On Wed, Apr 16, 2014 at 06:12:41AM -0500, Ed Ahlsen-Girard wrote:
> I added a second -current box to the house. Since the first (named
> FIRST below) had never had anywhere to ssh to, I created its first
> keypair.
>
> Now the Win7 laptop (LAPPER) running Putty has its connections to the
> first -current box dropped before authentication. The key from the
> laptop is still in authorized_keys. /etc/ssh/sshd_config has not
> changed. security, authorization and message log files have nothing
> to say about this. Dmesg and `tcpdump -o` output from the timeframe of a
> connect attempt are below.
Hi,
Is there a chance you haven't updated that version of PuTTY recently?
OpenSSH takes a hard line on insecure HMACs and I recently had to
update PuTTY on a work machine as it wouldn't connect to a new OpenBSD
snapshot installation from a couple weeks ago.
Force people to update software following insecure semantics rather than
make it easy to be lazy is the song and dance here.
Cheers,
-ryan
>
> --
>
> Edward Ahlsen-Girard
> Ft Walton Beach, FL
>
> OpenBSD 5.5-current (GENERIC.MP) #59: Mon Apr 7 22:49:12 MDT 2014
> dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
> real mem = 2094530560 (1997MB)
> avail mem = 2030067712 (1936MB)
> mpath0 at root
> scsibus0 at mpath0: 256 targets
> mainbus0 at root
> bios0 at mainbus0: SMBIOS rev. 2.5 @ 0xf06d0 (43 entries)
> bios0: vendor American Megatrends Inc. version "0504" date 10/05/2009
> bios0: ASUSTeK Computer INC. P-P5G41
> acpi0 at bios0: rev 2
> acpi0: sleep states S0 S1 S3 S4 S5
> acpi0: tables DSDT FACP APIC MCFG OEMB HPET GSCI SSDT
> acpi0: wakeup devices P0P2(S4) P0P3(S4) P0P1(S4) UAR1(S4) PS2K(S4)
> PS2M(S4) USB0(S4) USB1(S4) USB2(S4) USB3(S4) EUSB(S4) MC97(S4) P0P4(S4)
> P0P5(S4) P0P6(S4) P0P7(S4) [...] acpitimer0 at acpi0: 3579545 Hz, 24
> bits acpimadt0 at acpi0 addr 0xfee00000: PC-AT compat cpu0 at mainbus0:
> apid 0 (boot processor) cpu0: Intel(R) Core(TM)2 Duo CPU E7500 @
> 2.93GHz, 3520.38 MHz cpu0:
> FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,XSAVE,NXE,LONG,LAHF,PERF
> cpu0: 3MB 64b/line 8-way L2 cache cpu0: smt 0, core 0, package 0
> mtrr: Pentium Pro MTRR support, 8 var ranges, 88 fixed ranges
> cpu0: apic clock running at 266MHz
> cpu0: mwait min=64, max=64, C-substates=0.2.2.2.2, IBE
> cpu1 at mainbus0: apid 1 (application processor)
> cpu1: Intel(R) Core(TM)2 Duo CPU E7500 @ 2.93GHz, 2933.30 MHz
> cpu1:
> FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,XSAVE,NXE,LONG,LAHF,PERF
> cpu1: 3MB 64b/line 8-way L2 cache cpu1: smt 0, core 1, package 0
> ioapic0 at mainbus0: apid 2 pa 0xfec00000, version 20, 24 pins
> acpimcfg0 at acpi0 addr 0xf0000000, bus 0-63
> acpihpet0 at acpi0: 14318179 Hz
> acpiprt0 at acpi0: bus 0 (PCI0)
> acpiprt1 at acpi0: bus -1 (P0P2)
