From owner-freebsd-current Thu Apr 20 17: 5:14 2000 Delivered-To: freebsd-current@freebsd.org Received: from bubba.whistle.com (bubba.whistle.com [207.76.205.7]) by hub.freebsd.org (Postfix) with ESMTP id 30FAD37B782; Thu, 20 Apr 2000 17:05:11 -0700 (PDT) (envelope-from archie@whistle.com) Received: (from archie@localhost) by bubba.whistle.com (8.9.3/8.9.2) id RAA99568; Thu, 20 Apr 2000 17:05:11 -0700 (PDT) From: Archie Cobbs Message-Id: <200004210005.RAA99568@bubba.whistle.com> Subject: Re: ssh to freefall broken In-Reply-To: from Kris Kennaway at "Apr 20, 2000 04:24:37 pm" To: kris@FreeBSD.org (Kris Kennaway) Date: Thu, 20 Apr 2000 17:05:11 -0700 (PDT) Cc: freebsd-current@FreeBSD.org X-Mailer: ELM [version 2.4ME+ PL54 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Kris Kennaway writes: > > $ ssh archie@freefall.freebsd.org > > Warning: Server lies about size of server host key: actual size is 1023 bits vs. announced 1024. > > Warning: This may be due to an old implementation of ssh. > > Warning: identity keysize mismatch: actual 1023, announced 1024 > > Agent admitted failure to authenticate using the key. > > Authentication agent failed to decrypt challenge. > > Enter passphrase for RSA key 'archie@bubba.whistle.com': > > How long had it been since you updated? OpenSSH changed some defaults a > while back, including defaulting to not do agent forwarding, I > think. Check the config files and add it back if necessary. Hmm.. I set "ForwardAgent yes" in /etc/ssh/ssh_config but that didn't help.. from this verbose output it looks like the line saying "Agent admitted failure to authenticate using the key" is the root of the problem.. Warning: identity keysize mismatch: actual 1023, announced 1024 debug: Trying RSA authentication via agent with 'archie@bubba.whistle.com' debug: Received RSA challenge from server. Agent admitted failure to authenticate using the key. Authentication agent failed to decrypt challenge. debug: Sending response to RSA challenge. debug: Remote: Wrong response to RSA authentication challenge. debug: RSA authentication using agent refused. Maybe there's a problem with ssh-agent? FYI- here's what I'm doing 1. On machine A (3.4-REL): "ssh-agent tcsh" 2. On machine A (3.4-REL): "ssh-add" then enter passcode 3. On machine A (3.4-REL): "ssh " 4. On machine B (5.0-current): enter password on machine B 5. On machine B (5.0-current): "ssh archie@freefall.freebsd.org" If I leave out steps #3 and #4 then it works fine as before. -Archie ___________________________________________________________________________ Archie Cobbs * Whistle Communications, Inc. * http://www.whistle.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message