20037 – openssh doesn't work with .shosts

Bug 20037 - openssh doesn't work with .shosts

Summary: openssh doesn't work with .shosts

Keywords:
Status:	CLOSED NOTABUG
Alias:	None
Product:	Red Hat Linux
Classification:	Retired
Component:	openssh
Sub Component:
Version:	7.0
Hardware:	i386
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Nalin Dahyabhai
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2000-10-30 13:50 UTC by Luca Bonomi
Modified:	2008-05-01 15:37 UTC (History)
CC List:	1 user (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2000-10-30 13:50:23 UTC
Embargoed:

Attachments	(Terms of Use)

Description Luca Bonomi 2000-10-30 13:50:21 UTC

Hi,
  
Since I've switched to RedHat 7.0 and to openssh, I cannot connect with ssh
without typing the password.
The machine I'm connecting from is included in the /etc/hosts.equiv and its
key is in the /etc/ssh/ssh_known_hosts. 
Shouldn't this be enough for having a ssh connection without password?
Note that not even the ~/.shosts file improves the situation.
  
 I include the output from "ssh -v":
  
 ssh -v xxxx
 SSH Version OpenSSH_2.2.0p1, protocol versions 1.5/2.0.
 Compiled with SSL (0x0090581f).
 debug: Reading configuration data /etc/ssh/ssh_config
 debug: Applying options for *
 debug: Seeding random number generator
 debug: ssh_connect: getuid 2146 geteuid 0 anon 0
 debug: Connecting to xxxx.fysik.dtu.dk [130.225.86.12] port 22.
 debug: Allocated local port 1021.
 debug: Connection established.
 debug: Remote protocol version 1.99, remote software version
 OpenSSH_2.2.0p1
 Enabling compatibility mode for protocol 2.0
 debug: Local version string SSH-2.0-OpenSSH_2.2.0p1
 debug: Seeding random number generator
 debug: send KEXINIT
 debug: done
 debug: wait KEXINIT
 debug: got kexinit: diffie-hellman-group1-sha1
 debug: got kexinit: ssh-dss
 debug: got kexinit: 3des-cbc,blowfish-cbc,arcfour,cast128-cbc
 debug: got kexinit: 3des-cbc,blowfish-cbc,arcfour,cast128-cbc
 debug: got kexinit: hmac-sha1,hmac-md5,hmac-ripemd160 debug:
got kexinit:
 hmac-sha1,hmac-md5,hmac-ripemd160 debug: got kexinit:
zlib,none
 debug: got kexinit: zlib,none
 debug: got kexinit:
 debug: got kexinit:
 debug: first kex follow: 0
 debug: reserved: 0
 debug: done
 debug: kex: server->client 3des-cbc hmac-sha1 none
 debug: kex: client->server 3des-cbc hmac-sha1 none
 debug: Sending SSH2_MSG_KEXDH_INIT.
 debug: bits set: 552/1024
 debug: Wait SSH2_MSG_KEXDH_REPLY.
 debug: Got SSH2_MSG_KEXDH_REPLY.
 debug: Host 'xxxx.fysik.dtu.dk' is known and matches the DSA host key.
debug: bits set: 476/1024
 debug: len 55 datafellows 0
 debug: dsa_verify: signature correct
 debug: Wait SSH2_MSG_NEWKEYS.
 debug: GOT SSH2_MSG_NEWKEYS.
 debug: send SSH2_MSG_NEWKEYS.
 debug: done: send SSH2_MSG_NEWKEYS.
 debug: done: KEX2.
 debug: send SSH2_MSG_SERVICE_REQUEST
 debug: service_accept: ssh-userauth
 debug: got SSH2_MSG_SERVICE_ACCEPT
 debug: authentications that can continue: publickey,password
 debug: key does not exist: /home/camp/luca/.ssh/id_dsa
 luca.dtu.dk's password:
  
 Thanks,
  
 Luca

Comment 1 Pekka Savola 2000-10-30 19:03:30 UTC

RhostsAuthentication does not work (or is intended to work) with SSHv2.

You can force Protocol 1, or (recommended) use RSAAuthentication with (empty) passphrase.

Note You need to log in before you can comment on or make changes to this bug.