> acpiprt2 at acpi0: bus -1 (P0P3)
> acpiprt3 at acpi0: bus 3 (P0P4)
> acpiprt4 at acpi0: bus -1 (P0P5)
> acpiprt5 at acpi0: bus 2 (P0P6)
> acpiprt6 at acpi0: bus 1 (P0P7)
> acpicpu0 at acpi0: C2, C1, PSS
> acpicpu1 at acpi0: C2, C1, PSS
> aibs0 at acpi0 RTMP RVLT RFAN GGRP GITM SITM
> aibs0: FSIF: invalid package
> acpibtn0 at acpi0: PWRB
> cpu0: Enhanced SpeedStep 3520 MHz: speeds: 2936, 2670, 2403, 2136,
> 1870, 1603 MHz pci0 at mainbus0 bus 0
> pchb0 at pci0 dev 0 function 0 "Intel G41 Host" rev 0x03
> vga1 at pci0 dev 2 function 0 "Intel G41 Video" rev 0x03
> intagp0 at vga1
> agp0 at intagp0: aperture at 0xe0000000, size 0x10000000
> inteldrm0 at vga1
> drm0 at inteldrm0
> inteldrm0: 1280x768
> wsdisplay0 at vga1 mux 1: console (std, vt100 emulation)
> wsdisplay0: screen 1-5 added (std, vt100 emulation)
> "Intel G41 Video" rev 0x03 at pci0 dev 2 function 1 not configured
> azalia0 at pci0 dev 27 function 0 "Intel 82801GB HD Audio" rev 0x01: msi
> azalia0: codecs: Realtek ALC888
> audio0 at azalia0
> ppb0 at pci0 dev 28 function 0 "Intel 82801GB PCIE" rev 0x01: msi
> pci1 at ppb0 bus 3
> ppb1 at pci0 dev 28 function 2 "Intel 82801GB PCIE" rev 0x01: msi
> pci2 at ppb1 bus 2
> re0 at pci2 dev 0 function 0 "Realtek 8168" rev 0x02: RTL8168C/8111C
> (0x3c00), msi, address 48:5b:39:c5:63:95 rgephy0 at re0 phy 7:
> RTL8169S/8110S PHY, rev. 2 ppb2 at pci0 dev 28 function 3 "Intel
> 82801GB PCIE" rev 0x01: msi pci3 at ppb2 bus 1
> vendor "VIA", unknown product 0x3401 (class serial bus subclass
> Firewire, rev 0x00) at pci3 dev 0 function 0 not configured vendor
> "VIA", unknown product 0x401a (class mass storage subclass
> miscellaneous, rev 0x00) at pci3 dev 0 function 1 not configured sdhc0
> at pci3 dev 0 function 2 vendor "VIA", unknown product 0x401b rev 0x00:
> apic 2 int 19 sdhc0 at 0x10: can't map registers uhci0 at pci0 dev 29
> function 0 "Intel 82801GB USB" rev 0x01: apic 2 int 23 uhci1 at pci0
> dev 29 function 1 "Intel 82801GB USB" rev 0x01: apic 2 int 19 uhci2 at
> pci0 dev 29 function 2 "Intel 82801GB USB" rev 0x01: apic 2 int 18
> uhci3 at pci0 dev 29 function 3 "Intel 82801GB USB" rev 0x01: apic 2
> int 16 ehci0 at pci0 dev 29 function 7 "Intel 82801GB USB" rev 0x01:
> apic 2 int 23 usb0 at ehci0: USB revision 2.0 uhub0 at usb0 "Intel EHCI
> root hub" rev 2.00/1.00 addr 1 ppb3 at pci0 dev 30 function 0 "Intel
> 82801BA Hub-to-PCI" rev 0xe1 pci4 at ppb3 bus 4 pcib0 at pci0 dev 31
> function 0 "Intel 82801GB LPC" rev 0x01 pciide0 at pci0 dev 31 function
> 1 "Intel 82801GB IDE" rev 0x01: DMA, channel 0 configured to
> compatibility, channel 1 configured to compatibility pciide0: channel 0
> disabled (no drives) pciide0: channel 1 disabled (no drives) pciide1 at
