan


When I run ssh -v I notice that Rhosts Auth is disabled.  Regardless if
I change this setting in ssh_config or not.  Trying to force Protocol 1
in either ssh_config or sshd_config has no effect.  Is this a bug with
OpenSSH-2.9p1 or am I doing something else wrong?

Here is some output:

newton at nighthawk [28] /opt/ssh/bin/ssh -v nighthawk
OpenSSH_2.9p1, SSH protocols 1.5/2.0, OpenSSL 0x0090601f
debug1: Reading configuration data /opt/openssh-2.9p1/etc/ssh_config
debug1: Seeded RNG with 42 bytes from programs
debug1: Seeded RNG with 3 bytes from system calls
debug1: Rhosts Authentication disabled, originating port will not be
trusted.
debug1: restore_uid
debug1: ssh_connect: getuid 1412 geteuid 0 anon 1
debug1: Connecting to nighthawk [134.87.114.11] port 22.
debug1: temporarily_use_uid: 1412/67 (e=0)
debug1: restore_uid
debug1: temporarily_use_uid: 1412/67 (e=0)
debug1: restore_uid
debug1: Connection established.
debug1: read PEM private key done: type DSA
debug1: read PEM private key done: type RSA
debug1: identity file /home/cs/newton/.ssh/identity type -1
debug1: Remote protocol version 1.5, remote software version
OpenSSH_2.9p1
debug1: match: OpenSSH_2.9p1 pat ^OpenSSH
debug1: Local version string SSH-1.5-OpenSSH_2.9p1
debug1: Waiting for server public key.
debug1: Received server public key (768 bits) and host key (1024 bits).
debug1: Host 'nighthawk' is known and matches the RSA1 host key.
debug1: Found key in /home/cs/newton/.ssh/known_hosts:6
debug1: Encryption type: 3des
debug1: Sent encrypted session key.
debug1: Installing crc compensation attack detector.
debug1: Received encrypted confirmation.
debug1: Doing password authentication.
newton at nighthawk's password: 

Now here is output using ssh 1.2.27 client:

newton at nighthawk [30] /opt/ssh1/bin/ssh -v nighthawk 
SSH Version 1.2.27 [sparc-sun-solaris2.7], protocol version 1.5.
Standard version.  Does not use RSAREF.
nighthawk: Reading configuration data /opt/ssh1/etc/ssh_config
nighthawk: ssh_connect: getuid 1412 geteuid 0 anon 0
nighthawk: Connecting to nighthawk [134.87.114.11] port 22.
nighthawk: Allocated local port 1011.
nighthawk: Connection established.
nighthawk: Remote protocol version 1.5, remote software version
OpenSSH_2.9p1
nighthawk: Waiting for server public key.
nighthawk: Received server public key (768 bits) and host key (1024
bits).
nighthawk: Host 'nighthawk' is known and matches the host key.
nighthawk: Initializing random; seed file
/home/cs/newton/.ssh/random_seed
nighthawk: IDEA not supported, using 3des instead.
nighthawk: Encryption type: 3des
nighthawk: Sent encrypted session key.
nighthawk: Installing crc compensation attack detector.
nighthawk: Received encrypted confirmation.
nighthawk: Trying rhosts authentication.
nighthawk: Remote: Accepted by .shosts.
nighthawk: Requesting pty.
nighthawk: Requesting shell.
nighthawk: Entering interactive session.
Last login: Wed May  2 22:12:29 2001 from nighthawk
Sun Microsystems Inc.   SunOS 5.7       Generic October 1998
Sun Microsystems Inc.   SunOS 5.7       Generic October 1998
You have mail.

Cheers,

Jeff Newton

More information about the openssh-unix-dev mailing list