From owner-freebsd-bugs  Fri Jun  1 15:10:11 2001
Delivered-To: freebsd-bugs@hub.freebsd.org
Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21])
	by hub.freebsd.org (Postfix) with ESMTP id D6C2837B42C
	for <freebsd-bugs@hub.freebsd.org>; Fri,  1 Jun 2001 15:10:03 -0700 (PDT)
	(envelope-from gnats@FreeBSD.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.11.1/8.11.1) id f51MA3V16636;
	Fri, 1 Jun 2001 15:10:03 -0700 (PDT)
	(envelope-from gnats)
Date: Fri, 1 Jun 2001 15:10:03 -0700 (PDT)
Message-Id: <200106012210.f51MA3V16636@freefall.freebsd.org>
To: freebsd-bugs@FreeBSD.org
Cc: 
From: Archie Cobbs <archie@packetdesign.com>
Subject: Re: bin/27821: can't do RSA login via ssh to root account
Reply-To: Archie Cobbs <archie@packetdesign.com>
Sender: owner-freebsd-bugs@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-bugs.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo?subject=subscribe%20freebsd-bugs>
List-Unsubscribe: <mailto:majordomo?subject=unsubscribe%20freebsd-bugs>
X-Loop: FreeBSD.org

The following reply was made to PR bin/27821; it has been noted by GNATS.

From: Archie Cobbs <archie@packetdesign.com>
To: Bill Fenner <fenner@research.att.com>
Cc: freebsd-gnats-submit@freebsd.org
Subject: Re: bin/27821: can't do RSA login via ssh to root account
Date: Fri, 01 Jun 2001 15:01:18 -0700

 Bill Fenner wrote:
 > I admit I used my one and only RSA key, but I did use a custom DSA key.
 > I removed all the keys from my agent, then readded them with my normal
 > DSA key first, and it tried both:
 > 
 > mango% ssh-add -l
 > 1024 91:30:d8:8d:e6:5d:65:3d:95:1a:81:57:41:8c:2c:3b William C. Fenner
 > 1024 b2:79:a8:38:8a:73:db:3e:60:56:d6:83:95:72:e7:85 /home/fenner/.ssh/id_dsa
 > 1024 ba:95:7d:6e:74:f8:ac:28:5c:29:43:96:d3:90:8a:20 /home/fenner/.ssh/id_dsa-cubix
 > mango% ssh -v -2 -l root cubix01
 > SSH Version OpenSSH_2.3.0 green@FreeBSD.org 20010321, protocol versions 1.5/2.0.
 > Compiled with SSL (0x0090600f).
 > ...
 > debug: authentications that can continue: publickey,password
 > debug: next auth method to try is publickey
 > debug: trying DSA agent key /home/fenner/.ssh/id_dsa
 > debug: authentications that can continue: publickey,password
 > debug: next auth method to try is publickey
 > debug: trying DSA agent key /home/fenner/.ssh/id_dsa-cubix
 > debug: ssh-userauth2 successfull: method publickey
 > ...
 
 Yep, the '-2' flag is what makes it work. Oh, maybe that makes sense,
 I'm using a DSA key.. are they only supported by version 2? I thought
 that ssh+sshd would automatically negotiate version 2 but maybe I assume
 too much.
 
 -Archie
 
 __________________________________________________________________________
 Archie Cobbs     *     Packet Design     *     http://www.packetdesign.com

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message