Re: ssh
--- Marcelo Leal <leal@procergs.rs.gov.br> (2002-03-15 12:40):
> On Thu, 2002-03-14 at 23:18, Sean Quinlan wrote:
> > --- Marcelo Leal <leal@procergs.rs.gov.br> (2002-03-14 14:40):
> > > thanks for the response to my questions... thanks.
> > > i have one problem in my Debian box running unstable version... just ssh
> > > sessions to one machine, ask to me three passwords until ask the real
> > > password login... i have type 4 times my password...
> > > to another machines not... and other machine ssh to that machine, works
> > > fine too... the problem is this two box. The another machine is one
> > > FreeBSD 4.5.
> >
> > Try running ssh with the "-v" switch to see what's happening with the
> > ssh connection. Are your first passwords being accepted or rejected?
> > It could be a problem with ssh versions or any number of things... post
> > the results of "ssh -v" and we'll have a look.
>
> OpenSSH_3.0.2p1 Debian 1:3.0.2p1-6, SSH protocols 1.5/2.0, OpenSSL
> 0x0090603f
> debug1: Reading configuration data /etc/ssh/ssh_config
> debug1: Seeding random number generator
> debug1: Rhosts Authentication disabled, originating port will not be
> trusted.
> debug1: restore_uid
> debug1: ssh_connect: getuid 1000 geteuid 0 anon 1
> debug1: Connecting to 172.28.3.77 [172.28.3.77] port 22.
> debug1: temporarily_use_uid: 1000/1000 (e=0)
> debug1: restore_uid
> debug1: temporarily_use_uid: 1000/1000 (e=0)
> debug1: restore_uid
> debug1: Connection established.
> debug1: read PEM private key done: type DSA
> debug1: read PEM private key done: type RSA
> debug1: identity file /home/leal/.ssh/identity type 0
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> debug1: identity file /home/leal/.ssh/id_rsa type -1
> debug1: identity file /home/leal/.ssh/id_dsa type -1
> debug1: Remote protocol version 1.99, remote software version
> OpenSSH_2.9 FreeBSD localisations 20011202
> debug1: match: OpenSSH_2.9 FreeBSD localisations 20011202 pat ^OpenSSH
> Enabling compatibility mode for protocol 2.0
> debug1: Local version string SSH-2.0-OpenSSH_3.0.2p1 Debian 1:3.0.2p1-6
> debug1: SSH2_MSG_KEXINIT sent
> debug1: SSH2_MSG_KEXINIT received
> debug1: kex: server->client aes128-cbc hmac-md5 none
> debug1: kex: client->server aes128-cbc hmac-md5 none
> debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent
> debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
> debug1: dh_gen_key: priv key bits set: 118/256
> debug1: bits set: 1015/2049
> debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
> debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
> debug1: Host '172.28.3.77' is known and matches the DSA host key.
> debug1: Found key in /home/leal/.ssh/known_hosts:18
> debug1: bits set: 1022/2049
> debug1: ssh_dss_verify: signature correct
> debug1: kex_derive_keys
> debug1: newkeys: mode 1
> debug1: SSH2_MSG_NEWKEYS sent
> debug1: waiting for SSH2_MSG_NEWKEYS
> debug1: newkeys: mode 0
> debug1: SSH2_MSG_NEWKEYS received
> debug1: done: ssh_kex2.
> debug1: send SSH2_MSG_SERVICE_REQUEST
> debug1: service_accept: ssh-userauth
> debug1: got SSH2_MSG_SERVICE_ACCEPT
> debug1: authentications that can continue:
> publickey,password,keyboard-interactive
> debug1: next auth method to try is publickey
> debug1: try privkey: /home/leal/.ssh/id_rsa
> debug1: try privkey: /home/leal/.ssh/id_dsa
> debug1: next auth method to try is keyboard-interactive
> otp-md5 11 ma1746 ext
> S/Key Password:
>
> ......
It looks like its using protocol 1 first and then when it can't enter
with your old protocol 1 key, it uses protocol 2. Try connecting using
"ssh -2" and see if it asks for your password/passphrase 3 times like it
was originally.
Cheers,
Sean
--
Sean Quinlan (smq@gmx.co.uk)
I'm using Debian GNU/Linux Woody 3.0
Linux plato 2.4.16 #1 Sat Dec 8 22:01:29 GMT 2001 i686 unknown
Reply to:
- References:
- ssh
- From: Marcelo Leal <leal@procergs.rs.gov.br>
- Re: ssh
- From: Sean Quinlan <smq@gmx.co.uk>