> pci0 dev 31 function 2 "Intel 82801GB SATA" rev 0x01: DMA, channel 0
> configured to native-PCI, channel 1 configured to native-PCI pciide1:
> using apic 2 int 19 for native-PCI interrupt wd0 at pciide1 channel 0
> drive 0: <SAMSUNG HM641JI> wd0: 16-sector PIO, LBA48, 610480MB,
> 1250263728 sectors atapiscsi0 at pciide1 channel 0 drive 1 scsibus1 at
> atapiscsi0: 2 targets cd0 at scsibus1 targ 0 lun 0: <TEAC, DV-W524GS,
> BT11> ATAPI 5/cdrom removable wd0(pciide1:0:0): using PIO mode 4,
> BT11> Ultra-DMA mode 6
> cd0(pciide1:0:1): using PIO mode 4, Ultra-DMA mode 5
> ichiic0 at pci0 dev 31 function 3 "Intel 82801GB SMBus" rev 0x01: apic
> 2 int 19 iic0 at ichiic0
> spdmem0 at iic0 addr 0x50: 1GB DDR2 SDRAM non-parity PC2-5300CL5
> spdmem1 at iic0 addr 0x52: 1GB DDR2 SDRAM non-parity PC2-5300CL5
> usb1 at uhci0: USB revision 1.0
> uhub1 at usb1 "Intel UHCI root hub" rev 1.00/1.00 addr 1
> usb2 at uhci1: USB revision 1.0
> uhub2 at usb2 "Intel UHCI root hub" rev 1.00/1.00 addr 1
> usb3 at uhci2: USB revision 1.0
> uhub3 at usb3 "Intel UHCI root hub" rev 1.00/1.00 addr 1
> usb4 at uhci3: USB revision 1.0
> uhub4 at usb4 "Intel UHCI root hub" rev 1.00/1.00 addr 1
> isa0 at pcib0
> isadma0 at isa0
> com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
> pckbc0 at isa0 port 0x60/5
> pckbd0 at pckbc0 (kbd slot)
> pckbc0: using irq 1 for kbd slot
> wskbd0 at pckbd0: console keyboard, using wsdisplay0
> pcppi0 at isa0 port 0x61
> spkr0 at pcppi0
> it0 at isa0 port 0x2e/2: IT8720F rev 2, EC port 0x290
> ulpt0 at uhub0 port 1 configuration 1 interface 1 "EPSON EPSON WF-3530
> Series" rev 2.00/1.00 addr 2 ulpt0: using bi-directional mode
> umass0 at uhub0 port 1 configuration 1 interface 2 "EPSON EPSON WF-3530
> Series" rev 2.00/1.00 addr 2 umass0: using SCSI over Bulk-Only
> scsibus2 at umass0: 2 targets, initiator 0
> sd0 at scsibus2 targ 1 lun 0: <EPSON, Storage, 1.00> SCSI2 0/direct
> removable sd1 at scsibus2 targ 1 lun 1: <EPSON, Storage, 1.00> SCSI2
> 0/direct removable sd1: 959MB, 512 bytes/sector, 1965056 sectors
> sd2 at scsibus2 targ 1 lun 2: <EPSON, Storage, 1.00> SCSI2 0/direct
> removable ugen0 at uhub0 port 1 configuration 1 "EPSON EPSON WF-3530
> Series" rev 2.00/1.00 addr 2 uhidev0 at uhub2 port 1 configuration 1
> interface 0 "Logitech Trackball" rev 1.10/2.20 addr 2 uhidev0: iclass
> 3/1 ums0 at uhidev0: 3 buttons, Z dir
> wsmouse0 at ums0 mux 0
> vscsi0 at root
> scsibus3 at vscsi0: 256 targets
> softraid0 at root
> scsibus4 at softraid0: 256 targets
> root on wd0a (a329d27060a8eeae.a) swap on wd0b dump on wd0b
>
> tcpdump: listening on re0, link-type EN10MB
> tcpdump: WARNING: compensating for unaligned libpcap packets
> 06:00:00.362536 LAPPER.netbios-ns > 192.168.0.255.netbios-ns: udp 50
> E..N.P.........n.........:...V..........
