Bug#496746: pubkey auth non-functional on testing?
Package: openssh-client
Version: 1:5.1p1-2
Severity: normal
Hi,
after upgrading to the new openssh-* packages on Debian testing public
key auth is broken for me. It seems to be a client issue, since
it is independend of the ssh server version (Debian testing and stable):
liske@ijon:~$ slogin -v localhost
OpenSSH_5.1p1 Debian-2, OpenSSL 0.9.8g 19 Oct 2007
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to localhost [127.0.0.1] port 22.
debug1: Connection established.
debug1: identity file /home/liske/.ssh/identity type -1
debug1: identity file /home/liske/.ssh/id_rsa type -1
debug1: identity file /home/liske/.ssh/id_dsa type 2
debug1: Checking blacklist file /usr/share/ssh/blacklist.DSA-1024
debug1: Checking blacklist file /etc/ssh/blacklist.DSA-1024
debug1: Remote protocol version 2.0, remote software version
OpenSSH_5.1p1 Debian-2
debug1: match: OpenSSH_5.1p1 Debian-2 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.1p1 Debian-2
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'localhost' is known and matches the RSA host key.
debug1: Found key in /home/liske/.ssh/known_hosts:48
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Offering public key: /home/liske/.ssh/id_dsa
debug1: Server accepts key: pkalg ssh-dss blen 434
At this point the connection hangs. Using password authentication
works, "only" pubkey seems to be broken.
Regards,
Thomas Liske
-- System Information: Debian Release: lenny/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.6.22-4-686 (SMP w/2 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages openssh-client depends on:
ii adduser 3.110 add and remove users and groups
ii debconf [debconf-2.0] 1.5.22 Debian configuration management sy
ii dpkg 1.14.20 Debian package management system
ii libc6 2.7-13 GNU C Library: Shared libraries
ii libcomerr2 1.41.0-3 common error description library
ii libedit2 2.11~20080614-1 BSD editline and history libraries
ii libkrb53 1.6.dfsg.4~beta1-3 MIT Kerberos runtime libraries
ii libncurses5 5.6+20080804-1 shared libraries for terminal hand
ii libssl0.9.8 0.9.8g-13 SSL shared libraries
ii passwd 1:4.1.1-3 change and administer password and
ii zlib1g 1:1.2.3.3.dfsg-12 compression library - runtime
Versions of packages openssh-client recommends:
ii openssh-blacklist 0.4.1 list of default blacklisted OpenSS
pn openssh-blacklist-extra <none> (no description available)
ii xauth 1:1.0.3-2 X authentication utility
Versions of packages openssh-client suggests:
ii gtk-led-askpass [ssh-askpass] 0.10-2 GTK+ password dialog suitable for
pn keychain <none> (no description available)
ii libpam-ssh 1.91.0-9.3 enable SSO behavior for ssh and pa
ii ssh-askpass-gnome [ssh-askpas 1:5.1p1-2 interactive X program to prompt us
-- no debconf information
Reply to: