Compatibility issue: OpenSSH v2.3.0p1 vs. 3.0.2: RSA keys

Ulrich Windl Ulrich.Windl at
Wed Mar 6 20:13:15 EST 2002

On 6 Mar 2002, at 9:29, Gert Doering wrote:

> Hi,
> On Wed, Mar 06, 2002 at 08:42:38AM +0100, Ulrich Windl wrote:
> > Password login worked fine, but a password for an existing and 
> > configured RSA1 key was never asked, the key never tried. It always 
> > fell back to plain password authentication.
> > 
> > After fiddling with the client configuration without success, I found 
> > out that using "ssh -1" made the client succeed.
> RSA1 keys won't be used on "-2" connections, they're protocol 1 only.
> So without "-1" you effectively do not *have* a key, and thus ssh won't
> ask you for a password.

However if you disable plain password in the client's configuration, no 
connection can be made using the auto-negotiated protocol, while the v1 
protocol would work just fine.

The problem seems to be that OpenSSH uses version numbers to decide 
about features, while an explicit feature list would be the way to go.
OpenSSH will never know all the implementations of the SSH protocol.


More information about the openssh-unix-dev mailing list