From owner-freebsd-bugs Fri Jun 1 15:10:11 2001 Delivered-To: freebsd-bugs@hub.freebsd.org Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id D6C2837B42C for ; Fri, 1 Jun 2001 15:10:03 -0700 (PDT) (envelope-from gnats@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.11.1/8.11.1) id f51MA3V16636; Fri, 1 Jun 2001 15:10:03 -0700 (PDT) (envelope-from gnats) Date: Fri, 1 Jun 2001 15:10:03 -0700 (PDT) Message-Id: <200106012210.f51MA3V16636@freefall.freebsd.org> To: freebsd-bugs@FreeBSD.org Cc: From: Archie Cobbs Subject: Re: bin/27821: can't do RSA login via ssh to root account Reply-To: Archie Cobbs Sender: owner-freebsd-bugs@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org The following reply was made to PR bin/27821; it has been noted by GNATS. From: Archie Cobbs To: Bill Fenner Cc: freebsd-gnats-submit@freebsd.org Subject: Re: bin/27821: can't do RSA login via ssh to root account Date: Fri, 01 Jun 2001 15:01:18 -0700 Bill Fenner wrote: > I admit I used my one and only RSA key, but I did use a custom DSA key. > I removed all the keys from my agent, then readded them with my normal > DSA key first, and it tried both: > > mango% ssh-add -l > 1024 91:30:d8:8d:e6:5d:65:3d:95:1a:81:57:41:8c:2c:3b William C. Fenner > 1024 b2:79:a8:38:8a:73:db:3e:60:56:d6:83:95:72:e7:85 /home/fenner/.ssh/id_dsa > 1024 ba:95:7d:6e:74:f8:ac:28:5c:29:43:96:d3:90:8a:20 /home/fenner/.ssh/id_dsa-cubix > mango% ssh -v -2 -l root cubix01 > SSH Version OpenSSH_2.3.0 green@FreeBSD.org 20010321, protocol versions 1.5/2.0. > Compiled with SSL (0x0090600f). > ... > debug: authentications that can continue: publickey,password > debug: next auth method to try is publickey > debug: trying DSA agent key /home/fenner/.ssh/id_dsa > debug: authentications that can continue: publickey,password > debug: next auth method to try is publickey > debug: trying DSA agent key /home/fenner/.ssh/id_dsa-cubix > debug: ssh-userauth2 successfull: method publickey > ... Yep, the '-2' flag is what makes it work. Oh, maybe that makes sense, I'm using a DSA key.. are they only supported by version 2? I thought that ssh+sshd would automatically negotiate version 2 but maybe I assume too much. -Archie __________________________________________________________________________ Archie Cobbs * Packet Design * http://www.packetdesign.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message