From owner-freebsd-current Sat May 12 22:40:50 2001 Delivered-To: freebsd-current@freebsd.org Received: from bunrab.catwhisker.org (adsl-63-193-123-122.dsl.snfc21.pacbell.net [63.193.123.122]) by hub.freebsd.org (Postfix) with ESMTP id 7A14537B446 for ; Sat, 12 May 2001 22:40:39 -0700 (PDT) (envelope-from david@catwhisker.org) Received: (from david@localhost) by bunrab.catwhisker.org (8.10.0/8.10.0) id f4D5eZl71004 for current@freebsd.org; Sat, 12 May 2001 22:40:35 -0700 (PDT) Date: Sat, 12 May 2001 22:40:35 -0700 (PDT) From: David Wolfskill Message-Id: <200105130540.f4D5eZl71004@bunrab.catwhisker.org> To: current@freebsd.org Subject: ssh public key auth. incompatible between 2.3.0 vs. 2.9? Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG OK; there's something about the (relatively) new ssh (2.9) in -CURRENT I'm not understanding. I have hunted around for some clues (via man pages & the like), but it could well be that I'm still failing to notice something -- quite possibly something that should be obvious to even me -- and I welcome a clue. Basically, the setup I use in -STABLE, where I'm able to use my public/private key pair for authentication, is not working in -CURRENT. (ssh in -CURRENT is reverting to password authentication.) On the machine (my laptop, where I have been tracking both -STABLE and -CURRENT daily for the past 1.5 months or so, and each environment has its own / and /usr, but /usr/local, /var, and my home directory are common -- as is the local CVS respository), I have it set up to start X (4.0.3) via xdm. Thus, my ~/.xsession script is run when I login. The first part of that script reads: #! /bin/csh if { test -x `which ssh-askpass` } then eval `ssh-agent` ssh-add set ssh_test = `ssh-add -l` || exit 1 echo "$ssh_test" | grep '@' >/dev/null if ( $? ) then echo "What part of 'Need passphrase' don't you understand?" exit 2 endif endif set in_xdm = "1" source ~/.cshrc .... (I do *not* normally use csh for script-writing. However, since I use it (well, tcsh) as my normal shell, there are some advantages to having the ssh-agent stuff use csh semantics. And it allows a bit more consistency forfiguring out things like my customized execution path. And prior to ssh .29 in -CURRENT, this was also working in -CURRENT... but it took a couple of days for things to get to a reasonably steady state or ssh 2.9 in -CURRENT, which is why I didn't write about this earlier: I figured it's sufficiently messy that it was a little premature to do that just yet. But I certainly want folks to be aware of what is going on, now that I've started seeing requested to MFC ssh 2.9.) Now, as noted, my home directory is common between the 2 environments, so I have a high degree of confidence that the files look the same from either environment. And I built the first -CURRENT environment from FreeBSD 4.3-STABLE near the 2nd week of March; that part's been tracking -CURRENT since... and this was after /etc/ssh had been populated originally, so the host keys are the same. Here's /etc/ssh on the -STABLE side: dhcp-140[1] ls -la /S1/etc/ssh total 37 drwxr-xr-x 2 root wheel 512 May 3 06:57 . drwxr-xr-x 17 root wheel 2560 May 12 07:07 .. -rw-r--r-- 1 root wheel 26346 May 3 06:57 primes -rw-r--r-- 1 root wheel 976 Mar 6 07:46 ssh_config -rw------- 1 root wheel 668 Mar 6 09:33 ssh_host_dsa_key -rw-r--r-- 1 root wheel 595 Mar 6 09:33 ssh_host_dsa_key.pub -rw------- 1 root wheel 520 Mar 6 09:33 ssh_host_key -rw-r--r-- 1 root wheel 324 Mar 6 09:33 ssh_host_key.pub -rw-r--r-- 1 root wheel 1480 Mar 6 07:46 sshd_config dhcp-140[2] and the -CURRENT side: dhcp-140[2] ls -la /etc/ssh total 39 drwxr-xr-x 2 root wheel 512 May 9 10:18 . drwxr-xr-x 16 root wheel 2560 May 11 09:56 .. -rw-r--r-- 1 root wheel 26346 Mar 27 08:01 primes -rw-r--r-- 1 root wheel 909 Mar 7 21:29 ssh_config -rw------- 1 root wheel 668 Mar 6 09:33 ssh_host_dsa_key -rw-r--r-- 1 root wheel 595 Mar 6 09:33 ssh_host_dsa_key.pub -rw------- 1 root wheel 520 Mar 6 09:33 ssh_host_key -rw-r--r-- 1 root wheel 324 Mar 6 09:33 ssh_host_key.pub -rw------- 1 root wheel 529 May 9 10:18 ssh_host_rsa_key -rw-r--r-- 