Mailing List Archive: problems logging in from 1.2.2 client to 1.2.1pre24 server

problems logging in from 1.2.2 client to 1.2.1pre24 server

Marc.Haber-lists at gmx

Jan 29, 2000, 7:20 AM

Post #1 of 8 (1370 views)

Hi!

On my personal workstation, I have installed openssh 1.2.2. I have two
server machines, one (A) running a self-compiled openssh 1.2.1pre24,
and a different one (B) running an openssh1.2.1pre24 compiled by
someone else.

While I can perfectly log in to A, logging in to B fails:
|mh@leona[32/532]:~$ ssh haber@b
|ssh_exchange_identification: read: Success
|mh@leona[33/533]:~$

So, I started a debugging sshd on B and tried to log in to B:
|mh@leona[34/534]:~$ ssh -p 10022 haber@b
|ssh_exchange_identification: read: Success
|mh@leona[35/535]:~$

|haber@b:~ $ /usr/sbin/sshd -d -p 10022 -h test_host_key
|debug: sshd version OpenSSH-1.2.1
|Server listening on port 10022.
|Generating 768 bit RSA key.
|RSA key generation complete.
|debug: Server will not fork when running in debugging mode.
|haber@b:~ $

What's going on here? Any ideas?

Greetings
Marc

--
-------------------------------------- !! No courtesy copies, please !! -----
Marc Haber | " Questions are the | Mailadresse im Header
Karlsruhe, Germany | Beginning of Wisdom " | Fon: *49 721 966 32 15
Nordisch by Nature | Lt. Worf, TNG "Rightful Heir" | Fax: *49 721 966 31 29

Re: problems logging in from 1.2.2 client to 1.2.1pre24 server [ In reply to ]

Feb 1, 2000, 4:15 AM

Post #2 of 8 (1362 views)

On Sat, 29 Jan 2000, Marc Haber wrote:

> Hi!
>
> On my personal workstation, I have installed openssh 1.2.2. I
> have two server machines, one (A) running a self-compiled openssh
> 1.2.1pre24, and a different one (B) running an openssh1.2.1pre24
> compiled by someone else.

What Platform & OS? what options was OpenSSH complied with?

Damien

--
| "Bombay is 250ms from New York in the new world order" - Alan Cox
| Damien Miller - http://www.mindrot.org/
| Email: djm@mindrot.org (home) -or- djm@ibs.com.au (work)

Re: problems logging in from 1.2.2 client to 1.2.1pre24 server [ In reply to ]

Marc.Haber-lists at gmx

Feb 1, 2000, 2:32 PM

Post #3 of 8 (1360 views)

On Tue, 1 Feb 2000 23:15:39 +1100 (EST), you wrote:
>On Sat, 29 Jan 2000, Marc Haber wrote:
>> On my personal workstation, I have installed openssh 1.2.2. I
>> have two server machines, one (A) running a self-compiled openssh
>> 1.2.1pre24, and a different one (B) running an openssh1.2.1pre24
>> compiled by someone else.
>
>What Platform & OS?

All three boxes are running Debian Linux on i386 type machines, fairly
standard PC hardware. My personal machine is running the frozen beta
version of Debian, potato, and the two servers run the stable released
version of debian, slink.

>what options was OpenSSH complied with?

Can't say about the server boxes, on my client box I did a plain
configure.

I found out today that I can log in to both boxes using RSA
authentication, but login to one of the servers still fails when I try
to do plain password authentication. The error message is somewhat
strange.

Greetings
Marc

--
-------------------------------------- !! No courtesy copies, please !! -----
Marc Haber | " Questions are the | Mailadresse im Header
Karlsruhe, Germany | Beginning of Wisdom " | Fon: *49 721 966 32 15
Nordisch by Nature | Lt. Worf, TNG "Rightful Heir" | Fax: *49 721 966 31 29

Re: problems logging in from 1.2.2 client to 1.2.1pre24 server [ In reply to ]

Feb 1, 2000, 2:44 PM

Post #4 of 8 (1359 views)

>I found out today that I can log in to both boxes using RSA
>authentication, but login to one of the servers still fails when I try
>to do plain password authentication. The error message is somewhat
>strange.

