dsa authentication using ssh

Mark Hughes mark at dvdnews.co.uk
Fri Oct 26 04:31:08 BST 2001


I'm using freebsd 4.3-release, and trying to connect using DSA
authentication through SSH from my freebsd box to a remote box which is a
cobolt raq (spit!).

I've created all the keys, copied the public keys, and all that....running
ssh to the host in question gives:

SSH Version OpenSSH_2.3.0 green at FreeBSD.org 20010321, protocol versions
1.5/2.0.
Compiled with SSL (0x0090600f).
debug: Reading configuration data /home/mark/.ssh/config
debug: Applying options for *digitalspy.co.uk
debug: Reading configuration data /etc/ssh/ssh_config
debug: ssh_connect: getuid 0 geteuid 0 anon 0
debug: Connecting to digitalspy.co.uk [216.12.209.2] port 22.
debug: Allocated local port 1019.
debug: Connection established.
debug: Remote protocol version 2.0, remote software version OpenSSH_2.9p2
debug: no match: OpenSSH_2.9p2
Enabling compatibility mode for protocol 2.0
debug: Local version string SSH-2.0-OpenSSH_2.3.0 green at FreeBSD.org
20010321
debug: send KEXINIT
debug: done
debug: wait KEXINIT
debug: got kexinit:
diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
debug: got kexinit: ssh-dss
debug: got kexinit: 3des-cbc,blowfish-cbc,cast128-cbc,arcfour
debug: got kexinit: 3des-cbc,blowfish-cbc,cast128-cbc,arcfour
debug: got kexinit:
hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160 at openssh.com,hmac-sha1-96,h
mac-md5-96
debug: got kexinit:
hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160 at openssh.com,hmac-sha1-96,h
mac-md5-96
debug: got kexinit: none,zlib
debug: got kexinit: none,zlib
debug: got kexinit:
debug: got kexinit:
debug: first kex follow: 0
debug: reserved: 0
debug: done
debug: kex: server->client 3des-cbc hmac-sha1 none
debug: kex: client->server 3des-cbc hmac-sha1 none
debug: Sending SSH2_MSG_KEX_DH_GEX_REQUEST.
debug: Wait SSH2_MSG_KEX_DH_GEX_GROUP.
debug: Got SSH2_MSG_KEX_DH_GEX_GROUP.
debug: bits set: 1007/2049
debug: Sending SSH2_MSG_KEX_DH_GEX_INIT.
debug: Wait SSH2_MSG_KEX_DH_GEX_REPLY.
debug: Got SSH2_MSG_KEXDH_REPLY.
debug: Host 'digitalspy.co.uk' is known and matches the DSA host key.
debug: bits set: 1014/2049
debug: len 55 datafellows 0
debug: dsa_verify: signature correct
debug: Wait SSH2_MSG_NEWKEYS.
debug: GOT SSH2_MSG_NEWKEYS.
debug: send SSH2_MSG_NEWKEYS.
debug: done: send SSH2_MSG_NEWKEYS.
debug: done: KEX2.
debug: send SSH2_MSG_SERVICE_REQUEST
debug: service_accept: ssh-userauth
debug: got SSH2_MSG_SERVICE_ACCEPT
debug: authentications that can continue:
publickey,password,keyboard-interactive
debug: next auth method to try is publickey
debug: try pubkey: /home/mark/.ssh/id_dsa
debug: read DSA private key done
debug: sig size 20 20
debug: authentications that can continue:
publickey,password,keyboard-interactive
debug: next auth method to try is publickey
debug: no more auth methods to try
Unable to find an authentication method
debug: Calling cleanup 0x8058220(0x0)

Now it looks to me as though something is going wrong after the key has
been read - it doesn't even seem to be testing it before going on to the
next attempted thing....is this a bug, or am I doing something wrong?

Thanks in advance,
Mark






More information about the Ukfreebsd mailing list