From owner-freebsd-questions@FreeBSD.ORG Wed Nov 7 16:33:11 2007 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 4006916A417 for ; Wed, 7 Nov 2007 16:33:11 +0000 (UTC) (envelope-from jamesh@lanl.gov) Received: from mailwasher.lanl.gov (mailwasher.lanl.gov [204.121.3.2]) by mx1.freebsd.org (Postfix) with ESMTP id 0728A13C4B8 for ; Wed, 7 Nov 2007 16:33:10 +0000 (UTC) (envelope-from jamesh@lanl.gov) Received: from mailrelay1.lanl.gov (mailrelay1.lanl.gov [128.165.4.101]) by mailwasher.lanl.gov (8.13.8/8.13.8/(ccn-5)) with ESMTP id lA7GX29n020386; Wed, 7 Nov 2007 09:33:02 -0700 Received: from oppie-mail.lanl.gov (oppie-mail.lanl.gov [128.165.4.123]) by mailrelay1.lanl.gov (8.13.8/8.13.8/(ccn-5)) with ESMTP id lA7GX1rJ006874; Wed, 7 Nov 2007 09:33:01 -0700 Received: from [128.165.86.10] (secretariat.lanl.gov [128.165.86.10]) by oppie-mail.lanl.gov (Postfix) with ESMTP id 57BD01F8004; Wed, 7 Nov 2007 09:32:57 -0700 (MST) From: James To: Juri Mianovich In-Reply-To: <189342.33696.qm@web45611.mail.sp1.yahoo.com> References: <189342.33696.qm@web45611.mail.sp1.yahoo.com> Organization: Los Alamos National Laboratories Date: Wed, 07 Nov 2007 16:32:56 -0700 Message-Id: <1194478376.29601.21.camel@secretariat.lanl.gov> Mime-Version: 1.0 X-Mailer: Evolution 2.10.3 FreeBSD GNOME Team Port X-CTN-5-MailScanner-Information: Please see http://network.lanl.gov/email/virus-scan.php X-CTN-5-MailScanner: Found to be clean X-CTN-5-MailScanner-From: jamesh@lanl.gov X-Spam-Status: No Content-Type: text/plain Content-Transfer-Encoding: 7bit X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: freebsd-questions@freebsd.org Subject: Re: problems with old SSH client and X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: jamesh@lanl.gov List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 07 Nov 2007 16:33:11 -0000 On Wed, 2007-11-07 at 07:53 -0800, Juri Mianovich wrote: > I have a machine with an older SSH client on it and I > am trying to connect to my 6.2-RELEASE system. > What operating system is the older machine running (I assume FreeBSD, and I assume 6.2 stable, but want to be sure). What version of ssh is running on the older machine? > I have changed the default line of: > > Protocol 2 > > to: > > Protocol 2,1 > > in /etc/ssh/sshd_config > > and now, from another modern FreeBSD system, I can > successfully log in with this command: > > ssh -1 -c 3des user@host > However, the older client, when using the exact same > command, gets this error: You're logging in from the modern machine to the older-ssh-version machine successfully, but unable to use the older-ssh-version to ssh out of the computer, then? Do you have any DNS issues interfering? It looks from your log like you're trying to connect straight to an IP address, but I want to make sure. 3des is the default cypher; I don't believe you need to specify it. Try sshing out with the -v flag, get a nice, verbose output. Also, I'm confused. Why are you forcing the older ssh version to connect to new ones via version 1 of the protocol? Surely they support version 2? My very first instinct here would be to try: ssh -v user@host and see what happens. > > > 06 Oct - 17:43:35[] ()ssh's main <0> debug2: > ssh_connect: needpriv 0^M > 06 Oct - 17:43:37[] ()ssh's main <0> debug1: > Connecting to hostname [10.10.10.10] port 22.^M > > 06 Oct - 17:43:38[] ()ssh's main <0> debug1: > Connection established.^M > 06 Oct - 17:43:38[] ()ssh's main <0> debug1: identity > file /etc/ssh/identity type -1^M > 06 Oct - 17:43:38[] ()ssh's main <0> debug1: Remote > protocol version 1.99, remote software version > OpenSSH_4.5p1^M > 06 Oct - 17:43:38[] ()ssh's main <0> debug1: match: > OpenSSH_4.5p1 pat OpenSSH*^M > 06 Oct - 17:43:38[] ()ssh's main <0> debug1: Local > version string SSH-1.5-OpenSSH_3.7.1p2^M > > 06 Oct - 17:43:38[] ()ssh's main <0> debug1: Waiting > for server public key.^M > 06 Oct - 17:43:38[] ()ssh's main <0> debug1: Received > server public key (768 bits) and host key (1024 > bits).^M > 06 Oct - 17:43:38[] ()ssh's main <0> debug3: > check_host_in_hostfile: filename > /etc/ssh/known_hosts^M > 06 Oct - 17:43:38[] ()ssh's main <0> debug3: > check_host_in_hostfile: match line 1^M > > 06 Oct - 17:43:38[] ()ssh's main <0> debug3: > check_host_in_hostfile: filename > /etc/ssh/known_hosts^M > 06 Oct - 17:43:38[] ()ssh's main <0> debug3: > check_host_in_hostfile: match line 1^M > > 06 Oct - 17:43:38[] ()ssh's main <0> debug1: Host > 'hostname' is known and matches the RSA1 host key.^M > > 06 Oct - 17:43:38[] ()ssh's main <0> debug1: Found key > in /etc/ssh/known_hosts:1^M > 06 Oct - 17:43:38[] ()ssh's main <0> fatal: Selected > cipher type 3des not supported by server.^M > > 06 Oct - 17:43:38[] ()ssh's main <0> debug1: Calling > cleanup 0x44598ec0(0x0)^M > 06 Oct - 17:43:38[] ()ssh's main <0> debug1: Calling > cleanup 0x4458c630(0x0)^M > 06 Oct - 17:43:38[] ()ssh's main <0> debug3: > DecrementThreadCount() Thread count is now 1^M > > 06 Oct - 17:43:38[] ()ssh's main <0> debug1: > sshExit(0) calling SSH_Exit()^M > > > any ideas ? > > __________________________________________________ > Do You Yahoo!? > Tired of spam? Yahoo! Mail has the best spam protection around > http://mail.yahoo.com > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"