1 root wheel 333 May 9 10:18 ssh_host_rsa_key.pub -rw-r--r-- 1 root wheel 1776 May 6 09:41 sshd_config dhcp-140[3] and in particular: dhcp-140[3] sudo cmp {/S1,}/etc/ssh/ssh_host_key Password: dhcp-140[4] sudo cmp {/S1,}/etc/ssh/ssh_host_key.pub dhcp-140[5] sudo cmp {/S1,}/etc/ssh/ssh_config /S1/etc/ssh/ssh_config /etc/ssh/ssh_config differ: char 196, line 5 dhcp-140[6] sudo diff -u {/S1,}/etc/ssh/ssh_config --- /S1/etc/ssh/ssh_config Tue Mar 6 07:46:45 2001 +++ /etc/ssh/ssh_config Wed Mar 7 21:29:09 2001 @@ -2,7 +2,7 @@ # defaults for users, and the values can be changed in per-user configuration # files or on the command line. # -# $FreeBSD: src/crypto/openssh/ssh_config,v 1.6 2000/09/10 09:35:38 kris Exp $ +# $FreeBSD$ # Configuration data is parsed as follows: # 1. command line options dhcp-140[7] OK; I *think* that's a difference that ought not be relevant to the issue I'm seeing.... :-} [Sorry if things get disjointed at this point. My laptop re-booted; as far as I know, I had just hit the "A" key. The /var filesystem needed a manual fsck, which I did, then I re-booted. It seems to have done Kirk's "background fsck" magic OK; I HUPped the process (which was still hanging around on the machine where I was composing this note) and recovered the buffer up to this parenthetical comment. dhw] So, I tried an experiment to illustrate the issue. I booted -CURRENT, and (under script) issued an "ssh -v bunrab". I then booted -STABLE, and did it again (using a different filename). I then edited the script files: I removed all of the ^Ms, and I then (in order to reduce the number of irrelevant mis-matches) changed all of the "^debug: " lines in the -STABLE file to read "^debug1: " instead. (License, I know. I'm happy to provide complete files, but this is quite long enough as it is.) Here's the diff output: --- ssh-stable Sat May 12 19:45:54 2001 +++ ssh-current Sat May 12 19:43:03 2001 @@ -1,34 +1,61 @@ -Script started on Sat May 12 19:35:12 2001 +Script started on Sat May 12 19:40:40 2001 dhcp-140[1] ssh -v bunrab -SSH Version OpenSSH_2.3.0 green@FreeBSD.org 20010321, protocol versions 1.5/2.0. -Compiled with SSL (0x0090600f). +OpenSSH_2.9 green@FreeBSD.org 20010503, SSH protocols 1.5/2.0, OpenSSL 0x00906010 debug1: Reading configuration data /etc/ssh/ssh_config +debug1: Rhosts Authentication disabled, originating port will not be trusted. +debug1: restore_uid debug1: ssh_connect: getuid 1001 geteuid 1001 anon 1 debug1: Connecting to bunrab.catwhisker.org [172.16.8.11] port 22. +debug1: temporarily_use_uid: 1001/20 (e=1001) +debug1: restore_uid +debug1: temporarily_use_uid: 1001/20 (e=1001) +debug1: restore_uid debug1: Connection established. +debug1: identity file /home/david/.ssh/identity type 0 +debug1: identity file /home/david/.ssh/id_rsa type -1 +debug1: identity file /home/david/.ssh/id_dsa type -1 debug1: Remote protocol version 1.99, remote software version 2.0.12 (non-commercial) debug1: match: 2.0.12 (non-commercial) pat ^2\.0\. - -debug1: Local version string SSH-1.5-OpenSSH_2.3.0 green@FreeBSD.org 20010321 -debug1: Waiting for server public key. -debug1: Received server public key (768 bits) and host key (1024 bits). -debug1: Host 'bunrab' is known and matches the RSA host key. -debug1: Encryption type: 3des -debug1: Sent encrypted session key. -debug1: Installing crc compensation attack detector. -debug1: Received encrypted confirmation. -debug1: Trying RSA authentication via agent with 'david@dhcp-135.catwhisker.org' -debug1: Received RSA challenge from server. -debug1: Sending response to RSA challenge. -debug1: Remote: RSA authentication accepted. -debug1: RSA authentication accepted by server. -debug1: Requesting pty. -debug1: Requesting shell. +Enabling compatibility mode for protocol 2.0 +debug1: Local version string SSH-2.0-OpenSSH_2.9 green@FreeBSD.org 20010503 +debug1: SSH2_MSG_KEXINIT sent +debug1: SSH2_MSG_KEXINIT received +debug1: kex: server->client 3des-cbc hmac-md5 none +debug1: kex: client->server 3des-cbc hmac-md5 none +debug1: dh_gen_key: priv key bits set: 210/384 +debug1: bits set: 544/1024 +debug1: sending