Your message dated Sun, 25 May 2008 21:06:35 +0100 with message-id <20080525200635.GT16645@riva.ucam.org> and subject line Re: Bug#481232: mysterious DSAAuthentication option found has caused the Debian Bug report #481232, regarding mysterious DSAAuthentication option found to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org immediately.) -- 481232: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=481232 Debian Bug Tracking System Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: mysterious DSAAuthentication option found
- From: martin f krafft <madduck@debian.org>
- Date: Wed, 14 May 2008 18:57:58 +0100
- Message-id: <[🔎] 20080514175758.GA7561@lapse.madduck.net>
Package: openssh-client Version: 1:4.7p1-8 Severity: normal I found the DSAAuthentication option in my .ssh/config, which is not or no longer documented in ssh_config(5). What's weird is that after removing all my DSA keys and using RSA for everything, setting it to no prevents logins. It appears that it has to be set to yes. Sounds fishy... -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.6.24-1+scoflowctrl.1-686 (SMP w/1 CPU core) Locale: LANG=en_GB, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages openssh-client depends on: ii adduser 3.107 add and remove users and groups ii debconf [debconf-2.0] 1.5.21 Debian configuration management sy ii dpkg 1.14.19 package maintenance system for Deb ii libc6 2.7-11 GNU C Library: Shared libraries ii libcomerr2 1.40.8-2 common error description library ii libedit2 2.9.cvs.20050518-4 BSD editline and history libraries ii libkrb53 1.6.dfsg.3-2 MIT Kerberos runtime libraries ii libncurses5 5.6+20080503-1 Shared libraries for terminal hand ii libssl0.9.8 0.9.8g-10 SSL shared libraries ii passwd 1:4.1.1-1 change and administer password and ii zlib1g 1:1.2.3.3.dfsg-12 compression library - runtime Versions of packages openssh-client recommends: ii xauth 1:1.0.3-1 X authentication utility -- no debconf information -- .''`. martin f. krafft <madduck@debian.org> : :' : proud Debian developer, author, administrator, and user `. `'` http://people.debian.org/~madduck - http://debiansystem.info `- Debian - when you have better things to do than fixing systemsAttachment: digital_signature_gpg.asc
Description: Digital signature (see http://martin-krafft.net/gpg/)
--- End Message ---
--- Begin Message ---
- To: 481232-done@bugs.debian.org
- Subject: Re: Bug#481232: mysterious DSAAuthentication option found
- From: Colin Watson <cjwatson@debian.org>
- Date: Sun, 25 May 2008 21:06:35 +0100
- Message-id: <20080525200635.GT16645@riva.ucam.org>
- In-reply-to: <[🔎] 20080514175758.GA7561@lapse.madduck.net>
- References: <[🔎] 20080514175758.GA7561@lapse.madduck.net>
On Wed, May 14, 2008 at 06:57:58PM +0100, martin f krafft wrote: > I found the DSAAuthentication option in my .ssh/config, which is not > or no longer documented in ssh_config(5). What's weird is that after > removing all my DSA keys and using RSA for everything, setting it to > no prevents logins. It appears that it has to be set to yes. Sounds > fishy... It's an alias for PubkeyAuthentication, presumably dating from a time when only DSA was supported for SSH protocol 2 (at a guess). Turning that off will indeed prevent authentication if you're relying on it, as many people do. I assume it's no longer documented because it doesn't make a lot of sense under that name any more! Cheers, -- Colin Watson [cjwatson@debian.org]
--- End Message ---