Bug 104489 - Can not ssh to rawhide station
Can not ssh to rawhide station
Status: CLOSED RAWHIDE
Product: Red Hat Raw Hide
Classification: Retired
Component: openssh (Show other bugs)
1.0
All Linux
medium Severity medium
: ---
: ---
Assigned To: Nalin Dahyabhai
Brian Brock
:
Depends On:
Blocks: CambridgeBlocker
  Show dependency treegraph
 
Reported: 2003-09-16 07:38 EDT by Nicolas Mailhot
Modified: 2007-04-18 12:57 EDT (History)
4 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2003-09-26 08:02:38 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Nicolas Mailhot 2003-09-16 07:38:58 EDT
The latest rawhide upgrade broke ssh-ing to my station (from the station works)

Setup is a bit particular :
- auth is done via key, not password
- user public info is provided by a ldap server
- passwords are in a kerberos server.

This worked fine in RH8 and RH9, and syster RH8 stations still work, but somehow
ssh-ing to the rawhide one does not work

ssh-ing with password to root which is a local (not ldap+krb) user is still ok
though

Versions :
 
openssh-clients-3.6.1p2-4
openssh-server-3.6.1p2-4
openssh-3.6.1p2-4
openssh-askpass-gnome-3.6.1p2-4
openssh-askpass-3.6.1p2-4
krb5-devel-1.3.1-4
pam_krb5-2.0.2-1
krbafs-1.2.2-1
krbafs-devel-1.2.2-1
krb5-libs-1.3.1-4
docbook-style-dsssl-1.78-2
mod_ssl-2.0.47-6
openssl-0.9.7a-17
openssl-devel-0.9.7a-17
openldap-devel-2.1.22-5
nss_ldap-207-3
openldap-2.1.22-5

Failure logs :

[nim@ulysse nim]$ ssh -v ulysse
OpenSSH_3.6.1p2, SSH protocols 1.5/2.0, OpenSSL 0x0090701f
debug1: Reading configuration data /home/nim/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: Connecting to ulysse [192.168.1.40] port 22.
debug1: Connection established.
debug1: identity file /home/nim/.ssh/identity type 0
debug1: identity file /home/nim/.ssh/id_rsa type -1
debug1: identity file /home/nim/.ssh/id_dsa type 2
debug1: Remote protocol version 1.99, remote software version OpenSSH_3.6.1p2
debug1: match: OpenSSH_3.6.1p2 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_3.6.1p2
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'ulysse' is known and matches the RSA host key.
debug1: Found key in /home/nim/.ssh/known_hosts:26
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Trying private key: /home/nim/.ssh/id_rsa
debug1: Offering public key: /home/nim/.ssh/id_dsa
debug1: Server accepts key: pkalg ssh-dss blen 434 lastkey 0x830cb68 hint 2
debug1: read PEM private key done: type DSA
debug1: Authentication succeeded (publickey).
debug1: channel 0: new [client-session]
debug1: Entering interactive session.
debug1: channel_free: channel 0: client-session, nchannels 1
Read from remote host ulysse: Connection reset by peer
Connection to ulysse closed.
debug1: Transferred: stdin 0, stdout 0, stderr 86 bytes in 0.2 seconds
debug1: Bytes per second: stdin 0.0, stdout 0.0, stderr 523.5
debug1: Exit status -1

In /var/log/messages :

Sep 16 13:38:22 ulysse sshd(pam_unix)[15655]: check pass; user unknown
Sep 16 13:38:22 ulysse sshd(pam_unix)[15655]: authentication failure; logname=
uid=0 euid=0 tty=NODEVssh ruser= rhost=ulysse.olympe.o2t
Sep 16 13:38:23 ulysse sshd[15655]: pam_krb5[15655]: disallowing NULL authtok
for 'nim'
Sep 16 13:38:23 ulysse sshd[15655]: pam_krb5[15655]: authentication fails for
'nim': Authentication failure (Generic error (see e-text))
Comment 1 Nicolas Mailhot 2003-09-26 08:02:38 EDT
Well, people are once again using my box to burn stuff remotely so I guess it's
fixed (the sneaky bastards didn't even notify me - I had to find a blank CD in
the burner to notice it;)

openssh-3.4p1-7
openssl-0.9.6b-33
krb5-libs-1.2.5-15
pam-0.77-3
pam_krb5-2.0.3-1

Note You need to log in before you can comment on or make changes to this bug.