one host only: ssh_dispatch_run_fatal
Harry Putnam
reader at newsguy.com
Wed Nov 9 11:34:18 AEDT 2016
Darren Tucker <dtucker at zip.com.au> writes:
> On Wed, Nov 9, 2016 at 12:02 AM, Harry Putnam <reader at newsguy.com> wrote:
>> Darren Tucker <dtucker at zip.com.au> writes:
> [...]
>>> Can you tell me more about the server? You said it's Solaris, but is
>>> it SPARC or x86? What OpenSSL version is it?
>> uname -a SunOS 2x 5.11 oi_151a9 i86pc i386 i86pc
> [...]
>> Running OpenSSH_6.6, OpenSSL 1.0.1u 22 Sep 2016.
>
> I built my 6.6p1 with OpenSSL 1.0.1u but still failed to reproduce the problem.
>
>> Provided from the OpenCSW project that builds some solaris pkgs.
>>
>> The last line of sshd_config must be the killer:
>> `kexAlgorithms diffie-hellman-group-exchange-sha1'
>
> diffie-hellman-group-exchange-sha1 is one of the oldest kex methods
> (>10 years) so I'm surprised that it is related to the problem.
>
> There's still a problem in there somewhere, but at this stage I have
> no idea where it is (openssh, openssl, libraries, compiler,
> toolchain...)
I kind of hid some info in the message you are replying to above, below
the ssh -vv output. Maybe you didn't notice it.
After removing the diffie hellman line, (it was not in the sshd_config
as installled but something I had added way back)I was able to return
to 7.3_p1-r7 the gentoo monified version that started this thread with
no problems at all.
So for the benefit of any searchers who stumble across this thread,
removing that line seems to have removed the problem that was causing
my gentoo host to fail when connecting to my solaris host.
Now, I'm back where all lan hosts can talk to each other over ssh.
Thanks for helping me sort that out... I've been hassling with it for
a good while, and probably would have continued to stumble around a
good while longer without your clear thinking and guidance.
More information about the openssh-unix-dev
mailing list