Bug 144856

Summary: Cannot connect with Kerberized PuTTY to GSSAPI enable openssh server
Product: [Fedora] Fedora Reporter: Orion Poplawski <orion>
Component: opensshAssignee: Nalin Dahyabhai <nalin>
Status: CLOSED NOTABUG QA Contact: Brian Brock <bbrock>
Severity: medium Docs Contact:
Priority: medium    
Version: 3   
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2005-01-14 18:53:00 EST Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Description Orion Poplawski 2005-01-11 18:42:35 EST
Description of problem:

Some of our users use the Kerberized PuTTY at
http://kirby.hpcmp.hpc.mil/clients/kfw_20040914a_setup.exe.  This
connects fine to FC1 systems, but fails when connecting to the GSSAPI
enabled openssh daemon on FC3.

Even with GSSAPI disabled in PuTTY, the sever will close the
connection.  Debugging on the server reports:

Jan 11 16:20:27 coop00 sshd[16707]: debug1: rexec start in 4 out 4
newsock 4 pipe 6 sock7
Jan 11 16:20:27 coop00 sshd[16692]: debug1: Forked child 16707.
Jan 11 16:20:27 coop00 sshd[16707]: debug1: inetd sockets after
dupping: 3, 3
Jan 11 16:20:27 coop00 sshd[16707]: Connection from 192.168.0.86 port 1047
Jan 11 16:20:27 coop00 sshd[16707]: debug1: Client protocol version
2.0; client softwareversion PuTTY-Release-0.55
Jan 11 16:20:27 coop00 sshd[16707]: debug1: no match: PuTTY-Release-0.55
Jan 11 16:20:27 coop00 sshd[16707]: debug1: Enabling compatibility
mode for protocol 2.0
Jan 11 16:20:27 coop00 sshd[16707]: debug1: Local version string
SSH-1.99-OpenSSH_3.9p1
Jan 11 16:20:27 coop00 sshd[16707]: debug2: fd 3 setting O_NONBLOCK
Jan 11 16:20:27 coop00 sshd[16707]: debug2: Network child is on pid 16710
Jan 11 16:20:27 coop00 sshd[16707]: debug3: preauth child monitor started
Jan 11 16:20:27 coop00 sshd[16707]: debug3: mm_request_receive entering
Jan 11 16:20:27 coop00 sshd[16707]: debug1: do_cleanup
Jan 11 16:20:27 coop00 sshd[16707]: debug1: PAM: cleanup
Jan 11 16:20:27 coop00 sshd[16707]: debug3: PAM: sshpam_thread_cleanup
entering

putty's log reports:

