SUMMARY :RE: SSH is broke

From: Rich Bonfoey <Rich.Bonfoey_at_thenewstribune.com>
Date: Mon Dec 19 2005 - 18:29:21 EST
Thanks for your help.  I finally found it and I need to get my seeing eye
dog upgraded.  One of the things I checked initially was the root
permissions for 755 , didn't even see that  owner was not root.  Changed and
all worked fine

Many thanks to
Crist Clark - got me going in the right direction
Darren Dunham - With the tip "permissions"
Will Deny
Dan Stromberg


Rich 

-----Original Message-----
From: Rich Bonfoey 
Sent: Monday, December 19, 2005 2:11 PM
To: 'Sun Managers (sunmanagers@sunmanagers.org)'
Subject: SSH is broke

I have 2 Solaris 9 systems that had SSH working fine untill a few days ago.
The local system can connect without  having to be enter a password .  The
remote system can not connect unless it enters a password.  At first we
thought keys were corrupt , so new ones were created.  Symptom still
persists.  

Tried a second system and same conditions occurred.  Local can connect ,
remote cannot.

I ran ssh with debug on and here is the outcome.  Any clues and or help is
greatly appreciated.  T

thorin[root]187: !!
ssh -v -v -v tnt-pbs
SSH Version Sun_SSH_1.0, protocol versions 1.5/2.0.
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: ssh_connect: getuid 0 geteuid 0 anon 0
debug1: Connecting to tnt-pbs [10.200.10.111] port 22.
debug1: Allocated local port 1023.
debug1: Connection established.
debug1: identity file //.ssh/identity type 3
debug1: Bad RSA1 key file //.ssh/id_rsa.
debug1: identity file //.ssh/id_rsa type 3
debug1: Bad RSA1 key file //.ssh/id_dsa.
debug1: identity file //.ssh/id_dsa type 3
debug1: Remote protocol version 2.0, remote software version Sun_SSH_1.0.1
debug1: match: Sun_SSH_1.0.1 pat ^Sun_SSH_1\.0
Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-Sun_SSH_1.0
debug1: sent kexinit: diffie-hellman-group1-sha1
debug1: sent kexinit: ssh-rsa,ssh-dss
debug1: sent kexinit: aes128-cbc,blowfish-cbc,3des-cbc,rijndael128-cbc
debug1: sent kexinit: aes128-cbc,blowfish-cbc,3des-cbc,rijndael128-cbc
debug1: sent kexinit: hmac-sha1,hmac-md5
debug1: sent kexinit: hmac-sha1,hmac-md5
debug1: sent kexinit: none
debug1: sent kexinit: none
debug1: sent kexinit:
debug1: sent kexinit:
debug1: send KEXINIT
debug1: done
debug1: wait KEXINIT
debug1: got kexinit: diffie-hellman-group1-sha1
debug1: got kexinit: ssh-rsa,ssh-dss
debug1: got kexinit: aes128-cbc,blowfish-cbc,3des-cbc
debug1: got kexinit: aes128-cbc,blowfish-cbc,3des-cbc
debug1: got kexinit: hmac-sha1,hmac-md5
debug1: got kexinit: hmac-sha1,hmac-md5
debug1: got kexinit: none,zlib
debug1: got kexinit: none,zlib
debug1: got kexinit: C,geo,lcttab,iso_8859_1
debug1: got kexinit: C,geo,lcttab,iso_8859_1
debug1: first kex follow: 0
debug1: reserved: 0
debug1: done
debug2: mac_init: found hmac-sha1
debug1: kex: server->client unable to decide common locale
debug1: kex: server->client aes128-cbc hmac-sha1 none
debug2: mac_init: found hmac-sha1
debug1: kex: client->server unable to decide common locale
debug1: kex: client->server aes128-cbc hmac-sha1 none
debug1: Sending SSH2_MSG_KEXDH_INIT.
debug1: bits set: 491/1024
debug1: Wait SSH2_MSG_KEXDH_REPLY.
debug1: Got SSH2_MSG_KEXDH_REPLY.
debug1: Host 'tnt-pbs' is known and matches the RSA host key.
debug1: Found key in //.ssh/known_hosts:1
debug1: bits set: 517/1024
debug1: ssh_rsa_verify: signature correct
debug1: Wait SSH2_MSG_NEWKEYS.
debug1: GOT SSH2_MSG_NEWKEYS.
debug1: send SSH2_MSG_NEWKEYS.
debug1: done: send SSH2_MSG_NEWKEYS.
debug1: done: KEX2.
debug1: send SSH2_MSG_SERVICE_REQUEST
debug1: service_accept: ssh-userauth
debug1: got SSH2_MSG_SERVICE_ACCEPT
debug1: authentications that can continue: publickey,password
debug3: start over, passed a different list
debug3: authmethod_lookup publickey
debug3: authmethod_is_enabled publickey
debug1: next auth method to try is publickey
debug1: key does not exist: //.ssh/identity
debug1: try pubkey: //.ssh/id_rsa
debug1: read SSH2 private key done: name rsa w/o comment success 1
debug3: sign_and_send_pubkey
debug2: ssh_rsa_sign: done
debug2: we sent a publickey packet, wait for reply
debug1: authentications that can continue: publickey,password
debug3: authmethod_lookup publickey
debug3: authmethod_is_enabled publickey
debug1: next auth method to try is publickey
debug1: try pubkey: //.ssh/id_dsa
debug1: read SSH2 private key done: name dsa w/o comment success 1
debug3: sign_and_send_pubkey
debug1: sig size 20 20
debug2: we sent a publickey packet, wait for reply
debug1: authentications that can continue: publickey,password
debug3: authmethod_lookup publickey
debug3: authmethod_is_enabled publickey
debug1: next auth method to try is publickey
debug2: we did not send a packet, disable method
debug3: authmethod_lookup publickey
debug3: authmethod_lookup password
debug3: authmethod_is_enabled password
debug1: next auth method to try is password
root@tnt-pbs's password:

Richard Bonfoey
The News Tribune
Information Systems
Successfully Meeting the Business Needs of
The News Tribune through Information Technology
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers
Received on Tue Dec 20 09:23:37 2005

This archive was generated by hypermail 2.1.8 : Thu Mar 03 2016 - 06:43:54 EST