Red Hat Bugzilla – Bug 54757
Openssh 2.9p2 is not compatible
Last modified: 2008-05-01 11:38:01 EDT
From Bugzilla Helper:
User-Agent: Mozilla/4.77 [en] (X11; U; Linux 2.4.10-ac4 i686)
Description of problem:
In order to talk to a bunch of machines, I need to use ssh version 1. The
2.9p2 version of openssh that I just downloaded via RHN is not compatible
with ssh1 to the extent that the old version was. Previously, I did not
need to modify /etc/ssh/ssh_config to specify the Protocol option, it would
automatically connect via ssh1 if I had ssh1 keys available (and no ssh2
keys). Now, it seems that I have to hardwire the Protocol to 1,2 to get it
to work. Here is my ssh_config file:
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. Use /etc/ssh/ssh_config file mentioned above
2. Only have .ssh/identify and no ssh2 id files
3. Do ssh-agent bash; ssh-add
4. Try to connect to ssh1 machines.
5. Watch it fail.
Actual Results: I get messages like:
The authenticity of host 'cse (220.127.116.11)' can't be established.
DSA key fingerprint is 65:23:04:63:7e:04:5b:e1:ba:84:b4:bf:46:1e:e2:d0.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'cse' (DSA) to the list of known hosts.
Permission denied (publickey,password).
Expected Results: I expected to connect via ssh1.
The protocol version is selected before authentication is performed, so when the
server offers protocol 2, the client attempts to use it. It's only then that
the presence of a key comes into play, and when one isn't found which can be
used with the protocol in use, a password prompt is issued. This is the
Try adding something similar to this to override for just the particular host: