trouble auto connecting ssh 3.6.1 (Solaris 8) to ssh 3.0.1 (Solaris 6)


 
Thread Tools Search this Thread
Operating Systems Solaris trouble auto connecting ssh 3.6.1 (Solaris 8) to ssh 3.0.1 (Solaris 6)
# 1  
Old 02-25-2005
Network trouble auto connecting ssh 3.6.1 (Solaris 8) to ssh 3.0.1 (Solaris 6)

I am currently setting up rdiff-backup to use ssh to connect and remotely backup and retrieve data. I am doing so by creating rsa keys for each server and copying the relevant key to the /.ssh folder on the relevant server.

All seems to work well when severs running solaris 8 with ssh 3.6.1 are talking to each other, but I have one server running solaris 6 with ssh 3.0.1 and it will not except the key being sent to it from the connecting server.

The connecting server is running solaris 8 with ssh 3.6.1.

On the Solaris 6 server in the / directory instead of a .ssh folder there is a .ssh2 folder. I have tried placing the public rsa key for the connecting server in the file "authorized_keys" and then "authorized_keys2" with no success.

Any suggestions??

Regards Tim

ssh -C -v 250
OpenSSH_3.6.1p1, SSH protocols 1.5/2.0, OpenSSL 0x0090702f
debug1: Reading configuration data //.ssh/config
debug1: Applying options for 250
debug1: Reading configuration data /usr/local/etc/ssh_config
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: Connecting to 195.248.193.250 [195.248.193.250] port 22.
debug1: Connection established.
debug1: identity file /.ssh/id_rsa_250 type 1
debug1: Remote protocol version 2.0, remote software version 3.0.1 SSH Secure Shell
debug1: match: 3.0.1 SSH Secure Shell pat 3.0.*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_3.6.1p1
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 zlib
debug1: kex: client->server aes128-cbc hmac-md5 zlib
debug1: sending SSH2_MSG_KEXDH_INIT
debug1: expecting SSH2_MSG_KEXDH_REPLY
debug1: Host '195.248.193.250' is known and matches the DSA host key.
debug1: Found key in /.ssh/known_hosts:5
debug1: ssh_dss_verify: signature correct
debug1: Enabling compression at level 6.
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: publickey
debug1: Offering public key: /.ssh/id_rsa_250
debug1: Authentications that can continue: publickey,password
debug1: Next authentication method: password
root@195.248.193.250's password:
# 2  
Old 02-25-2005
When you try and connect from machine A to machine B, do you get any kind of errors, or does it just fall back to the password prompt after it fails on the key?

Have you also tried specifying the key that you want to use when testing with the ssh client using the -i switch poited at your identity file?

What does the sshd_config file look like on the system you are trying to connect to? Perhaps it's not set to use auth keys?

UPDATE: Woops. Sorry, I didn't see the end there. So you are getting the password prompt. From the rest of the debug it does look like you are getting in with the key but then get prompted for auth again. I know this is really basic, but have you checked perms on your SSH server's .ssh/authorized_keys file to make certain they are mode 600? One final thing... have you tried openinging both your identity file on the client and the authorized_keys file in a text editor to verify that the key string is one line without returns at the end? That usually seems to be the most common cause of getting the password prompt with auth keys set up in my experience.

Last edited by deckard; 02-25-2005 at 12:03 PM..
# 3  
Old 02-25-2005
Thanks for replying to my plea for help.

On server a the .ssh folder is named ".ssh" where on server be the folder is named ".ssh2".

Could this be something to do with my problems?
# 4  
Old 02-25-2005
Worth a shot to create a .ssh directory on system B and then copy your authorization key to that dir from .ssh2 (note I stated copy, not move).

It going to be hard to find someone with the same versions that you are attempting to use - plus the fact that there have been security issues with the older version you are running. It may be easier in the long run to upgrade to the one you are running currently on the other servers.
# 5  
Old 02-25-2005
Well I would prefer to upgrade the version on server B. Only problem is I managed to kill a server earler on in this week when I tried up grading ssh.
I installed ssh and found it would not work due to my "prng not being seeded".
I have had problems before when trying to install ssh after "yassp" has all ready been installed. so I rolled backup the yassp and restarted which had the same effect of sitting out on a limb of a tree with saw cutting the wrong side. Luckely the murdered email server was only running a Communigate Pro post office, which is the easiest program ever to install and recover.

This server B is our DNS server and I'm not over confidant I could rebuild it if I needed to.
# 6  
Old 02-26-2005
Well... I re-iterate what RTM said. Try copying your .ssh2 dir to .ssh and see if that fixes the problem. Also, check your 'sshd_config' file and see where the "AuthorizedKeysFile" option is set to look for your server side authorized_keys file. The line should normally look like this:

AuthorizedKeysFile .ssh/authorized_keys

Or... if you want to use the .ssh2 dir, then it should look like this:

AuthorizedKeysFile .ssh2/authorized_keys

I'm not sure where your sshd_config file would be located on your server, so you might need to use 'find' to locate it.
# 7  
Old 03-01-2005
Thanks for all the help guys. I have come across a document on the web saying that if I want to connect via keys from openssh to ssh I need to convert the openssh key to ssh. I will have a play with this and see how it goes.

Once again I appriciate all the advice I have recieved.

regards,

Tim
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Solaris

Solaris 9 - SSH 40 Second Delay

I'm having an issue with SSH on a server that hasn't had any configuration changes made on it in a long time. I SSH to the server and it hangs at "debug1: SSH2_MSG_KEXINIT sent" for exactly 40 seconds then connects fine after that pause. Everything I have found points to DNS, but I use host files... (19 Replies)
Discussion started by: kingdbag
19 Replies

2. IP Networking

Cant SSH Solaris servers

Hi all. Im working in a telco Environment and recently setup a new server. The other servers are a combination of Solaris + Linux machines. Using my new server , I can ping all other servers ( solaris + redhat linux ) but the issue lies where I try to ssh. I can only successfully ssh linux... (3 Replies)
Discussion started by: Junaid Subhani
3 Replies

3. Solaris

Solaris ssh client hangs when connecting to another Solaris machine

Got a strange problem. I have 4 Solaris servers all configured the same, Solaris 10 x86 update 10. When I try to ssh from one Solaris 10 server to another server ssh hangs. I have an identical server and when I try this everything works fine. The weird thing is if I am root on the server... (1 Reply)
Discussion started by: ccj4467
1 Replies

4. Solaris

Solaris 10 - ssh out ok, but ssh in not

Hi, It's a Solaris 10 zone. I can ssh to other systems without problems, but can not ssh to it (output attached). I don't think there is a firewall here. /etc/ipf/ipf.conf contains nothing. What could be the problem cause? Please help. Thank you in advance! sshclient$ ssh -v thiserver... (1 Reply)
Discussion started by: aixlover
1 Replies

5. Solaris

Unable to login using ssh,telnet onto my solaris machine with solaris 10 installed

Hi, I am unable to login into my terminal hosting Solaris 10 and get the below error message "Server refused to allocate pty ld.so.1: sh: fatal: libc.so.1: open failed: No such file or directory " Is there anyways i can get into my machine and what kind of changes are required to be... (7 Replies)
Discussion started by: sankasu
7 Replies

6. Solaris

How to use SSH in Solaris 10?

Hi, I m new to Sun Solaris. I've only changed the PermitRootLogin from no to yes, so that I can login as root from Window vista by using Putty.exe. Then I can create new users and change password. Except the above configuration, i have do nothing to my SSH server. Am I need to generate... (5 Replies)
Discussion started by: stacychiam
5 Replies

7. Solaris

SSH configuration in solaris 10

hye guys..i'm new here..just want to ask how to configure SSH service in solaris 10?? hope you all will help me..tq (2 Replies)
Discussion started by: FaiRiZuL
2 Replies

8. Solaris

ssh for solaris 8

Hi all, i need to run ssh for solaris 8 my server version is SunOS myserver 5.8 Generic_117350-25 sun4u sparc SUNW,Sun-Fire-880 wher i can get this? pls help Thanx n Regards/Ajay (3 Replies)
Discussion started by: ajays
3 Replies

9. Solaris

Solaris 8 ssh -X woes

howdy, I have a couple of headless Solaris 8 servers i can access via ssh for basic periodic patching. I would like to use the X server to access some of the apps that reside there also, but when i start X it errors out, complaining it can't find /dev/fb. Is there a way to bypass the... (3 Replies)
Discussion started by: [MA]Flying_Meat
3 Replies

10. UNIX for Advanced & Expert Users

SSH Solaris 9 and SSH_CLIENT

Hi all... When i send a command via ssh, from a hp10.20 to a sol9 server, i get the following: # ssh mouton uname -a mouton root's password: Of course, after giving the passwd, it works. I'd like to be able to send commands without giving this password. When i set the sshd in debug mode... (1 Reply)
Discussion started by: penguin-friend
1 Replies
Login or Register to Ask a Question