SSH2_MSG_KEXDH_INIT +debug1: expecting SSH2_MSG_KEXDH_REPLY +debug1: Host 'bunrab.catwhisker.org' is known and matches the DSA host key. +debug1: Found key in /home/david/.ssh/known_hosts2:1 +debug1: bits set: 493/1024 +debug1: len 40 datafellows 8831 +debug1: ssh_dss_verify: signature correct +debug1: kex_derive_keys +debug1: newkeys: mode 1 +debug1: SSH2_MSG_NEWKEYS sent +debug1: waiting for SSH2_MSG_NEWKEYS +debug1: newkeys: mode 0 +debug1: SSH2_MSG_NEWKEYS received +debug1: done: ssh_kex2. +debug1: send SSH2_MSG_SERVICE_REQUEST +debug1: buggy server: service_accept w/o service +debug1: got SSH2_MSG_SERVICE_ACCEPT +debug1: authentications that can continue: publickey,password +debug1: next auth method to try is publickey +debug1: try privkey: /home/david/.ssh/id_rsa +debug1: try privkey: /home/david/.ssh/id_dsa +debug1: next auth method to try is password +david@bunrab.catwhisker.org's password: +debug1: ssh-userauth2 successful: method password +debug1: channel 0: new [client-session] +debug1: channel_new: 0 +debug1: send channel open 0 debug1: Entering interactive session. -Last login: Sat May 12 19:34:38 2001 from dhcp-140 -Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994 - The Regents of the University of California. All rights reserved. - +debug1: client_init id 0 arg 0 +debug1: channel request 0: shell +debug1: channel 0: open confirm rwindow 10000 rmax 16384 +Last login: Sat May 12 19:35:26 2001 FreeBSD 3.2-RELEASE (BUNRAB) #3: Sun Apr 30 19:44:37 PDT 2000 Welcome to FreeBSD! You will find security advisories and updated @@ -51,11 +78,25 @@ configuration utility. Edit /etc/motd to change this login announcement. You have mail. -bunrab[1] ^Dexit -Connection to bunrab closed. -debug1: Transferred: stdin 0, stdout 1201, stderr 30 bytes in 1.7 seconds -debug1: Bytes per second: stdin 0.0, stdout 712.8, stderr 17.8 +bunrab[1] ^Ddebug1: client_input_channel_req: channel 0 rtype exit-status reply 0 +debug1: channel 0: rcvd close +debug1: channel 0: output open -> drain +debug1: channel 0: input open -> closed +debug1: channel 0: close_read +exit +debug1: channel 0: obuf empty +debug1: channel 0: output drain -> closed +debug1: channel 0: close_write +debug1: channel 0: send close +debug1: channel 0: is dead +debug1: channel_free: channel 0: status: The following connections are open: + #0 client-session (t4 r0 i8/0 o128/0 fd -1/-1) + +debug1: channel_free: channel 0: dettaching channel user +Connection to bunrab.catwhisker.org closed. +debug1: Transferred: stdin 0, stdout 0, stderr 45 bytes in 7.6 seconds +debug1: Bytes per second: stdin 0.0, stdout 0.0, stderr 6.0 debug1: Exit status 0 dhcp-140[2] ^Dexit -Script done on Sat May 12 19:35:46 2001 +Script done on Sat May 12 19:41:02 2001 So I note a couple of salient things that show up: * Under ssh 2.9 (but not 2.3.0), the ssh server on bunrab engenders the line "debug1: buggy server: service_accept w/o service". * Under ssh 2.9, ssh appears to be looking for my private key in /home/david/.ssh/id_rsa, then /home/david/.ssh/id_dsa. Now, I never had either of those files; what I have in ~/.ssh is: -rw------- 1 david wheel 544 Mar 27 08:55 identity -rw-rw-r-- 1 david wheel 348 Mar 23 19:06 identity.pub -rw-r--r-- 1 david wheel 5792 May 10 13:31 known_hosts -rw-r--r-- 1 david wheel 3035 May 9 10:21 known_hosts2 I tried making "identity" a (hard) link to first id_rsa, then id_dsa, and re-tried the experiment. The only difference I saw was that if id_rsa existed (as a link to identity), ssh didn't claim it was trunig to use it; same for id_dsa. So basically, I'm confused. ssh appears to work ok for password authentication, but not for public key authentication -- or at least, it doesn't appear to be (completely?) compatible with ssh 2.3.0. Or maybe I'm overlooking something...? Help? Thanks, -- David H. Wolfskill david@catwhisker.org As a computing professional, I believe it would be unethical for me to advise, recommend, or support the use (save possibly for personal amusement) of any product that is or depends on any Microsoft product. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message