Hi
I seem to have run into an incompatibility between SSH versions.
I have a Debian slink-based machine (running the Linux Router
Project) that I use as a server named "boonstra", and a workstation I
dual-boot with Win NT and Debian woody. Neither machine is using OpenSSH.
The server runs version 1.2.26, while the workstation is running version
1.2.27. Both claim to conform to v1.5 of the protocol.
I can ssh to the server from
(1) itself, using ssh 1.2.26
(2) my workstation in Win NT (using SecureCRT)
(3) an OpenStep machine, running v1.2.26
I can also ssh to the workstation from the server. However, I
cannot ssh to the server (v1.2.26) from my workstation (v1.2.27). Below my
signature, you will find logs from the daemon and "ssh -v" as well as full
dumps from a packet sniffer on the connection attempts.
The IP address is the same in WinNT mode as in Linux, so there's no
firewall on the server preventing logins. I have tried:
(1) Removing and regenerating /etc/ssh/
(2) Attempting to ssh from a newly created user ID w/ no ~/.ssh
(3) Removing known_hosts from the server
(4) Running the server's sshd in debug mode (with -d flag)
When I ran sshd in debug mode, it died when I tried to connect from the
workstation, with a complaint about not forking in debug mode. Fair enough,
perhaps.
So, I am now completely stumped! The fundamental issue, I suppose,
is why can I ssh in from WinNT, but not from Linux? Has anybody else got a
theory as to why this might be happening? Help!
Yours,
Brian
########################################
## Entries from /var/log/daemon.log ##
########################################
Apr 6 20:24:48 boonstra sshd[1809]: log: Connection
from 192.168.1.42 port 2599
Apr 6 20:25:03 boonstra sshd[1809]: log: Password
authentication for root accepted.
Apr 6 20:25:03 boonstra sshd[1809]: log: ROOT LOGIN
as 'root' from siddhartha.mathecho.net
Apr 6 20:34:42 boonstra sshd[1831]: refused connect
from mass.mathecho.net
Apr 6 20:38:50 boonstra sshd[1836]: log: Connection
from 64.34.25.33 port 1023
Apr 6 20:38:56 boonstra sshd[1836]: log: Password
authentication for root accepted.
Apr 6 20:38:56 boonstra sshd[1836]: log: ROOT LOGIN
as 'root' from boonstra.mathecho.net
Apr 6 20:39:21 boonstra sshd[1836]: log: Closing
connection to 64.34.25.33
##############################################
## Verbose Output, workstation --> server ##
##############################################
mass % ssh -v boonstra -l root
SSH Version 1.2.27 [i586-unknown-linux], protocol
version 1.5.
Standard version. Does not use RSAREF.
mass: Reading configuration data
/home/kickaha/.ssh/config
mass: Applying options for boonstra
mass: Reading configuration data
/etc/ssh-nonfree/ssh_config
mass: ssh_connect: getuid 1000 geteuid 0 anon 0
mass: Connecting to boonstra [192.168.1.1] port 22.
mass: Allocated local port 1023.
mass: Connection established.
Connection closed by foreign host.
zsh: 4500 exit 255 ssh -v boonstra -l root
mass %
########################################
## Verbose Output, server--> server ##
########################################
boonstra# ssh -v boonstra
SSH Version 1.2.26 [i686-unknown-linux], protocol
version 1.5.
Standard version. Does not use RSAREF.
boonstra: ssh_connect: getuid 0 geteuid 0 anon 0
boonstra: Connecting to boonstra [64.34.25.33] port
22.
boonstra: Allocated local port 1023.
boonstra: Connection established.
boonstra: Remote protocol version 1.5, remote software
version 1.2.26
boonstra: Waiting for server public key.
boonstra: Received server public key (768 bits) and
host key (1024 bits).
boonstra: Host 'boonstra' is known and matches the
host key.
boonstra: Initializing random; seed file
/root/.ssh/random_seed
boonstra: Encryption type: idea
boonstra: Sent encrypted session key.
boonstra: Installing crc compensation attack detector.
boonstra: Received encrypted confirmation.
boonstra: Remote: Server does not permit empty
password login.
boonstra: Trying rhosts or /etc/hosts.equiv with RSA
host authentication.
boonstra: Remote: Rhosts/hosts.equiv authentication
refused: client user 'root', server user 'root',
client host 'boonstra.mathecho.net'.
boonstra: Server refused our rhosts authentication or
host key.
boonstra: No agent.
boonstra: Doing password authentication.
root@boonstra's password:
boonstra: Requesting pty.
boonstra: Requesting shell.
boonstra: Entering interactive session.
Last login: Thu Apr 6 20:25:03 2000 from
siddhartha.mathecho.net
Linux Router boonstra 2.0.36 #2 Sat Oct 31 22:22:12
EST 1998
No mail.
