I've installed OpenSSH 2.9p1 on two hosts and I am trying to ssh from
one to the other with rhost authentication. Something appears to be
wrong with the client side as I can do this rhost auth with a ssh1.2.27
client. Any help would be appreciated.
/opt/openssh-2.9p1/etc/ssh_config on client is:
ForwardX11 yes
RhostsAuthentication yes
/opt/openssh-2.9p1/etc/sshd_config on server is:
Port 22
IgnoreRhosts no
StrictModes yes
X11Forwarding yes
X11DisplayOffset 10
KeepAlive yes
SyslogFacility AUTH
LogLevel INFO
RhostsAuthentication yes
RSAAuthentication yes
PasswordAuthentication yes
PermitEmptyPasswords no
Subsystem sftp /opt/openssh-2.9p1/libexec/sftp-server
When I run ssh -v I notice that Rhosts Auth is disabled. Regardless if
I change this setting in ssh_config or not. I've even tried changing
the protocol to ssh1 in ssh_config and its still disabled. Is this a
bug with OpenSSH-2.9p1 or am I doing something else wrong?
Here is some output with :
/opt/ssh/bin/ssh -v juneau
OpenSSH_2.9p1, SSH protocols 1.5/2.0, OpenSSL 0x0090601f
debug1: Reading configuration data /opt/openssh-2.9p1/etc/ssh_config
debug1: Seeded RNG with 40 bytes from programs
debug1: Seeded RNG with 3 bytes from system calls
debug1: Rhosts Authentication disabled, originating port will not be
trusted.
debug1: restore_uid
debug1: ssh_connect: getuid 1412 geteuid 0 anon 1
debug1: Connecting to juneau [X.X.X.X] port 22.
debug1: temporarily_use_uid: 1412/67 (e=0)
debug1: restore_uid
debug1: temporarily_use_uid: 1412/67 (e=0)
debug1: restore_uid
debug1: Connection established.
debug1: read PEM private key done: type DSA
debug1: read PEM private key done: type RSA
debug1: identity file /home/cs/newton/.ssh/identity type -1
debug1: identity file /home/cs/newton/.ssh/id_rsa type -1
debug1: identity file /home/cs/newton/.ssh/id_dsa type -1
debug1: Remote protocol version 1.99, remote software version
OpenSSH_2.9p1
debug1: match: OpenSSH_2.9p1 pat ^OpenSSH
Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_2.9p1
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: dh_gen_key: priv key bits set: 122/256
debug1: bits set: 1088/2049
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'juneau' is known and matches the RSA host key.
debug1: Found key in /home/cs/newton/.ssh/known_hosts2:1
debug1: bits set: 1027/2049
debug1: ssh_rsa_verify: signature correct
debug1: kex_derive_keys
debug1: newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: waiting for SSH2_MSG_NEWKEYS
debug1: newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: done: ssh_kex2.
debug1: send SSH2_MSG_SERVICE_REQUEST
debug1: service_accept: ssh-userauth
debug1: got SSH2_MSG_SERVICE_ACCEPT
debug1: authentications that can continue:
publickey,password,keyboard-interactive
debug1: next auth method to try is publickey
debug1: try privkey: /home/cs/newton/.ssh/identity
debug1: try privkey: /home/cs/newton/.ssh/id_rsa
debug1: try privkey: /home/cs/newton/.ssh/id_dsa
debug1: next auth method to try is password
newton@juneau's password:
Here I change the client to force ssh protocol 1:
/opt/ssh/bin/ssh -v juneau
OpenSSH_2.9p1, SSH protocols 1.5/2.0, OpenSSL 0x0090601f
debug1: Reading configuration data /opt/openssh-2.9p1/etc/ssh_config
debug1: Seeded RNG with 39 bytes from programs
debug1: Seeded RNG with 3 bytes from system calls
debug1: Rhosts Authentication disabled, originating port will not be
trusted.
debug1: restore_uid
debug1: ssh_connect: getuid 1412 geteuid 0 anon 1
debug1: Connecting to juneau [X.X.X.X] port 22.
debug1: temporarily_use_uid: 1412/67 (e=0)
debug1: restore_uid
debug1: temporarily_use_uid: 1412/67 (e=0)
debug1: restore_uid
debug1: Connection established.
debug1: read PEM private key done: type DSA
debug1: read PEM private key done: type RSA
debug1: identity file /home/cs/newton/.ssh/identity type -1
debug1: Remote protocol version 1.99, remote software version
OpenSSH_2.9p1
debug1: match: OpenSSH_2.9p1 pat ^OpenSSH
debug1: Local version string SSH-1.5-OpenSSH_2.9p1
debug1: Waiting for server public key.
debug1: Received server public key (768 bits) and host key (1024 bits).
debug1: Host 'juneau' is known and matches the RSA1 host key.
debug1: Found key in /home/cs/newton/.ssh/known_hosts:5
debug1: Encryption type: 3des
debug1: Sent encrypted session key.
debug1: Installing crc compensation attack detector.
debug1: Received encrypted confirmation.
debug1: Doing password authentication.
newton@juneau's password:
--
Jeff Newton
