Hi James,
Ugh, the ssh-pubkeymgr has been fixed so it won't be doing stupid things like setting
your hostname to "-s". It should be fixed in the next release.
Again, sorry about that.
Let me know if you need any help with it.
-Anne
On Thu, Feb 15, 2001 at 10:13:15AM -0500, James R. Frysinger wrote:
> Yesterday I was installing SSH2 (2.4.0) on an Ultra10 station running
> Solaris 7 in order to replace the previous version of SSH2 (2.0.13).
> This was being done in an attempt to solve the problem with this machine
> hosting scp2 callups, which resulted in error messages stating
> scp2: warning: ssh_packet_wrapper_input: invalid packet
> received: len1232347245
> and a "hung" process that could be escaped only by ^C or (perhaps)
> timeout. The callups had been from other machines running linux and
> version 2.4.0, so I thought there was perhaps a compatibility problem.
>
> I have four accounts on the Ultra10 and all of them need SSH2
> capability. After downloading the source file as one of the users
> (frysingj), I su'd to root and successfully ran configure, make, and
> make install. I then ran ssh-keygen2 and ssh-pubkeymgr while su'd to
> root. After exiting to my user persona (frysingj), I tested scp2 and got
> warnings about the public key for frysingj being missing. I reran
> ssh-keygen2 and ssh-pubkeymgr as frysingj and those warnings were no
> longer received. However, I found I could scp2 out to the linux stations
> but they could not scp2 in to the Ultra10, the same packet warning and
> "hang" as above being the result. Also, I noticed that the host name in
> my prompt line changed from the machine's host name to -s but it did not
> occur to me that this was a big problem.
>
> After logging out and taking a lunch break, I attempted to log back in
> and found that the Ultra10 had major problems; apparently the hostname
> in the computer had been lost or damaged. This problem prevents logins
> either directly or remotely, by user or by root. We are currently
> attempting to rebuild the file system without losing too much data since
> our last backup. Nuts!
>
> So I have a few questions:
> 1. Should I have installed SSH2 as root in order to allow all user
> accounts to use it?
> 2. Should I have run the keygen and pubkeymgr scripts as root?
> 3. Assuming the answers to 1 and 2 are "yes", should each user account
> run the keygen and pubkeymgr programs to build their own ~/.ssh2
> contents?
> [Aside: The online directions merely state that
> after installation, one should "set up the following
> files". It is not clear to me whether those actions
> should be done as root or as a user nor, in all
> cases, just how one does set them up--other than
> running the keygen and pubkeymger scripts.]
> 4. How can I safely install SSH2 without killing the Solaris operating
> system?
> 5. Since the packet length problem is apparently NOT due to
> incompatibility between 2.4.0 and previous versions of SSH2, what causes
> it and how can it be fixed?
>
> I hope someday to get past all this exercise as a unix system
> administrator and security manager to get back to doing the meteorology
> research I intended to do in the first place.
>
> Jim Frysinger
> also at: [EMAIL PROTECTED]
> http://www.cofc.edu/~frysingj
>
> --
> Metric Methods(SM) "Don't be late to metricate!"
> James R. Frysinger, CAMS http://www.metricmethods.com/
> 10 Captiva Row e-mail: [EMAIL PROTECTED]
> Charleston, SC 29407 phone/FAX: 843.225.6789
------------------------------------------------------------------------
Anne Carasik | An unsophisticated forecaster uses
Principal Security Consultant | statistics as a drunken man uses
SSH Communications Security, Inc. | lamp-posts - for support rather than
Email: [EMAIL PROTECTED] | for illumination. -Andrew Lang
------------------------------------------------------------------------
Unless stated otherwise above, the opinions expressed herein are my own,
not of my employer.
PGP signature