Type in help if you are really lost
boonstra#
##################################
## Packet Sniffer on the server ##
##################################
boonstra# tcpdump -n -p -i eth1 host 192.168.1.69
tcpdump: listening on eth1
20:31:55.460000 192.168.1.69.1023 > 192.168.1.1.22: S
2260578688:2260578688(0) win 32120 <mss
1460,sackOK,timestamp 8173065[|tcp]> (DF)
20:31:55.460000 192.168.1.1.22 > 192.168.1.69.1023: S
633226525:633226525(0) ack 2260578689 win 16352 <mss
1460>
20:31:55.460000 192.168.1.69.1023 > 192.168.1.1.22: .
ack 1 win 32120 (DF)
20:32:00.540000 192.168.1.1.22 > 192.168.1.69.1023: F
1:1(0) ack 1 win 16352
20:32:00.540000 192.168.1.69.1023 > 192.168.1.1.22: .
ack 2 win 32120 (DF) [tos 0x10]
20:32:00.540000 192.168.1.69.1023 > 192.168.1.1.22: F
1:1(0) ack 2 win 32120 (DF) [tos 0x10]
20:32:00.540000 192.168.1.1.22 > 192.168.1.69.1023: .
ack 2 win 16351 (DF)
7 packets received by filter
0 packets dropped by kernel
########################################
## Packet Sniffer on the server again ##
########################################
boonstra# tcpdump -n -p -i eth1 host 192.168.1.69
tcpdump: listening on eth1
20:34:42.140000 192.168.1.69.1023 > 192.168.1.1.22: S
2427261543:2427261543(0) win 32120 <mss
1460,sackOK,timestamp 8189731[|tcp]> (DF)
20:34:42.140000 192.168.1.1.22 > 192.168.1.69.1023: S
754452197:754452197(0) ack 2427261544 win 16352 <mss
1460>
20:34:42.140000 192.168.1.69.1023 > 192.168.1.1.22: .
ack 1 win 32120 (DF)
20:34:47.220000 192.168.1.1.22 > 192.168.1.69.1023: F
1:1(0) ack 1 win 16352
20:34:47.220000 192.168.1.69.1023 > 192.168.1.1.22: .
ack 2 win 32120 (DF) [tos 0x10]
20:34:47.220000 192.168.1.69.1023 > 192.168.1.1.22: F
1:1(0) ack 2 win 32120 (DF) [tos 0x10]
20:34:47.220000 192.168.1.1.22 > 192.168.1.69.1023: .
ack 2 win 16351 (DF)
7 packets received by filter
0 packets dropped by kernel
boonstra#
########################################
## Packet Sniffer on the workstation ##
########################################
mass % sudo tcpdump -n -p host 192.168.1.1
Password:
tcpdump: listening on eth0
21:33:24.201584 arp who-has 192.168.1.1 tell
192.168.1.69
21:33:24.202106 arp reply 192.168.1.1 is-at
0:c0:f0:44:82:7d
21:33:39.271529 192.168.1.69.1023 > 192.168.1.1.22: S
2381677709:2381677709(0) win 32120 <mss
1460,sackOK,timestamp 8185173[|tcp]> (DF)
21:33:39.272758 192.168.1.1.22 > 192.168.1.69.1023: S
754324195:754324195(0) ack 2381677710 win 16352 <mss
1460>
21:33:39.272799 192.168.1.69.1023 > 192.168.1.1.22: .
ack 1 win 32120 (DF)
21:33:44.332951 192.168.1.1.22 > 192.168.1.69.1023: F
1:1(0) ack 1 win 16352
21:33:44.332993 192.168.1.69.1023 > 192.168.1.1.22: .
ack 2 win 32120 (DF) [tos 0x10]
21:33:44.333332 192.168.1.69.1023 > 192.168.1.1.22: F
1:1(0) ack 2 win 32120 (DF) [tos 0x10]
21:33:44.334396 192.168.1.1.22 > 192.168.1.69.1023: .
ack 2 win 16351 (DF)
21:34:04.914434 arp who-has 192.168.1.1 tell
192.168.1.144
21:34:24.855361 192.168.1.69.1023 > 192.168.1.1.22: S
2427261543:2427261543(0) win 32120 <mss
1460,sackOK,timestamp 8189731[|tcp]> (DF)
21:34:24.856460 192.168.1.1.22 > 192.168.1.69.1023: S
754452197:754452197(0) ack 2427261544 win 16352 <mss
1460>
21:34:24.856500 192.168.1.69.1023 > 192.168.1.1.22: .
ack 1 win 32120 (DF)
21:34:29.933376 192.168.1.1.22 > 192.168.1.69.1023: F
1:1(0) ack 1 win 16352
21:34:29.933408 192.168.1.69.1023 > 192.168.1.1.22: .
ack 2 win 32120 (DF) [tos 0x10]
21:34:29.933715 192.168.1.69.1023 > 192.168.1.1.22: F
1:1(0) ack 2 win 32120 (DF) [tos 0x10]
21:34:29.934936 192.168.1.1.22 > 192.168.1.69.1023: .
ack 2 win 16351 (DF)
17 packets received by filter
0 packets dropped by kernel
mass %
