From owner-freebsd-bugs Sun Jun 2 2:41:38 2002 Delivered-To: freebsd-bugs@hub.freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id CE94137B410 for ; Sun, 2 Jun 2002 02:40:13 -0700 (PDT) Received: (from gnats@localhost) by freefall.freebsd.org (8.11.6/8.11.6) id g529eDT56933; Sun, 2 Jun 2002 02:40:13 -0700 (PDT) (envelope-from gnats) Date: Sun, 2 Jun 2002 02:40:13 -0700 (PDT) Message-Id: <200206020940.g529eDT56933@freefall.freebsd.org> To: freebsd-bugs@FreeBSD.org Cc: From: "Crist J. Clark" Subject: Re: bin/38643: ssh doesn't fail over from protocol 1 to protocol 2 Reply-To: "Crist J. Clark" Sender: owner-freebsd-bugs@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org The following reply was made to PR bin/38643; it has been noted by GNATS. From: "Crist J. Clark" To: Andrew.P.Lentvorski@www.freebsd.org, "Jr." Cc: freebsd-gnats-submit@FreeBSD.ORG Subject: Re: bin/38643: ssh doesn't fail over from protocol 1 to protocol 2 Date: Sat, 1 Jun 2002 18:20:33 -0700 On Mon, May 27, 2002 at 07:33:37PM -0700, Andrew.P.Lentvorski@www.freebsd.org wrote: [snip] > >Description: > When using dsa public keys to log into a remote system, ssh is supposed > to try using protocol 1 and then use protocol 2 if that fails. In the > ssh_config file the relevant line is "Protocol 1,2" This is not how it works. During the initial negotations, server and client decide which protocol to use. Once they do, it is fixed, you cannot switch. If they decide to use version 2, and authentication fails, you are done. You do NOT start over with protocol 1. -- Crist J. Clark | cjclark@alum.mit.edu | cjclark@jhu.edu http://people.freebsd.org/~cjc/ | cjc@freebsd.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message