=~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2005.01.11 16:15:12
=~=~=~=~=~=~=~=~=~=~=~=
Event Log: Writing new session log (SSH packets mode) to file: putty.log
Event Log: Looking up host "coop00.cora.nwra.com"
Event Log: Connecting to 192.168.0.120 port 22
Event Log: Server version: SSH-1.99-OpenSSH_3.9p1
Event Log: We claim version: SSH-2.0-PuTTY-Release-0.55
Event Log: Using SSH protocol version 2
Incoming packet type 20 / 0x14 (SSH2_MSG_KEXINIT)
  00000000  0d 39 23 08 58 2f af 98 93 28 f4 93 f2 b0 a6 df 
.9#.X/...(......
  00000010  00 00 00 59 64 69 66 66 69 65 2d 68 65 6c 6c 6d 
...Ydiffie-hellm
  00000020  61 6e 2d 67 72 6f 75 70 2d 65 78 63 68 61 6e 67 
an-group-exchang
  00000030  65 2d 73 68 61 31 2c 64 69 66 66 69 65 2d 68 65 
e-sha1,diffie-he
  00000040  6c 6c 6d 61 6e 2d 67 72 6f 75 70 31 34 2d 73 68 
llman-group14-sh
  00000050  61 31 2c 64 69 66 66 69 65 2d 68 65 6c 6c 6d 61 
a1,diffie-hellma
  00000060  6e 2d 67 72 6f 75 70 31 2d 73 68 61 31 00 00 00 
n-group1-sha1...
  00000070  0f 73 73 68 2d 72 73 61 2c 73 73 68 2d 64 73 73 
.ssh-rsa,ssh-dss
  00000080  00 00 00 87 61 65 73 31 32 38 2d 63 62 63 2c 33 
....aes128-cbc,3
  00000090  64 65 73 2d 63 62 63 2c 62 6c 6f 77 66 69 73 68 
des-cbc,blowfish
  000000a0  2d 63 62 63 2c 63 61 73 74 31 32 38 2d 63 62 63 
-cbc,cast128-cbc
  000000b0  2c 61 72 63 66 6f 75 72 2c 61 65 73 31 39 32 2d 
,arcfour,aes192-
  000000c0  63 62 63 2c 61 65 73 32 35 36 2d 63 62 63 2c 72 
cbc,aes256-cbc,r
  000000d0  69 6a 6e 64 61 65 6c 2d 63 62 63 40 6c 79 73 61 
ijndael-cbc@lysa
  000000e0  74 6f 72 2e 6c 69 75 2e 73 65 2c 61 65 73 31 32 
tor.liu.se,aes12
  000000f0  38 2d 63 74 72 2c 61 65 73 31 39 32 2d 63 74 72 
8-ctr,aes192-ctr
  00000100  2c 61 65 73 32 35 36 2d 63 74 72 00 00 00 87 61 
,aes256-ctr....a
  00000110  65 73 31 32 38 2d 63 62 63 2c 33 64 65 73 2d 63 
es128-cbc,3des-c
  00000120  62 63 2c 62 6c 6f 77 66 69 73 68 2d 63 62 63 2c 
bc,blowfish-cbc,
  00000130  63 61 73 74 31 32 38 2d 63 62 63 2c 61 72 63 66 
cast128-cbc,arcf
  00000140  6f 75 72 2c 61 65 73 31 39 32 2d 63 62 63 2c 61 
our,aes192-cbc,a
  00000150  65 73 32 35 36 2d 63 62 63 2c 72 69 6a 6e 64 61 
es256-cbc,rijnda
  00000160  65 6c 2d 63 62 63 40 6c 79 73 61 74 6f 72 2e 6c 
el-cbc@lysator.l
  00000170  69 75 2e 73 65 2c 61 65 73 31 32 38 2d 63 74 72 
iu.se,aes128-ctr
  00000180  2c 61 65 73 31 39 32 2d 63 74 72 2c 61 65 73 32 
,aes192-ctr,aes2
  00000190  35 36 2d 63 74 72 00 00 00 55 68 6d 61 63 2d 6d 
56-ctr...Uhmac-m
  000001a0  64 35 2c 68 6d 61 63 2d 73 68 61 31 2c 68 6d 61 
d5,hmac-sha1,hma
  000001b0  63 2d 72 69 70 65 6d 64 31 36 30 2c 68 6d 61 63 
c-ripemd160,hmac
  000001c0  2d 72 69 70 65 6d 64 31 36 30 40 6f 70 65 6e 73 
-ripemd160@opens
  000001d0  73 68 2e 63 6f 6d 2c 68 6d 61 63 2d 73 68 61 31 
sh.com,hmac-sha1
  000001e0  2d 39 36 2c 68 6d 61 63 2d 6d 64 35 2d 39 36 00 
-96,hmac-md5-96.
  000001f0  00 00 55 68 6d 61 63 2d 6d 64 35 2c 68 6d 61 63 
..Uhmac-md5,hmac
  00000200  2d 73 68 61 31 2c 68 6d 61 63 2d 72 69 70 65 6d 
-sha1,hmac-ripem
  00000210  64 31 36 30 2c 68 6d 61 63 2d 72 69 70 65 6d 64 
d160,hmac-ripemd
  00000220  31 36 30 40 6f 70 65 6e 73 73 68 2e 63 6f 6d 2c 
160@openssh.com,
