[Bug 342] New: RhostsRSAAuthentication does not work with 3.4p1
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Tue Jul 9 03:22:58 EST 2002
http://bugzilla.mindrot.org/show_bug.cgi?id=342
Summary: RhostsRSAAuthentication does not work with 3.4p1
Product: Portable OpenSSH
Version: -current
Platform: ix86
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: ssh
AssignedTo: openssh-unix-dev at mindrot.org
ReportedBy: hinsen at cnrs-orleans.fr
After upgrading our machines (all running RedHat Linux 7.1) to OpenSSH 3.4p1,
connections using RhostsRSAAuthentication seem to be impossible. ssh does not
even try this mode of authentication, even when it is the only one enabled in
the configuration file.
This is my ssh_config:
Host *
ForwardX11 yes
Protocol 1,2
RhostsAuthentication no
RhostsRSAAuthentication yes
HostbasedAuthentication yes
RSAAuthentication no
PasswordAuthentication no
And this is my sshd_config:
IgnoreUserKnownHosts yes
X11Forwarding yes
RhostsAuthentication no
RhostsRSAAuthentication yes
HostbasedAuthentication no
RSAAuthentication yes
PasswordAuthentication yes
PermitEmptyPasswords no
ChallengeResponseAuthentication no
Subsystem sftp /usr/libexec/openssh/sftp-server
Finally, the protocol of running "ssh -v chinon" (chinon being the name of a
computer) between two machines with identical ssh configurations and which are
in each other's "known hosts" list:
OpenSSH_3.4p1, SSH protocols 1.5/2.0, OpenSSL 0x0090600f
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: ssh_connect: needpriv 0
debug1: Connecting to chinon [163.9.6.107] port 22.
debug1: Connection established.
debug1: identity file /users1/hinsen/.ssh/identity type 0
debug1: identity file /users1/hinsen/.ssh/id_rsa type -1
debug1: identity file /users1/hinsen/.ssh/id_dsa type -1
debug1: Remote protocol version 1.99, remote software version OpenSSH_3.4p1
debug1: match: OpenSSH_3.4p1 pat OpenSSH*
debug1: Local version string SSH-1.5-OpenSSH_3.4p1
debug1: Waiting for server public key.
debug1: Received server public key (768 bits) and host key (1024 bits).
debug1: Host 'chinon' is known and matches the RSA1 host key.
debug1: Found key in /etc/ssh/ssh_known_hosts:3
debug1: Encryption type: 3des
debug1: Sent encrypted session key.
debug1: cipher_init: set keylen (16 -> 32)
debug1: cipher_init: set keylen (16 -> 32)
debug1: Installing crc compensation attack detector.
debug1: Received encrypted confirmation.
Permission denied.
debug1: Calling cleanup 0x80651d0(0x0)
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the openssh-unix-dev
mailing list