Public bug reported: Binary package hint: openssh-client
When trying to connect between a Dapper client and a Solaris 10 server using Kerberos 5 GSSAPI, negotation fails during gss_init_sec_context: $ ssh -v XXXX.mit.edu OpenSSH_4.2p1 Debian-7ubuntu3, OpenSSL 0.9.8a 11 Oct 2005 debug1: Reading configuration data /home/sit/.ssh/config debug1: Applying options for *.mit.edu debug1: Applying options for * debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug1: Connecting to XXXX.mit.edu [128.30.XXX.YYY] port 22. debug1: Connection established. debug1: identity file /home/sit/.ssh/identity type -1 debug1: identity file /home/sit/.ssh/id_rsa type 1 debug1: identity file /home/sit/.ssh/id_dsa type -1 debug1: Remote protocol version 2.0, remote software version Sun_SSH_1.1 debug1: no match: Sun_SSH_1.1 debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_4.2p1 Debian-7ubuntu3 debug1: Offering GSSAPI proposal: gss-group1-sha1-toWM5Slw5Ew8Mqkay+al2g==,gss-group1-sha1-A/vxljAEU54gt9a48EiANQ== debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server->client aes128-cbc hmac-md5 none debug1: kex: client->server aes128-cbc hmac-md5 none debug1: Calling gss_init_sec_context debug1: Delegating credentials debug1: Received KEXGSS_HOSTKEY debug1: Calling gss_init_sec_context debug1: Delegating credentials debug1: A token was invalid No error gss_init_context failed This appears to be the same problem as described in http://thread.gmane.org/gmane.comp.encryption.kerberos.devel/3373 http://thread.gmane.org/gmane.comp.encryption.kerberos.devel/3375 The developer suggests that perhaps the problem is due to a bug in the OpenSSH patch and handling the HOSTKEY message; the messages in the thread suggest that the problem is fixed in a version of the patch by 26 sep 2005. However, the last mention of the patch in the dapper changelog is dated 14 sep 2005. Perhaps pulling up the latest version of the patch will solve the problem. I haven't tested with edgy, any OpenSSH 4.3 builds, or ssh-krb5 packages. ** Affects: openssh (Ubuntu) Importance: Untriaged Status: Unconfirmed -- Problem negotiation GSSAPI with Solaris 10 sshd https://launchpad.net/bugs/60421 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
