openssh upgrading.

Nico Kadel-Garcia nkadel at gmail.com
Sat Nov 15 12:15:08 EST 2014


On Fri, Nov 14, 2014 at 1:32 PM, Chandra Kumara
<chandra.kumara at shipxpress.com> wrote:
> Hi Openssh support,
>
>
>
> I have upgraded openssh from 5.3p1 to 6.2p2 in a RHEL 6.6 - 64 bit server
> and now i can't login to server remotely using same root password. It always
> prompting the password saying  "Permission denied, please try again."

I just tried the 6.7p1 tarball with this procedure. Seems to work
fine. The .spec file is missing the BuildRequires dependency of
"/usr/bin/xmkmf" in the dependencies for the openssh-x11-aspass
module, but othewise seems to work fine.


> Please help me to resolve the issue.
>
>
>
> Following are the steps i have followd.
>
>
>
> ----------------------------------------------------------------
>
> [root at test ~]# ssh -V
>
> OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013
>
>
>
> [root at test ~]# cat /etc/redhat-release
>
> Red Hat Enterprise Linux Server release 6.6 (Santiago)
>
>
>
> [root at test ~]# rpm -qa |grep openssh
>
> openssh-server-5.3p1-104.el6.x86_64
>
> openssh-clients-5.3p1-104.el6.x86_64
>
> openssh-5.3p1-104.el6.x86_64
>
>
>
> yum install rpm-build
>
> yum install gcc glibc-devel pam-devel libX11-devel krb5-devel zlib-devel
>
> yum install openssh-devel openssl-devel tcp_wrappers-devel libXt-devel imake
> gtk2-devel
>
>
>
> wget http://ftp.spline.de/pub/OpenBSD/OpenSSH/portable/openssh-6.2p2.tar.gz
>
> wget
> http://pkgs.fedoraproject.org/repo/pkgs/openssh/x11-ssh-askpass-1.2.4.1.tar.
> gz/8f2e41f3f7eaa8543a2440454637f3c3/x11-ssh-askpass-1.2.4.1.tar.gz
>
>
>
> tar zxvf openssh-6.2p2.tar.gz
>
> cp openssh-6.2p2/contrib/redhat/openssh.spec .
>
> rpmbuild -bb openssh.spec
>
>
>
> cp x11-ssh-askpass-1.2.4.1.tar.gz /root/rpmbuild/SOURCES/
>
> cp openssh-6.2p2.tar.gz /root/rpmbuild/SOURCES/
>
> cp openssh.spec /root/rpmbuild/SOURCES/
>
>
>
> rpmbuild -bb openssh.spec
>
>
>
> cd /root/rpmbuild/RPMS/x86_64/
>
> rpm -Uvh *
>
> /etc/init.d/sshd restart
>
>
>
> [root at test ~]# rpm -qa |grep openss
>
> openssl-devel-1.0.1e-30.el6_6.4.x86_64
>
> openssh-server-6.2p2-1.x86_64
>
> openssl-1.0.1e-30.el6_6.4.x86_64
>
> openssh-askpass-gnome-6.2p2-1.x86_64
>
> openssh-debuginfo-6.2p2-1.x86_64
>
> openssh-6.2p2-1.x86_64
>
> openssh-clients-6.2p2-1.x86_64
>
>
>
>
>
> [root at plutotest .ssh]# ssh -v root at 192.168.0.38
>
> OpenSSH_5.3p1, OpenSSL 1.0.0-fips 29 Mar 2010
>
> debug1: Reading configuration data /etc/ssh/ssh_config
>
> debug1: Applying options for *
>
> debug1: Connecting to 192.168.0.38 [192.168.0.38] port 22.
>
> debug1: Connection established.
>
> debug1: permanently_set_uid: 0/0
>
> debug1: identity file /root/.ssh/identity type -1
>
> debug1: identity file /root/.ssh/identity-cert type -1
>
> debug1: identity file /root/.ssh/id_rsa type -1
>
> debug1: identity file /root/.ssh/id_rsa-cert type -1
>
> debug1: identity file /root/.ssh/id_dsa type -1
>
> debug1: identity file /root/.ssh/id_dsa-cert type -1
>
> debug1: Remote protocol version 2.0, remote software version OpenSSH_6.2
>
> debug1: match: OpenSSH_6.2 pat OpenSSH*
>
> debug1: Enabling compatibility mode for protocol 2.0
>
> debug1: Local version string SSH-2.0-OpenSSH_5.3
>
> debug1: SSH2_MSG_KEXINIT sent
>
> debug1: SSH2_MSG_KEXINIT received
>
> debug1: kex: server->client aes128-ctr hmac-md5 none
>
> debug1: kex: client->server aes128-ctr hmac-md5 none
>
> debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
>
> debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
>
> debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
>
> debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
>
> debug1: Host '192.168.0.38' is known and matches the RSA host key.
>
> debug1: Found key in /root/.ssh/known_hosts:9
>
> debug1: ssh_rsa_verify: signature correct
>
> debug1: SSH2_MSG_NEWKEYS sent
>
> debug1: expecting SSH2_MSG_NEWKEYS
>
> debug1: SSH2_MSG_NEWKEYS received
>
> debug1: SSH2_MSG_SERVICE_REQUEST sent
>
> debug1: SSH2_MSG_SERVICE_ACCEPT received
>
> debug1: Authentications that can continue:
> publickey,gssapi-with-mic,password
>
> debug1: Next authentication method: gssapi-with-mic
>
> debug1: Unspecified GSS failure.  Minor code may provide more information
>
> Cannot determine realm for numeric host address
>
>
>
> debug1: Unspecified GSS failure.  Minor code may provide more information
>
> Cannot determine realm for numeric host address
>
>
>
> debug1: Unspecified GSS failure.  Minor code may provide more information
>
>
>
>
>
> debug1: Unspecified GSS failure.  Minor code may provide more information
>
> Cannot determine realm for numeric host address
>
>
>
> debug1: Next authentication method: publickey
>
> debug1: Trying private key: /root/.ssh/identity
>
> debug1: Trying private key: /root/.ssh/id_rsa
>
> debug1: Trying private key: /root/.ssh/id_dsa
>
> debug1: Next authentication method: password
>
> root at 192.168.0.38's password:
>
> debug1: Authentications that can continue:
> publickey,gssapi-with-mic,password
>
> Permission denied, please try again.
>
> root at 192.168.0.38's password:
>
> ----------------------------------------------------------------
>
> Regards,
>
> Chandra Kumara, SSA
>
> ShipXpress.
>
> 2315 Beach Blvd - Suite 104 || Jacksonville Beach, FL 32250
>
> phone: +94 11 2826814/15 || website:  <http://www.shipxpress.com/>
> http://www.shipxpress.com
>
>
>
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev


More information about the openssh-unix-dev mailing list