openssh 1.2.3-9.1 upgrade problem
today i noticed that openssh 1.2.3-9.1 for sparc was on security.debian.org, so i did an apt-get update and apt-get dselect-upgrade (from ssh 1:1.2.3-8.0.1). this appears to have been a bad decision. the only intervention required during the install was to state that i wanted to keep my current (working) sshd_config. after the server restarted, i was (and am) unable to log in using password auth. PasswordAuthentication is set to yes in sshd_config, the password is typed correctly, and i can successfully su to the user using this password. RhostsRSAAuthentication works...
the output from running sshd -d looks ok:
debug: sshd version OpenSSH-1.2.3
debug: Bind to port 22 on 0.0.0.0.
Server listening on 0.0.0.0 port 22.
Generating 768 bit RSA key.
RSA key generation complete.
debug: Server will not fork when running in debugging mode.
Connection from 192.168.128.169 port 794
debug: Client protocol version 1.5; client software version OpenSSH_2.2.0
debug: Sent 768 bit public key and 1024 bit host key.
debug: Encryption type: 3des
debug: Received session key; encryption turned on.
debug: Installing crc compensation attack detector.
debug: checking for shadow entry
debug: shadow entry found, verifying
debug: completed shadow checks
debug: Attempting authentication for dovienya.
Failed password for dovienya from 192.168.128.169 port 794
tried client version of SSH Version OpenSSH_2.2.0, protocol versions 1.5/2.0. and ssh: SSH Secure Shell 2.2.0 (non-commercial version) (1.2.x series)
have others noticed this? i've seen it on three sparclinux ultra1's at the moment, much to my chagrin. did i miss something important somewhere along the way? any help would be appreciated...
thanks!
andy
--
andy bezella "i'm easily distracted by shiny objects."
abezella@gmvnetwork.com - the tick
affiliation given for identification not representation
Reply to: