Not sure what's going on.. have you tried regenerating your personal rsa and/or dsa keys (with ssh-keygen)? It looks like your keys are being rejected for whatever reason.. if you can fix this, it would at least pare down the number of errors. If you telnet to port 22 on the remote box, does it give "1.5" or "1.99" for the protocol version? If it gives "1.99", that probably means the daemon is capable of ssh2. Make sure you have a host DSA key (/etc/ssh/host_key or whatever) and a user DSA key (~/.ssh/identity or whatever).
Maybe the fact that it works on one of your machines is a fluke, and there is a bug in the openssh code that prevents it from working if the DSA keys are missing. -chris On Sun, 25 Mar 2001, Luigi Fabio wrote: > On 23 Mar 2001, at 20:52, Krzys Majewski wrote: > > What happens if you ssh -v -v -v to both the good machine and the bad > > machine? The output below suggests that the bad machine is choking on > > both your rsa key and your dsa key. The good machine only chokes on > > the dsa key, so maybe it's using whatever rsa key you give it (and > > perhaps this is a different rsa key than you supplied to the bad > > machine). The verbose output from the ssh client would confirm > > this. For example, I think the ssh2 protocol uses only dsa keys. > > -chris > The interesting thing is that the keys were generated by make host- > key, so I don't know why it's rejecting one. The even MORE > interesting thing is that by enabling PAM everything works - although > I still get DSA key rejects from the server. However, here is the > output of ssh -v -v -v from both machines: > > --- from athena to hermes --- > [EMAIL PROTECTED]:~$ ssh -v -v -v hermes > OpenSSH_2.5.2p2, SSH protocols 1.5/2.0, OpenSSL 0x0090600f > debug1: Seeding random number generator > debug1: Rhosts Authentication disabled, originating port will not be > trusted. > debug1: ssh_connect: getuid 1000 geteuid 0 anon 1 > debug1: Connecting to hermes [10.0.0.66] port 22. > debug1: Connection established. > debug1: unknown identity file /home/lfabio/.ssh/identity > debug1: identity file /home/lfabio/.ssh/identity type -1 > debug1: unknown identity file /home/lfabio/.ssh/id_rsa > debug1: identity file /home/lfabio/.ssh/id_rsa type -1 > debug1: unknown identity file /home/lfabio/.ssh/id_dsa > debug1: identity file /home/lfabio/.ssh/id_dsa type -1 > debug1: Remote protocol version 1.99, remote software version > OpenSSH_2.5.2p2 > debug1: match: OpenSSH_2.5.2p2 pat ^OpenSSH > debug1: Local version string SSH-1.5-OpenSSH_2.5.2p2 > debug1: Waiting for server public key. > debug1: Received server public key (768 bits) and host key (1024 > bits). > The authenticity of host 'hermes (10.0.0.66)' can't be established. > RSA1 key fingerprint is > b0:79:4b:4b:6a:2c:3d:99:a3:d4:f9:f9:93:18:6d:c0. > Are you sure you want to continue connecting (yes/no)? yes > Warning: Permanently added 'hermes,10.0.0.66' (RSA1) to the list of > known hosts. > debug1: Encryption type: 3des > debug1: Sent encrypted session key. > debug1: Installing crc compensation attack detector. > debug1: Received encrypted confirmation. > debug1: Doing password authentication. > [EMAIL PROTECTED]'s password: > debug1: Requesting pty. > debug1: Requesting shell. > debug1: Entering interactive session. > --- end --- > > --- from hermes to athena ---- > [EMAIL PROTECTED]:~$ ssh -v -v -v athena > OpenSSH_2.5.2p2, SSH protocols 1.5/2.0, OpenSSL 0x0090600f > debug1: Seeding random number generator > debug1: Rhosts Authentication disabled, originating port will not be > trusted. > debug1: ssh_connect: getuid 1000 geteuid 0 anon 1 > debug1: Connecting to athena [10.0.0.65] port 22. > debug1: Connection established. > debug1: unknown identity file /home/lfabio/.ssh/identity > debug1: identity file /home/lfabio/.ssh/identity type -1 > debug1: unknown identity file /home/lfabio/.ssh/id_rsa > debug1: identity file /home/lfabio/.ssh/id_rsa type -1 > debug1: unknown identity file /home/lfabio/.ssh/id_dsa > debug1: identity file /home/lfabio/.ssh/id_dsa type -1 > debug1: Remote protocol version 1.99, remote software version > OpenSSH_2.5.2p2 > debug1: match: OpenSSH_2.5.2p2 pat ^OpenSSH > debug1: Local version string SSH-1.5-OpenSSH_2.5.2p2 > debug1: Waiting for server public key. > debug1: Received server public key (768 bits) and host key (1024 > bits). > The authenticity of host 'athena (10.0.0.65)' can't be established. > RSA1 key fingerprint is > 65:f6:cb:10:02:c0:41:32:22:61:b0:d3:ef:37:e0:c4. > Are you sure you want to continue connecting (yes/no)? yes > Warning: Permanently added 'athena,10.0.0.65' (RSA1) to the list of > known hosts. > debug1: Encryption type: 3des > debug1: Sent encrypted session key. > debug1: Installing crc compensation attack detector. > debug1: Received encrypted confirmation. > debug1: Doing password authentication. > [EMAIL PROTECTED]'s password: > debug1: Requesting pty. > debug1: Requesting shell. > debug1: Entering interactive session. > --- end --- > > The interesting part is that if i ssh -2 forcing the V2 protocol, > which I prefer, I get a lot more debug stuff - but still no errors. > > Nonetheless, I'd really like to know why ssh wasn't running without > PAM, especially since it's the only programme which gives me trouble. > Everything else, from sendmail to apache to proftp to pop3d... works > fine on the first try on both machines (and several others, I might > add). > > > Regards, > Luigi Fabio - [EMAIL PROTECTED] >
