[Bug 342] New: RhostsRSAAuthentication does not work with 3.4p1

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Tue Jul 9 03:22:58 EST 2002 

http://bugzilla.mindrot.org/show_bug.cgi?id=342

           Summary: RhostsRSAAuthentication does not work with 3.4p1
           Product: Portable OpenSSH
           Version: -current
          Platform: ix86
        OS/Version: Linux
            Status: NEW
          Severity: normal
          Priority: P2
         Component: ssh
        AssignedTo: openssh-unix-dev at mindrot.org
        ReportedBy: hinsen at cnrs-orleans.fr


After upgrading our machines (all running RedHat Linux 7.1) to OpenSSH 3.4p1,
connections using RhostsRSAAuthentication seem to be impossible. ssh does not
even try this mode of authentication, even when it is the only one enabled in
the configuration file.

This is my ssh_config:

Host *
        ForwardX11 yes
        Protocol 1,2
        RhostsAuthentication no
        RhostsRSAAuthentication yes
        HostbasedAuthentication yes
        RSAAuthentication no
        PasswordAuthentication no

And this is my sshd_config:

IgnoreUserKnownHosts yes
X11Forwarding yes
RhostsAuthentication no
RhostsRSAAuthentication yes
HostbasedAuthentication no
RSAAuthentication yes
PasswordAuthentication yes
PermitEmptyPasswords no
ChallengeResponseAuthentication no
Subsystem       sftp    /usr/libexec/openssh/sftp-server

Finally, the protocol of running "ssh -v chinon" (chinon being the name of a
computer) between two machines with identical ssh configurations and which are
in each other's "known hosts" list:

OpenSSH_3.4p1, SSH protocols 1.5/2.0, OpenSSL 0x0090600f
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: ssh_connect: needpriv 0
debug1: Connecting to chinon [163.9.6.107] port 22.
debug1: Connection established.
debug1: identity file /users1/hinsen/.ssh/identity type 0
debug1: identity file /users1/hinsen/.ssh/id_rsa type -1
debug1: identity file /users1/hinsen/.ssh/id_dsa type -1
debug1: Remote protocol version 1.99, remote software version OpenSSH_3.4p1
debug1: match: OpenSSH_3.4p1 pat OpenSSH*
debug1: Local version string SSH-1.5-OpenSSH_3.4p1
debug1: Waiting for server public key.
debug1: Received server public key (768 bits) and host key (1024 bits).
debug1: Host 'chinon' is known and matches the RSA1 host key.
debug1: Found key in /etc/ssh/ssh_known_hosts:3
debug1: Encryption type: 3des
debug1: Sent encrypted session key.
debug1: cipher_init: set keylen (16 -> 32)
debug1: cipher_init: set keylen (16 -> 32)
debug1: Installing crc compensation attack detector.
debug1: Received encrypted confirmation.
Permission denied.
debug1: Calling cleanup 0x80651d0(0x0)



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

More information about the openssh-unix-dev mailing list