SSH gurus,
Has anyone succeeded in making F-Secure 4.0 connect to an OpenSSH 2.1.1
server using DSA key exchange and no password? I have had no luck doing so.
I stick the public key in ~/.ssh/authorized_keys2, but it never works. I
can connect fine using a password. I am very familiar with SSH, so your
answer can be very technical.
Version F-Secure 4.0 _does_ support the SSH2 protocol for certain. The
version is 4.0 build 19. I exported the public key and cut out the comment
lines. I then did a join on the other lines in vi so the key was all on one
line. My openssh version is openssh v2.1.1p1.
Neither can I get ssh 2.2.0 client for Windows to use DSA keys with OpenSSH.
Below is a debug of such a connection attempt. Can someone interpret what
is the meaning of "Failed publickey for ROOT from 10.15.50.186 port 3750
ssh2"...?
Thanks,
Fox
[EMAIL PROTECTED]
Senior Information Security Analyst
Paranoid American Corporation
debug: sshd version OpenSSH_2.1.1
debug: Seeding random number generator
debug: read DSA private key done
debug: Seeding random number generator
debug: Bind to port 22 on 0.0.0.0.
Server listening on 0.0.0.0 port 22.
Generating 768 bit RSA key.
debug: Seeding random number generator
debug: Seeding random number generator
RSA key generation complete.
debug: Server will not fork when running in debugging mode.
Connection from 10.15.50.186 port 3750
debug: Client protocol version 1.99; client software version 2.2.0 SSH
Secure Shell for Windows
Enabling compatibility mode for protocol 2.0
debug: Local version string SSH-1.99-OpenSSH_2.1.1
debug: send KEXINIT
debug: done
debug: wait KEXINIT
debug: got kexinit: diffie-hellman-group1-sha1
debug: got kexinit: ssh-dss
debug: got kexinit: 3des-cbc,blowfish-cbc,twofish-cbc,arcfour
debug: got kexinit: 3des-cbc,blowfish-cbc,twofish-cbc,arcfour
debug: got kexinit: hmac-md5,hmac-sha1
debug: got kexinit: hmac-md5,hmac-sha1
debug: got kexinit: none
debug: got kexinit: none
debug: got kexinit:
debug: got kexinit:
debug: first kex follow: 1
debug: reserved: 0
debug: done
debug: kex: client->server 3des-cbc hmac-md5 none
debug: kex: server->client 3des-cbc hmac-md5 none
debug: Wait SSH2_MSG_KEXDH_INIT.
debug: bits set: 519/1024
debug: bits set: 521/1024
debug: sig size 20 20
debug: send SSH2_MSG_NEWKEYS.
debug: done: send SSH2_MSG_NEWKEYS.
debug: Wait SSH2_MSG_NEWKEYS.
debug: GOT SSH2_MSG_NEWKEYS.
debug: done: KEX2.
debug: userauth-request for user rootcll service ssh-connection method none
debug: Starting up PAM with username "rootcll"
Failed none for ROOT from 10.15.50.186 port 3750 ssh2
debug: userauth-request for user rootcll service ssh-connection method
publickey
debug: keytype ssh-dss
debug: test key...
Failed publickey for ROOT from 10.15.50.186 port 3750 ssh2
debug: userauth-request for user rootcll service ssh-connection method none
Failed none for ROOT from 10.15.50.186 port 3750 ssh2
Received disconnect: 13: Authentication cancelled by user.
debug: Calling cleanup 0x804f230(0x0)
debug: Calling cleanup 0x805f2b0(0x0)
