Bug 29540 - sftp: auth via rsa key is broken
sftp: auth via rsa key is broken
Status: CLOSED RAWHIDE
Product: Red Hat Linux
Classification: Retired
Component: openssh (Show other bugs)
7.1
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Nalin Dahyabhai
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2001-02-26 08:02 EST by Gerald Teschl
Modified: 2008-05-01 11:37 EDT (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2001-03-23 09:18:13 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Gerald Teschl 2001-02-26 08:02:15 EST
I just tested out sftp and noted that I cannot login automatically with my
public rsa key (ssh,scp work fine). Then I found out that it uses protocol
2.
However, I have "Protocol 1,2" in both
~/.ssh/config and /etc/ssh_config. I also tried -o "Protocol 1" but it
seems to ignore it.
Comment 1 Nalin Dahyabhai 2001-02-26 15:29:48 EST
This is an interaction between how the sftp and ssh clients parse their
command-line arguments, specifically the 'protocol', 'forwardagent', and
'forwardx11' options.  You can see this if you add "-v -v" to the list of
options when starting sftp.

The 2.5.1p1-5 package (coming soon to Raw Hide) will add a patch to fix this. 
As a workaround, you can specify "-1" in the list of options to force protocol
1.
Comment 2 Gerald Teschl 2001-02-27 10:18:41 EST
Now it doesn't work at all :

[gerald@soliton gerald]$ rpm -q openssh
openssh-2.5.1p1-5
[gerald@soliton gerald]$ sftp localhost
Connecting to localhost...
xfree: NULL pointer given as argument
Couldn't read packet: Connection reset by peer
Comment 3 Pekka Savola 2001-02-28 15:22:27 EST
with openssh,

 xfree: NULL pointer given as argument 

almost always signifies openssl version mismatch (usually 0.9.6 vs 0.9.5a) between compiled && installed versions.  

Is your openssl good?  You could try --rebuild openssh to make sure this is not the case.
Comment 4 Gerald Teschl 2001-03-01 10:06:10 EST
I am using the current packages from rawhide: 
[gerald@soliton gerald]# rpm -q openssl openssh
openssl-0.9.5a-27
openssh-2.5.1p1-5

I use Protocol 1,2 in my config file

---------------------------------
[gerald@soliton gerald]$ ssh localhost
Last login: Thu Mar  1 17:02:12 2001 from localhost.localdomain
[gerald@soliton gerald]$
---------------------------------
[gerald@soliton gerald]$ sftp -1 localhost
Connecting to localhost...
sftp>
---------------------------------
[gerald@soliton gerald]$ sftp localhost
Connecting to localhost...
Connection closed by 127.0.0.1
Couldn't read packet: Connection reset by peer
[gerald@soliton gerald]$
Comment 5 Gerald Teschl 2001-03-01 10:09:45 EST
I recompiled the packages on a 7.0 box: Config still is Protocol 1,2 but sftp
still uses
das unless -1 is given on the command line:
---------------------------------------------------
[gerald@keen gerald]$ rpm -q openssh openssl
openssh-2.5.1p1-5
openssl-0.9.5a-14
[gerald@keen gerald]$ ssh localhost
Last login: Thu Mar  1 15:59:36 2001 from soliton.mat.univie.ac.at
Thu Mar  1 16:06:45 CET 2001
[gerald@keen gerald]$ exit
logout
Connection to localhost closed.
[gerald@keen gerald]$ sftp localhost
Connecting to localhost...
Enter passphrase for key '/users/gerald/.ssh/id_dsa':
gerald@localhost's password:
sftp> quit
[gerald@keen gerald]$ sftp -1 localhost
Connecting to localhost...
sftp> quit
[gerald@keen gerald]$
Comment 6 Gerald Teschl 2001-03-23 09:18:02 EST
Works in openssh-2.5.2p1-1

Note You need to log in before you can comment on or make changes to this bug.