Re: resetting ssh after blacklist?

To: Debian-Users <debian-user@lists.debian.org>
Subject: Re: resetting ssh after blacklist?
From: Kenward Vaughan <kay_jay@earthlink.net>
Date: Wed, 06 Aug 2008 22:59:46 -0700
Message-id: <[🔎] 1218088786.5635.24.camel@hpotter.vaughan.home>
In-reply-to: <[🔎] 200808070824.26138.dawnlight@lavabit.com>
References: <[🔎] 1218086309.5635.17.camel@hpotter.vaughan.home> <[🔎] 200808070824.26138.dawnlight@lavabit.com>

On Thu, 2008-08-07 at 08:24 +0300, Shachar Or wrote:
> On Thursday 07 August 2008 08:18, Kenward Vaughan wrote:
> > Hi,
> >
> > Google isn't helping me right now with this, and the update notice
> > doesn't show a procedure, AFAICT, for redoing ssh between my gateway and
> > primary desktop at home.  The firewall/gateway allows connections only
> > from the desktop machine, and that is ssh.
> >
> > I regenerated rsa keys for myself, transported the public one to
> > ~/.ssh/authorized_keys on the gateway, and removed the known-hosts file.
> > I cannot connect.  The keys have password phrases attached as well.
> >
> > Would someone please help this "old fella" with the missing step?  I
> > touch that machine about once in a blue moon wrt this sort of thing, so
> > it's not second-nature to me.
> >
> > Thanks!
> >
> Try with ssh -v and paste it here, please.

see below...

The rsa file is the one placed onto the gateway.

----------------------------
daddy:~# ssh -v blackGate
OpenSSH_5.1p1 Debian-2, OpenSSL 0.9.8g 19 Oct 2007
debug1: Reading configuration data /home/daddy/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to blackGate [192.168.0.1] port 22.
debug1: Connection established.
debug1: identity file /home/daddy/.ssh/id_rsa type 1
debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048
debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048
debug1: identity file /home/daddy/.ssh/id_dsa type 2
debug1: Checking blacklist file /usr/share/ssh/blacklist.DSA-1024
debug1: Checking blacklist file /etc/ssh/blacklist.DSA-1024
debug1: Remote protocol version 2.0, remote software version
OpenSSH_4.3p2 Debian-9etch2
debug1: match: OpenSSH_4.3p2 Debian-9etch2 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.1p1 Debian-2
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'blackGate' is known and matches the RSA host key.
debug1: Found key in /home/daddy/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue:
publickey,keyboard-interactive,hostbased
debug1: Next authentication method: hostbased
debug1: permanently_drop_suid: 1000
ssh-keysign not enabled in /etc/ssh/ssh_config
ssh_msg_send: write
ssh_keysign: couldn't send request

10:53:55
daddy:~# 
----------------------------

????  I don't understand the "permanently_drop_suid: 1000" line (which refers to me...)


Kenward
-- 
If people are good only because they fear punishment, and hope for
reward, then we are a sorry lot indeed.   Albert Einstein

Reply to:

References:
- resetting ssh after blacklist?
  - From: Kenward Vaughan <kay_jay@earthlink.net>
- Re: resetting ssh after blacklist?
  - From: Shachar Or <dawnlight@lavabit.com>

Prev by Date: Re: resetting ssh after blacklist?
Next by Date: kontact calender export
Previous by thread: Re: resetting ssh after blacklist?
Next by thread: Re: resetting ssh after blacklist?
Index(es):
- Date
- Thread