SSH connection hang after upgrade
John DeStefano
john.destefano at gmail.com
Sat Jun 21 06:00:16 EST 2008
On Jun 20, 2008, at 2:54 PM, Ben Lindstrom wrote:
> There is a difference between a RSA1 key (RSA for ssh v1 protocol)
> and an RSA key (RSA for ssh v2 protocol). So that has nothing to do
> with what you are seeing.
> - Ben
OK; thanks ... but if 'Protocol 2' is specified in sshd_config, should
sshd be looking for an 'RSA1 key'? And why would it look at .ssh/
id_rsa instead of looking for .ssh/identity, which doesn't exist on my
system but I believe is the file used for SSH v1 RSA? Is there a way
to prevent it from doing so?
Thanks,
~John
> On Fri, 20 Jun 2008, John DeStefano wrote:
>
>> Hello,
>>
>> Any help, please? Could this possibly be a bug with 'portable'
>> OpenSSH 5.0p_1 on Mac OS X 10.5.3? I don't understand why the daemon
>> is saying my private key is "Not a RSA1 key file" when it _is_ a
>> valid
>> RSA key file ... or why the daemon is trying to read the private key
>> in the first place: as long as the SSH Agent is working properly,
>> shouldn't it be the _public_ key it looks for?
>>
>> Thanks,
>> ~John
>>
>> On Jun 18, 2008, at 6:16 PM, John DeStefano wrote:
>>
>>> I recently had to upgrade my version of OpenSSH from 4.7 to 5.0p1 on
>>> my
>>> MacBook (Darwin). I installed the latest 'portable' tarball and
>>> removed the system version:
>>> $ ssh -V
>>> OpenSSH_5.0p1, OpenSSL 0.9.7l 28 Sep 2006
>>> $ which ssh
>>> /usr/bin/ssh
>>>
>>> sshd is the same version, installed in /usr/sbin/sshd. Now, things
>>> are
>>> a bit broken: I am able to ssh from another machine into my MacBook,
>>> so the server (sshd) is working, but the outgoing client (ssh) hangs
>>> indefinitely on connect. ssh-add also hangs on any operation. ssh-
>>> agent shows:
>>> SSH_AUTH_SOCK=/tmp/ssh-35xNGanxBs/agent.2282; export SSH_AUTH_SOCK;
>>> SSH_AGENT_PID=2283; export SSH_AGENT_PID;
>>> echo Agent pid 2283;
>>>
>>> The interesting bits from an 'ssh -vvv localhost' session are:
>>> ...
>>> debug3: Not a RSA1 key file /Users/jd/.ssh/id_rsa.
>>> debug2: key_type_from_name: unknown key type '-----BEGIN'
>>> debug3: key_read: missing keytype
>>> debug2: key_type_from_name: unknown key type 'Proc-Type:'
>>> debug3: key_read: missing keytype
>>> debug2: key_type_from_name: unknown key type 'DEK-Info:'
>>> debug3: key_read: missing keytype
>>> debug3: key_read: missing whitespace
>>> ...
>>> debug3: key_read: missing whitespace
>>> debug2: key_type_from_name: unknown key type '-----END'
>>> debug3: key_read: missing keytype
>>>
>>> The ssh connection attempt just hangs and sits at:
>>> ...
>>> debug2: service_accept: ssh-userauth
>>> debug1: SSH2_MSG_SERVICE_ACCEPT received
>>>
>>> I don't know why the error 'Not a RSA1 key file' comes up, as my
>>> private key (id_rsa) remains unchanged and begins:
>>> -----BEGIN RSA PRIVATE KEY-----
>>> Proc-Type: 4,ENCRYPTED
>>> DEK-Info: DES-EDE3-CBC,...
>>>
>>> Other points of interest:
>>> 'ssh-keygen -B' correctly identifies my private key and returns what
>>> appears to be a valid bubble-babble digest, beginning with
>>> '1024 ...'
>>> 'ssh-keygen -l' correctly identifies my private key and returns what
>>> appears to be a valid fingerprint, beginning with '1024 ...'
>>> 'ssh-keygen -y' correctly identifies my private key, asks for my
>>> pass phrase, and returns my public key, beginning with 'ssh-rsa ...'
>>> I haven't knowingly enabled any RSA-related settings in sshd_config,
>>> and HostKey remains commented out.
>>>
>>> Any thoughts on what may be wrong, whether this is a bug or
>>> something I've screwed up, or what else I can try?
>>>
>>> Thanks,
>>> ~John
>>
>> _______________________________________________
>> openssh-unix-dev mailing list
>> openssh-unix-dev at mindrot.org
>> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
>>
More information about the openssh-unix-dev
mailing list