Bug#710258: openssh-client: cannot connect with some config (regression)

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#710258: openssh-client: cannot connect with some config (regression)
From: Vincent Lefevre <vincent@vinc17.net>
Date: Wed, 29 May 2013 13:28:54 +0200
Message-id: <20130529112854.GA20126@ypig.lip.ens-lyon.fr>
Reply-to: Vincent Lefevre <vincent@vinc17.net>, 710258@bugs.debian.org

Package: openssh-client
Version: 1:6.2p2-3
Severity: important

There's a regression in openssh-client. I can no longer connect to
some account.

In particular, I have the following in my .ssh/config file:

IdentityFile ~/.ssh/id_rsa-internal
IdentityFile ~/.ssh/id_rsa

Host ens ssh.ens-lyon.fr
  Hostname ssh.ens-lyon.fr
  User vlefevre
  ProxyCommand none
  StrictHostKeyChecking yes

Host *.ens-lyon.fr
  User vlefevre
  StrictHostKeyChecking yes

$ ssh ens
no such identity: /home/vlefevre/.ssh/id_rsa-internal: No such file or directory
Permission denied (publickey,keyboard-interactive).

$ ssh -v ens
OpenSSH_6.2p2 Debian-3, OpenSSL 1.0.1e 11 Feb 2013
debug1: Reading configuration data /home/vlefevre/.ssh/config
debug1: /home/vlefevre/.ssh/config line 222: Applying options for ens
debug1: /home/vlefevre/.ssh/config line 378: Applying options for *
debug1: Control socket "/tmp/ssh-ssh.ens-lyon.fr-22-vlefevre" does not exist
debug1: Connecting to ssh.ens-lyon.fr [140.77.51.8] port 22.
debug1: Connection established.
debug1: identity file /home/vlefevre/.ssh/id_rsa-internal type -1
debug1: identity file /home/vlefevre/.ssh/id_rsa-internal-cert type -1
debug1: identity file /home/vlefevre/.ssh/id_rsa type 1
debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048
debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048
debug1: identity file /home/vlefevre/.ssh/id_rsa-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.2p2 Debian-3
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.0p1 Debian-4
debug1: match: OpenSSH_6.0p1 Debian-4 pat OpenSSH*
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-md5 none
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: RSA 1f:2a:11:b7:75:21:39:71:8c:b3:21:2d:52:c5:21:64
debug1: Host 'ssh.ens-lyon.fr' is known and matches the RSA host key.
debug1: Found key in /home/vlefevre/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /home/vlefevre/.ssh/id_rsa
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: Offering RSA public key: /home/vlefevre/.ssh/id_rsa-mutt
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: Offering RSA public key: /home/vlefevre/.ssh/id_rsa-svn
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: Trying private key: /home/vlefevre/.ssh/id_rsa-internal
no such identity: /home/vlefevre/.ssh/id_rsa-internal: No such file or directory
debug1: Next authentication method: keyboard-interactive
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: No more authentication methods to try.
Permission denied (publickey,keyboard-interactive).

But using "ssh ssh.ens-lyon.fr" is OK. Why?

Note: indeed, /home/vlefevre/.ssh/id_rsa-internal doesn't exist,
but why should this be a problem?

-- System Information:
Debian Release: jessie/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.8-2-amd64 (SMP w/8 CPU cores)
Locale: LANG=POSIX, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages openssh-client depends on:
ii  adduser           3.113+nmu3
ii  dpkg              1.16.10
ii  libc6             2.17-3
ii  libedit2          2.11-20080614-5
ii  libgssapi-krb5-2  1.10.1+dfsg-6
ii  libselinux1       2.1.13-2
ii  libssl1.0.0       1.0.1e-3
ii  passwd            1:4.1.5.1-1
ii  zlib1g            1:1.2.8.dfsg-1

Versions of packages openssh-client recommends:
ii  xauth  1:1.0.7-1

Versions of packages openssh-client suggests:
pn  keychain                 <none>
pn  libpam-ssh               <none>
pn  monkeysphere             <none>
ii  openssh-blacklist        0.4.1+nmu1
ii  openssh-blacklist-extra  0.4.1+nmu1
pn  ssh-askpass              <none>

-- no debconf information

Reply to:

Follow-Ups:
- Bug#710258: marked as done (openssh-client: cannot connect with some config (regression))
  - From: owner@bugs.debian.org (Debian Bug Tracking System)

Prev by Date: Bug#708372: don't say "100%" until the file is really fully transmitted
Next by Date: Bug#710258: marked as done (openssh-client: cannot connect with some config (regression))
Previous by thread: Re: Cloud hosting voor uw website
Next by thread: Bug#710258: marked as done (openssh-client: cannot connect with some config (regression))
Index(es):
- Date
- Thread