SSH-problem (3.4p1)

Uwe Schuerkamp uwe at schuerkamp.de
Wed Jul 10 08:24:01 CEST 2002 

Hallo Liste, 

ich habe einige Rechner auf openssh 3.4p1 geupdated und dabei auf einem
Red Hat 6.2-System ein Problem bekommen. 

Sowohl client (Mandrake 8.2) und server nutzen diese Openssh-Version. 
wenn ich nun einen key des clients im authorized_keys[2] file des
servers hinterlege, klappt zwar der login, aber die Verbindung wird
sorfort beendet (hier der ssh -v output): 

# ssh  -v meinrechner 
OpenSSH_3.4p1, SSH protocols 1.5/2.0, OpenSSL 0x0090581f
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: ssh_connect: needpriv 0
debug1: Connecting to meinrechner [10.0.0.2] port 22.
debug1: Connection established.
debug1: identity file /var/config/mrtg/.ssh/identity type 0
debug1: identity file /var/config/mrtg/.ssh/id_rsa type -1
debug1: identity file /var/config/mrtg/.ssh/id_dsa type 2
debug1: Remote protocol version 1.99, remote software version OpenSSH_3.4p1
debug1: match: OpenSSH_3.4p1 pat OpenSSH*
Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_3.4p1
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: dh_gen_key: priv key bits set: 139/256
debug1: bits set: 1613/3191
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'deniol01' is known and matches the RSA host key.
debug1: Found key in /var/config/mrtg/.ssh/known_hosts:24
debug1: bits set: 1621/3191
debug1: ssh_rsa_verify: signature correct
debug1: kex_derive_keys
debug1: newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: waiting for SSH2_MSG_NEWKEYS
debug1: newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: done: ssh_kex2.
debug1: send SSH2_MSG_SERVICE_REQUEST
debug1: service_accept: ssh-userauth
debug1: got SSH2_MSG_SERVICE_ACCEPT
debug1: authentications that can continue: publickey,password,keyboard-interactive
debug1: next auth method to try is publickey
debug1: try privkey: /var/config/mrtg/.ssh/id_rsa
debug1: try pubkey: /var/config/mrtg/.ssh/id_dsa
debug1: input_userauth_pk_ok: pkalg ssh-dss blen 435 lastkey 0x80937b0 hint 2
debug1: read PEM private key done: type DSA
debug1: ssh-userauth2 successful: method publickey
debug1: channel 0: new [client-session]
debug1: send channel open 0
debug1: Entering interactive session.
debug1: channel_free: channel 0: client-session, nchannels 1
Connection to meinrechner closed by remote host.
Connection to meinrechner closed.
debug1: Transferred: stdin 0, stdout 0, stderr 79 bytes in 0.0 seconds
debug1: Bytes per second: stdin 0.0, stdout 0.0, stderr 210692.4
debug1: Exit status -1


Wenn ich jetzt die authorized_keys[2] umbenenne, kann ich mich wieder
normal nach Angabe des Passwortes einloggen. Die Permissions auf dem
server stimmen wohl auch: 700 fuer ~.ssh, 600 fuer die authorized_key*
files. 

Hat eventuell jemand eine Idee, woran das liegen koennte? 

-- 
Uwe Schuerkamp               Tel: +49 (0)5241 / 80 10 66, FAX: / 806 23 38
Uwe.Schuerkamp at nionex.net       Nionex GmbH, IWN5  (http://www.nionex.de/)
GnuPG KeyID: 5887047D                 Avenwedder Str. 55, 33311 Guetersloh
GnuPG Fingerprint:         2E 13 20 22 9A 3F 63 7F 67 6F E9 B1 A8 36 A4 61

More information about the Linux mailing list