Try enabling shadow passwords. I had the same problem on my debian linux
systems a while back, and enabling shadow passwords made the problem
go away.

Phil

Re: problems logging in from 1.2.2 client to 1.2.1pre24 server [ In reply to ]

Marc.Haber-lists at gmx

Feb 2, 2000, 12:21 AM

Post #5 of 8 (1359 views)

On Tue, 1 Feb 2000 14:44:27 -0800, you wrote:
>>I found out today that I can log in to both boxes using RSA
>>authentication, but login to one of the servers still fails when I try
>>to do plain password authentication. The error message is somewhat
>>strange.
>
>Try enabling shadow passwords.

Enabled on all three systems. Can this have something to do with
crypt(3)/MD5 password encryption? I don't know whether this is being
used on the server that doesn't allow me to log in using passwords.
However, PAM should handle that transparently, right?

Greetings
Marc

--
-------------------------------------- !! No courtesy copies, please !! -----
Marc Haber | " Questions are the | Mailadresse im Header
Karlsruhe, Germany | Beginning of Wisdom " | Fon: *49 721 966 32 15
Nordisch by Nature | Lt. Worf, TNG "Rightful Heir" | Fax: *49 721 966 31 29

Re: problems logging in from 1.2.2 client to 1.2.1pre24 server [ In reply to ]

Feb 2, 2000, 1:31 AM

Post #6 of 8 (1361 views)

On Wed, 2 Feb 2000, Marc Haber wrote:

> Enabled on all three systems. Can this have something to do with
> crypt(3)/MD5 password encryption? I don't know whether this is being
> used on the server that doesn't allow me to log in using passwords.
> However, PAM should handle that transparently, right?

It /should/ though I haven't really tries the generic PAM file on
Debian.

Phil Hands had Debian packages that were working OK - perhaps you
could nab the PAM config file from one of those.

Damien

--
| "Bombay is 250ms from New York in the new world order" - Alan Cox
| Damien Miller - http://www.mindrot.org/
| Email: djm@mindrot.org (home) -or- djm@ibs.com.au (work)

Re: problems logging in from 1.2.2 client to 1.2.1pre24 server [ In reply to ]

Marc.Haber-lists at gmx

Feb 4, 2000, 2:11 AM

Post #7 of 8 (1359 views)

On Wed, 2 Feb 2000 20:31:32 +1100 (EST), you wrote:
>Phil Hands had Debian packages that were working OK - perhaps you
>could nab the PAM config file from one of those.

He didn't update these in a long time :-(

1.2.1pre24 seem to be the latest...

Greetings
Marc

--
-------------------------------------- !! No courtesy copies, please !! -----
Marc Haber | " Questions are the | Mailadresse im Header
Karlsruhe, Germany | Beginning of Wisdom " | Fon: *49 721 966 32 15
Nordisch by Nature | Lt. Worf, TNG "Rightful Heir" | Fax: *49 721 966 31 29

Re: problems logging in from 1.2.2 client to 1.2.1pre24 server [ In reply to ]

Feb 8, 2000, 3:19 PM

Post #8 of 8 (1361 views)

Marc Haber <Marc.Haber-lists@gmx.de> writes:

> On Wed, 2 Feb 2000 20:31:32 +1100 (EST), you wrote:
> >Phil Hands had Debian packages that were working OK - perhaps you
> >could nab the PAM config file from one of those.
>
> He didn't update these in a long time :-(
>
> 1.2.1pre24 seem to be the latest...

Sorry, been busy --- you can expect an upload tonight (probably,
although I would have told you that a few days ago, and have been
lying --- things have been a bit mad around here of late. Damn
clients, who'd have 'em, eh? ;-).

Cheers, Phil.