  00000230  68 6d 61 63 2d 73 68 61 31 2d 39 36 2c 68 6d 61 
hmac-sha1-96,hma
  00000240  63 2d 6d 64 35 2d 39 36 00 00 00 09 6e 6f 6e 65 
c-md5-96....none
  00000250  2c 7a 6c 69 62 00 00 00 09 6e 6f 6e 65 2c 7a 6c 
,zlib....none,zl
  00000260  69 62 00 00 00 00 00 00 00 00 00 00 00 00 00    
ib.............
Outgoing packet type 20 / 0x14 (SSH2_MSG_KEXINIT)
  00000000  d9 35 c3 59 0d 85 d0 fd f2 6e f9 0a 47 8d 4e 3e 
.5.Y.....n..G.N>
  00000010  00 00 00 3d 64 69 66 66 69 65 2d 68 65 6c 6c 6d 
...=diffie-hellm
  00000020  61 6e 2d 67 72 6f 75 70 2d 65 78 63 68 61 6e 67 
an-group-exchang
  00000030  65 2d 73 68 61 31 2c 64 69 66 66 69 65 2d 68 65 
e-sha1,diffie-he
  00000040  6c 6c 6d 61 6e 2d 67 72 6f 75 70 31 2d 73 68 61 
llman-group1-sha
  00000050  31 00 00 00 0f 73 73 68 2d 72 73 61 2c 73 73 68 
1....ssh-rsa,ssh
  00000060  2d 64 73 73 00 00 00 82 61 65 73 32 35 36 2d 63 
-dss....aes256-c
  00000070  62 63 2c 72 69 6a 6e 64 61 65 6c 32 35 36 2d 63 
bc,rijndael256-c
  00000080  62 63 2c 72 69 6a 6e 64 61 65 6c 2d 63 62 63 40 
bc,rijndael-cbc@
  00000090  6c 79 73 61 74 6f 72 2e 6c 69 75 2e 73 65 2c 61 
lysator.liu.se,a
  000000a0  65 73 31 39 32 2d 63 62 63 2c 72 69 6a 6e 64 61 
es192-cbc,rijnda
  000000b0  65 6c 31 39 32 2d 63 62 63 2c 61 65 73 31 32 38 
el192-cbc,aes128
  000000c0  2d 63 62 63 2c 72 69 6a 6e 64 61 65 6c 31 32 38 
-cbc,rijndael128
  000000d0  2d 63 62 63 2c 62 6c 6f 77 66 69 73 68 2d 63 62 
-cbc,blowfish-cb
  000000e0  63 2c 33 64 65 73 2d 63 62 63 00 00 00 82 61 65 
c,3des-cbc....ae
  000000f0  73 32 35 36 2d 63 62 63 2c 72 69 6a 6e 64 61 65 
s256-cbc,rijndae
  00000100  6c 32 35 36 2d 63 62 63 2c 72 69 6a 6e 64 61 65 
l256-cbc,rijndae
  00000110  6c 2d 63 62 63 40 6c 79 73 61 74 6f 72 2e 6c 69 
l-cbc@lysator.li
  00000120  75 2e 73 65 2c 61 65 73 31 39 32 2d 63 62 63 2c 
u.se,aes192-cbc,
  00000130  72 69 6a 6e 64 61 65 6c 31 39 32 2d 63 62 63 2c 
rijndael192-cbc,
  00000140  61 65 73 31 32 38 2d 63 62 63 2c 72 69 6a 6e 64 
aes128-cbc,rijnd
  00000150  61 65 6c 31 32 38 2d 63 62 63 2c 62 6c 6f 77 66 
ael128-cbc,blowf
  00000160  69 73 68 2d 63 62 63 2c 33 64 65 73 2d 63 62 63 
ish-cbc,3des-cbc
  00000170  00 00 00 17 68 6d 61 63 2d 73 68 61 31 2c 68 6d 
....hmac-sha1,hm
  00000180  61 63 2d 6d 64 35 2c 6e 6f 6e 65 00 00 00 17 68 
ac-md5,none....h
  00000190  6d 61 63 2d 73 68 61 31 2c 68 6d 61 63 2d 6d 64 
mac-sha1,hmac-md
  000001a0  35 2c 6e 6f 6e 65 00 00 00 0e 6e 6f 6e 65 2c 7a 
5,none....none,z
  000001b0  6c 69 62 2c 6e 6f 6e 65 00 00 00 0e 6e 6f 6e 65 
lib,none....none
  000001c0  2c 7a 6c 69 62 2c 6e 6f 6e 65 00 00 00 00 00 00 
,zlib,none......
  000001d0  00 00 00 00 00 00 00                             .......
Event Log: Doing Diffie-Hellman group exchange
Outgoing packet type 34 / 0x22 (SSH2_MSG_KEX_DH_GEX_REQUEST)
  00000000  00 00 08 00                                      ....

Version-Release number of selected component (if applicable):

openssh-3.9p1-7

How reproducible:

Every time.

Steps to Reproduce:
1.  Install above PuTTY
2.  Connect to FC3 system
3.
  
Actual results:


Expected results:


Additional info:
Comment 1 Orion Poplawski 2005-01-14 18:53:00 EST
This is a bug with the PuTTY software and has been resolved in a test version.