From owner-freebsd-security  Tue Jan 15  6:55:34 2002
Delivered-To: freebsd-security@freebsd.org
Received: from crimelords.org (crimelords.org [199.233.213.8])
	by hub.freebsd.org (Postfix) with ESMTP id 13D8637B41A
	for <freebsd-security@FreeBSD.ORG>; Tue, 15 Jan 2002 06:55:23 -0800 (PST)
Received: from localhost (admin@localhost)
	by crimelords.org (8.11.6/8.11.6) with ESMTP id g0FEm7l93937
	for <freebsd-security@FreeBSD.ORG>; Tue, 15 Jan 2002 08:48:07 -0600 (CST)
	(envelope-from admin@crimelords.org)
Date: Tue, 15 Jan 2002 08:48:07 -0600 (CST)
From: admin <admin@crimelords.org>
To: freebsd-security@FreeBSD.ORG
Subject: Openssh btwn linux/bsd..
Message-ID: <Pine.BSF.4.44.0201150842360.93908-100000@crimelords.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

I ran into an issue (from only one slackware box) with S/Key
authentication, wondered if anyone else sees this.  The owner of the other
box sent the question to openssh and the following is the answer..

--------------------------------------------------------------------------
> The above version of OpenSSH seems to work fine most of the time, but
>when
> I connect to one server in particular I get a very odd looking login
> prompt:
>
> pts/0::mugz!xm[~] ssh -l mugz <host-name-omitted>
> otp-md5 414 cr6003 ext
> S/Key Password:
> otp-md5 265 cr4395 ext
> S/Key Password:
> otp-md5 332 cr9989 ext
> S/Key Password:
> user@host-name-omitted password:
>
> I enter my password 3 times in a row at this prompt, and then i get a
> "normal" login prompt and can login, whats up with this?

ssh -o preferredauthentications=password

This is (at least) caused by the fact that FreeBSD people have broken all
setups without skey in use.  It happened a few months ago with their FTP
daemon, now it's happening with sshd.

-- 
Pekka Savola                 "Tell me of difficulties surmounted,
Netcore Oy                   not those you stumble over and fall"
Systems. Networks. Security.  -- Robert Jordan: A Crown of Swords



------------------------------------------------------------------------

The freebsd is running :
  SSH Version OpenSSH_2.3.0 FreeBSD localisations 20010713, protocol
versions 1.5/2.0.
Compiled with SSL (0x0090601f).


The slack box is running :
  OpenSSH_3.0.2p1, SSH protocols 1.5/2.0, OpenSSL 0x0090601f

Just a heads up if your users start asking about this, plus wanted to see
if anyone had come across this before?

--emacs


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message