Date: Fri, 26 Oct 2001 05:14:24 +0100 From: "Mark Hughes" <mark@dvdnews.co.uk> To: <freebsd-questions@FreeBSD.ORG> Subject: DSA authentication using SSH Message-ID: <001b01c15dd4$c5af8970$0200a8c0@mark2>
next in thread | raw e-mail | index | archive | help
I'm using freebsd 4.3-release, and trying to connect using DSA authentication through SSH from my freebsd box to a remote box which is a cobolt raq (spit!). I've created all the keys, copied the public keys, and all that....running ssh to the host in question gives: SSH Version OpenSSH_2.3.0 green@FreeBSD.org 20010321, protocol versions 1.5/2.0. Compiled with SSL (0x0090600f). debug: Reading configuration data /home/mark/.ssh/config debug: Applying options for *digitalspy.co.uk debug: Reading configuration data /etc/ssh/ssh_config debug: ssh_connect: getuid 0 geteuid 0 anon 0 debug: Connecting to digitalspy.co.uk [216.12.209.2] port 22. debug: Allocated local port 1019. debug: Connection established. debug: Remote protocol version 2.0, remote software version OpenSSH_2.9p2 debug: no match: OpenSSH_2.9p2 Enabling compatibility mode for protocol 2.0 debug: Local version string SSH-2.0-OpenSSH_2.3.0 green@FreeBSD.org 20010321 debug: send KEXINIT debug: done debug: wait KEXINIT debug: got kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 debug: got kexinit: ssh-dss debug: got kexinit: 3des-cbc,blowfish-cbc,cast128-cbc,arcfour debug: got kexinit: 3des-cbc,blowfish-cbc,cast128-cbc,arcfour debug: got kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,h mac-md5-96 debug: got kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,h mac-md5-96 debug: got kexinit: none,zlib debug: got kexinit: none,zlib debug: got kexinit: debug: got kexinit: debug: first kex follow: 0 debug: reserved: 0 debug: done debug: kex: server->client 3des-cbc hmac-sha1 none debug: kex: client->server 3des-cbc hmac-sha1 none debug: Sending SSH2_MSG_KEX_DH_GEX_REQUEST. debug: Wait SSH2_MSG_KEX_DH_GEX_GROUP. debug: Got SSH2_MSG_KEX_DH_GEX_GROUP. debug: bits set: 1007/2049 debug: Sending SSH2_MSG_KEX_DH_GEX_INIT. debug: Wait SSH2_MSG_KEX_DH_GEX_REPLY. debug: Got SSH2_MSG_KEXDH_REPLY. debug: Host 'digitalspy.co.uk' is known and matches the DSA host key. debug: bits set: 1014/2049 debug: len 55 datafellows 0 debug: dsa_verify: signature correct debug: Wait SSH2_MSG_NEWKEYS. debug: GOT SSH2_MSG_NEWKEYS. debug: send SSH2_MSG_NEWKEYS. debug: done: send SSH2_MSG_NEWKEYS. debug: done: KEX2. debug: send SSH2_MSG_SERVICE_REQUEST debug: service_accept: ssh-userauth debug: got SSH2_MSG_SERVICE_ACCEPT debug: authentications that can continue: publickey,password,keyboard-interactive debug: next auth method to try is publickey debug: try pubkey: /home/mark/.ssh/id_dsa debug: read DSA private key done debug: sig size 20 20 debug: authentications that can continue: publickey,password,keyboard-interactive debug: next auth method to try is publickey debug: no more auth methods to try Unable to find an authentication method debug: Calling cleanup 0x8058220(0x0) Now it looks to me as though something is going wrong after the key has been read - it doesn't even seem to be testing it before going on to the next attempted thing....is this a bug, or am I doing something wrong? Thanks in advance, Mark To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?001b01c15dd4$c5af8970$0200a8c0>