> FHFAEBEECACACACACACACACACACACAAA.. .. 06:00:01.474372
> FIRST.pn.at.cox.net.39775 > triangle.kansas.net.ntp: v4 client strat 0
> poll 0 prec 0 [tos 0x10]
> E..L@...@..u...d@...._.{.8.b#............................................aU.
> 06:00:01.518916 triangle.kansas.net.ntp > FIRST.pn.at.cox.net.39775: v4
> server strat 2 poll 3 prec -21 (DF)
> E..L..@.7...@......d.{._.8..$.....
> x...2.......c.QH......aU....1~.~*...1~... 06:00:02.093933
> FIRST.pn.at.cox.net.16730 > warpcore.domain: 57788+ PTR?
> 6.144.6.64.in-addr.arpa. (41)
> e..e....@.yc...d....az.5.1...............6.144.6.64.in-addr.arpa.. ..
> 06:00:02.125332 warpcore.domain > FIRST.pn.at.cox.net.16730: 57788 1/0/0
> PTR triangle.kansas.net. (74) (DF)
> E..f..@.@..........d.5AZ.R.n.............6.144.6.64.in-addr.arpa.. ... .
> ..../*...triangle.kansas.net.
> 06:00:02.125585 FIRST.pn.at.cox.net.22943 > warpcore.domain: 14046+ PTR?
> 1.0.168.192.in-addr.arpa. (42)
> E..F. ..@......d....Y..5.2..6............1.0.168.192.in-addr.arpa.. ..
> 06:00:02.126079 warpcore.domain > FIRST.pn.at.cox.net.22943: 14046*
> 1/0/0 PTR warpcore. (64) (DF)
> E..\..@.@..........d.5Y..Hm.6............1.0.168.192.in-addr.arpa.. ... .
> .......
> .warpcore.
> 06:00:03.240413 LAPPER.49185 > FIRST.pn.at.cox.net.ssh: S (src OS:
> Windows Vista) 597240876:597240876(0) win 8192 <mss 1460,nop,wscale
> 2,nop,nop,sackOK> (DF)
> e.....@...ub...n...d.!..#.,,...... ................. 06:00:03.240479
> FIRST.pn.at.cox.net.ssh > LAPPER.49185: S 778486018:778486018(0) ack
> 597240877 win 16384 <mss 1460,nop,nop,sackOK,nop,wscale 3> (DF)
> E..4..@.@......d...n...!.f..#.,-..@..{.............. 06:00:03.245664
> LAPPER.49185 > FIRST.pn.at.cox.net.ssh: . ack 1 win 16425 (DF)
> E..(.`@...uM...n...d.!..#.,-.f..P.@). .... 06:00:03.246224
> LAPPER.49185 > FIRST.pn.at.cox.net.ssh: P 1:29(28) ack 1 win 16425 (DF)
> E..D.a@...u0...n...d.!..#.,-.f..P.@)....SSH-2.0-PuTTY_Release_0.62
>
> 06:00:03.252793 FIRST.pn.at.cox.net.ssh > LAPPER.49185: P 1:22(21) ack
> 29 win 2186 (DF)
> E..=..@.@......d...n...!.f..#.,IP....R..SSH-2.0-OpenSSH_6.6
>
> 06:00:03.258324 LAPPER.49185 > FIRST.pn.at.cox.net.ssh: P 29:541(512)
> ack 22 win 16419 (DF)
> E..(.b...@...sk...n...d.!..#.,I.f..P.@#.......|....:./M....(..C.B....diffie-hellman-group-exchange-sha256
> 06:00:03.258361 FIRST.pn.at.cox.net.ssh > LAPPER.49185: P 22:902(880)
> ack 541 win 2126 (DF)
> E.....@.@......d...n...!.f..#..ip..n.......l...w....@...hc`.
