Bug 29540 - sftp: auth via rsa key is broken
Summary: sftp: auth via rsa key is broken
Keywords:
Status: CLOSED RAWHIDE
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: openssh
Version: 7.1
Hardware: i386
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Nalin Dahyabhai
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2001-02-26 13:02 UTC by Gerald Teschl
Modified: 2008-05-01 15:37 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2001-03-23 14:18:13 UTC
Embargoed:

Attachments (Terms of Use)

Description Gerald Teschl 2001-02-26 13:02:15 UTC 
I just tested out sftp and noted that I cannot login automatically with my
public rsa key (ssh,scp work fine). Then I found out that it uses protocol
2.
However, I have "Protocol 1,2" in both
~/.ssh/config and /etc/ssh_config. I also tried -o "Protocol 1" but it
seems to ignore it.
Comment 1 Nalin Dahyabhai 2001-02-26 20:29:48 UTC 
This is an interaction between how the sftp and ssh clients parse their
command-line arguments, specifically the 'protocol', 'forwardagent', and
'forwardx11' options.  You can see this if you add "-v -v" to the list of
options when starting sftp.

The 2.5.1p1-5 package (coming soon to Raw Hide) will add a patch to fix this. 
As a workaround, you can specify "-1" in the list of options to force protocol
1.
Comment 2 Gerald Teschl 2001-02-27 15:18:41 UTC 
Now it doesn't work at all :

[gerald@soliton gerald]$ rpm -q openssh
openssh-2.5.1p1-5
[gerald@soliton gerald]$ sftp localhost
Connecting to localhost...
xfree: NULL pointer given as argument
Couldn't read packet: Connection reset by peer
Comment 3 Pekka Savola 2001-02-28 20:22:27 UTC 
with openssh,

 xfree: NULL pointer given as argument 

almost always signifies openssl version mismatch (usually 0.9.6 vs 0.9.5a) between compiled && installed versions.  

Is your openssl good?  You could try --rebuild openssh to make sure this is not the case.
Comment 4 Gerald Teschl 2001-03-01 15:06:10 UTC 
I am using the current packages from rawhide: 
[gerald@soliton gerald]# rpm -q openssl openssh
openssl-0.9.5a-27
openssh-2.5.1p1-5

I use Protocol 1,2 in my config file

---------------------------------
[gerald@soliton gerald]$ ssh localhost
Last login: Thu Mar  1 17:02:12 2001 from localhost.localdomain
[gerald@soliton gerald]$
---------------------------------
[gerald@soliton gerald]$ sftp -1 localhost
Connecting to localhost...
sftp>
---------------------------------
[gerald@soliton gerald]$ sftp localhost
Connecting to localhost...
Connection closed by 127.0.0.1
Couldn't read packet: Connection reset by peer
[gerald@soliton gerald]$
Comment 5 Gerald Teschl 2001-03-01 15:09:45 UTC 
I recompiled the packages on a 7.0 box: Config still is Protocol 1,2 but sftp
still uses
das unless -1 is given on the command line:
---------------------------------------------------
[gerald@keen gerald]$ rpm -q openssh openssl
openssh-2.5.1p1-5
openssl-0.9.5a-14
[gerald@keen gerald]$ ssh localhost
Last login: Thu Mar  1 15:59:36 2001 from soliton.mat.univie.ac.at
Thu Mar  1 16:06:45 CET 2001
[gerald@keen gerald]$ exit
logout
Connection to localhost closed.
[gerald@keen gerald]$ sftp localhost
Connecting to localhost...
Enter passphrase for key '/users/gerald/.ssh/id_dsa':
gerald@localhost's password:
sftp> quit
[gerald@keen gerald]$ sftp -1 localhost
Connecting to localhost...
sftp> quit
[gerald@keen gerald]$
Comment 6 Gerald Teschl 2001-03-23 14:18:02 UTC 
Works in openssh-2.5.2p1-1
Note You need to log in before you can comment on or make changes to this bug.