PubkeyAuthentication broken because ssh cannot ready it's identity keys

elf at buici.com elf at buici.com
Sat May 11 15:57:26 EST 2002 

This is a copy of the bug report I sent debian.

Package: ssh
Version: 1:3.0.2p1-9
Severity: important

I want to be able to login between two hosts without entering
passwords.  

  ssh-keygen -t dsa
  * Copy key to other machine
  cat id_dsa.pub >> .ssh/authorized_keys
  chmod 600 .ssh/authorized_keys
  
Trouble is that the originating host appears unable to parse its own
keys.  This is the debug output from the machine that successfully
performs the password-free login:

debug1: read PEM private key done: type DSA
debug1: read PEM private key done: type RSA
debug1: identity file /home/elf/.ssh/identity type 0
debug1: identity file /home/elf/.ssh/id_rsa type -1
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug2: key_type_from_name: unknown key type '-----END'
debug1: identity file /home/elf/.ssh/id_dsa type 2
debug1: Remote protocol version 2.0, remote software version OpenSSH_3.0.2p1 Debian 1:3.0.2p1-9

The other host reports differently:

debug1: read PEM private key done: type DSA
debug1: read PEM private key done: type RSA
debug1: identity file /home/elf/.ssh/identity type 0
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug2: key_type_from_name: unknown key type '-----END'
debug1: identity file /home/elf/.ssh/id_dsa type 2
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug2: key_type_from_name: unknown key type '-----END'
debug1: identity file /home/elf/.ssh/id_rsa type 1
debug1: Remote protocol version 2.0, remote software version OpenSSH_3.0.2p1 Debian 1:3.0.2p1-9

Note that I'm using the id_dsa key for authentication.

Here is the dsa key and no, I'm not concerned about being
compromised. 


-----BEGIN DSA PRIVATE KEY-----
MIIBugIBAAKBgQCHaKeWvF4kc+SNvV5iph7u6av4nnbALON9bJuio0YXuh8rwY4X
o9fzf3ogOOYs+32wFp5MYT7w6Enp6Wm7WeUGuOLXpco4TiWEUpfYcApex+JagVTh
FDYc5oeOeXR420b87VPRyVYnjqxGCLQpDw8ROSAkOX1xHGEzETKwzPxtcwIVALzn
T1lFsWARKdqaVbI4Xo4SWKFBAoGARvAxvIDbaPnYz5fY76jhi4QTbLP8e10qEKyU
OC+E6oWWZSMtnn1Z1VhgPnzvsuMnrrw4n26TuaQwg0TITJ2kep67g1Pyp02OoTOn
Px84+EC/+u8KRXghl2V4DQySe7Nd45nEdRgRAfU/byKoDj2U+EF3vD18j4pWU5fW
RBHyu34CgYAZh/eFfTPyULWpb45Rgh0JKHYxKrWDRB/T7kLmgs1p9JTzhf+sBXI4
qkuQHfD41NgSp4azg4i322Etr8U1slIAORHGIM5z56TGsu29E3Q18tL1/+KZiMjh
1O0fzXdsJHLhqPABphlZ96tmiVet0pxwJlS/Nw3hI1+nKfjONGmNJgIUdf0w0kl7
b68BgwdevQPU7UCLMx0=
-----END DSA PRIVATE KEY-----



-- System Information
Debian Release: 3.0
Kernel Version: Linux cerise 2.4.18 #15 Fri May 10 00:26:54 PDT 2002 i686 unknown

Versions of the packages ssh depends on:
ii  debconf        1.0.32         Debian configuration management system
ii  libc6          2.2.5-6        GNU C Library: Shared libraries and Timezone
ii  libpam-modules 0.72-35        Pluggable Authentication Modules for PAM
ii  libpam0g       0.72-35        Pluggable Authentication Modules library
ii  libssl0.9.6    0.9.6c-2       SSL shared libraries
ii  libwrap0       7.6-9          Wietse Venema's TCP wrappers library
ii  zlib1g         1.1.4-1        compression library - runtime

--- Begin /etc/ssh/ssh_config (modified conffile)
Host *
  ForwardX11 yes 

--- End /etc/ssh/ssh_config

--- Begin /etc/ssh/moduli (modified conffile)
Config file not present or no permissions for access

--- End /etc/ssh/moduli

--- Begin /etc/init.d/ssh (modified conffile)
Config file not present or no permissions for access

--- End /etc/init.d/ssh

More information about the openssh-unix-dev mailing list