>
> #....curve25519-sha...@libssh.org,ecdh-sh
> 06:00:03.258705 LAPPER.49185 > FIRST.pn.at.cox.net.ssh: P 541:669(128)
> ack 22 win 16419 (DF)
> E....c@...t....n...d.!..#..I.f..P.@#s1..56,arcfour128....hmac-sha1,hmac-sha1-96,hmac-md5....hmac-sha1,
> 06:00:03.259247 FIRST.pn.at.cox.net.ssh > LAPPER.49185: F 902:902(0)
> ack 669 win 2190 (DF) E..(./@.@..}...d...n...!.f..#...P....=..
> 06:00:03.262007 LAPPER.49185 > FIRST.pn.at.cox.net.ssh: . ack 903 win
> 16199 (DF) E..(.d...@...ui...n...d.!..#....f..P.?G...... 06:00:03.262544
> LAPPER.49185 > FIRST.pn.at.cox.net.ssh: P 669:685(16) ack 903 win 16199
> (DF) E..8.e@...u8...n...d.!..#....f..P.?G_...... ......E....>
> 06:00:03.262569 FIRST.pn.at.cox.net.ssh > LAPPER.49185: R
> 778486921:778486921(0) win 0 (DF)
> E..(..@.@......d...n...!.f......P...z... 06:00:03.263112 LAPPER.49185
> > FIRST.pn.at.cox.net.ssh: F 685:685(0) ack 903 win 16199 (DF)
> > E..(.f...@...ug...n...d.!..#....f..P.?G......
> 06:00:03.263131 FIRST.pn.at.cox.net.ssh > LAPPER.49185: R
> 778486921:778486921(0) win 0 (DF)
> E..(.r@.@..:...d...n...!.f......P...z... 06:00:03.459538
> LAPPER.netbios-dgm > 192.168.0.255.netbios-dgm: udp 201
> E....g.........n...............X...n......
> EFEECNFGEBEJEPCACACACACACACACACA. FHEPFCELEHFCEPFFFACACACAC
> 06:00:08.516937 FIRST.pn.at.cox.net.13091 >
> ntp1.Housing.Berkeley.EDU.ntp: v4 client strat 0 poll 0 prec 0 [tos
> 0x10]
> ...Lg...@.a2...d..F.3#.{.8..#.........................................<j..
> 06:00:08.587566 ntp1.Housing.Berkeley.EDU.ntp >
> FIRST.pn.at.cox.net.13091: v4 server strat 2 poll 3 prec -24
> (DF) ....8.......8......d.{3#.8.W$............ .7....-.u...<j..
> 06:00:09.116520 FIRST.pn.at.cox.net.1451 > warpcore.domain: 11394+ PTR?
> 183.70.229.169.in-addr.arpa. (45)
> E..I. ....d.......5.5..,............183.70.229.169.in-addr.arpa.. ..
> 06:00:09.147703 warpcore.domain > FIRST.pn.at.cox.net.1451: 11394 1/0/0
> PTR[|domain]
> (DF)E..p..@.@..........d.5...\X.,............183.70.229.169.in-addr.arpa.. ...
> .
>
> .........ntp1.Housing.Ber
> 06:00:09.595915 FIRST.pn.at.cox.net.10896 > 142.54.181.202.ntp: v4
> client strat 0 poll 0 prec 0 [tos 0x10]
> E..L!`..@.T$...d.6..*..{.8.W#.......................................0.b....g
> 06:00:09.657327 142.54.181.202.ntp > FIRST.pn.at.cox.net.10896: v4
> server strat 2 poll 3 prec -22 (DF)
> E..L..@.6.?..6.....d.{*..8.r$...........@q .....un..0.b....g...9.71....9.7.+
> 06:00:10.145540 FIRST.pn.at.cox.net.29389 > warpcore.domain: 17649+ PTR?
> 202.181.54.142.in-addr.arpa. (45)
> e..i....@.jd...d....r..5.5..d............202.181.54.142.in-addr.arpa.. ..
> 06:00:10.177726 warpcore.domain > FIRST.pn.at.cox.net.29389: 17649
> NXDomain 0/1/0 (125) (DF)
> E.....@.@..........d.5r....LD............202.181.54.142.in-addr.arpa..
> .............D.rdns1
> datashack. ^C 30 packets received by filter 0 packets dropped by kernel
