From owner-freebsd-bugs Mon May 27 19:40:26 2002 Delivered-To: freebsd-bugs@hub.freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id 6643A37B405 for ; Mon, 27 May 2002 19:40:02 -0700 (PDT) Received: (from gnats@localhost) by freefall.freebsd.org (8.11.6/8.11.6) id g4S2e2s85843; Mon, 27 May 2002 19:40:02 -0700 (PDT) (envelope-from gnats) Received: from nwww.freebsd.org (www.FreeBSD.org [216.136.204.117]) by hub.freebsd.org (Postfix) with ESMTP id 6909737B408 for ; Mon, 27 May 2002 19:33:37 -0700 (PDT) Received: from www.freebsd.org (localhost [127.0.0.1]) by nwww.freebsd.org (8.12.2/8.12.2) with ESMTP id g4S2XbhG084883 for ; Mon, 27 May 2002 19:33:37 -0700 (PDT) (envelope-from nobody@www.freebsd.org) Received: (from nobody@localhost) by www.freebsd.org (8.12.2/8.12.2/Submit) id g4S2XboH084882; Mon, 27 May 2002 19:33:37 -0700 (PDT) Message-Id: <200205280233.g4S2XboH084882@www.freebsd.org> Date: Mon, 27 May 2002 19:33:37 -0700 (PDT) From: Andrew.P.Lentvorski@www.freebsd.org, "Jr." To: freebsd-gnats-submit@FreeBSD.org X-Send-Pr-Version: www-1.0 Subject: bin/38643: ssh doesn't fail over from protocol 1 to protocol 2 Sender: owner-freebsd-bugs@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org >Number: 38643 >Category: bin >Synopsis: ssh doesn't fail over from protocol 1 to protocol 2 >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Mon May 27 19:40:02 PDT 2002 >Closed-Date: >Last-Modified: >Originator: Andrew P. Lentvorski, Jr. >Release: 4.5-RELEASE >Organization: >Environment: FreeBSD taz.allcaps.org 4.5-RELEASE FreeBSD 4.5-RELEASE #0: Mon Jan 28 14:31:56 GMT 2002 murray@builder.freebsdmall.com:/usr/src/sys/compile/GENERIC i386 >Description: When using dsa public keys to log into a remote system, ssh is supposed to try using protocol 1 and then use protocol 2 if that fails. In the ssh_config file the relevant line is "Protocol 1,2" However, the rollover never occurs and the login simply fails. >How-To-Repeat: Default FreeBSD install. Attempt to log into another machine with ssh using only dsa public keys. It will fail. >Fix: Change the line "Protocol 1,2" to "Protocol 2,1" in the ssh_config file or use -2 on the ssh command line. However, it is unclear whether "Protocol 2,1" fixes the problem or whether it just hides the problem by trying protocol 2 first and would fail if someone attempted to use protocol 1 for public key login. >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message