OpenSSH_3.4p1 and OpenSSH_2.5.2p2

From: Baharlouie, Masoud (
Date: 02/24/03

  • Next message: Shay B. Cohen: "PKI for secure authentication"
    From: "Baharlouie, Masoud" <>
    To: "''" <>
    Date: Mon, 24 Feb 2003 16:10:20 -0500

    We're using OpenSSH_2.5.2p2 on HP_UX 11.x (client side) and trying to
    connect to a server running OpenSSH_3.4p1 on Red Hat Linux 8.0.
    I have generated the DSA keys on the client side and transferred the public
    key to the server but all my attempts to connect using public key
    authentication have failed. I have successfully used my client to connect to
    other servers using same keys but those servers are running commercial
    versions of SSH (FSecure ver. 5.0) on Windows platform.

    I experience 2 distinctive problems. First, although the configuration on
    the server side says that the SSH2 should be used, the connection uses SSH1
    and I have to force it to use SSH2 (using -2 option). Second, when it uses
    SSH2, the public key authentication fails and it resorts to password
    authentication, which is not desirable.

    From my client side (OpenSSH_2.5.2p2) I can connect to other servers and
    even my own server (kind of recursive SSH) successfully using public key
    authentication but I had no success so far with this one. I played with
    different configurations like using Authorized_keys and authorized_keys2,
    id_dsa and id_rsa files, directory permissions and tweaking SSH daemon
    configuration on the server but nothing has worked so far.

    Is there an incompatibility problem between these 2 versions or have I
    missed something in my configuration that has caused this problem?

    Your help and consideration is very much appreciated.

    Masoud Baharlouie
    Certen Inc.
    NM1 Systems Integration

    Relevant Pages

    • [Full-disclosure] [GOATSE SECURITY] Clench: Goatses way to say "screw you" to certificate author
      ... Application layer authentication-inherent validation of public key ... Goatse Security’s new simple password-based authentication mechanism ... getting hundreds of thousands or millions of users to install a client ... client hashes locally and then sends the hash to the server. ...
    • Re: OpenVPN server mode usage?
      ... But an openvpn configuration shouldn't be depending upon dynamic dns. ... Have your dynamic IP client contact your server. ...
    • Re: Explanation of SSH
      ... I am still unclear on how SSH works exactly. ... Client issues SSH command and names server ... "Shopper" says "server sends back its public host and server keys ... Surely there is only one public key it sends ...
    • [NT] Dark Age of Camelot Man-In-The-Middle
      ... use of RSA public key cryptography and an RC4 based symmetric algorithm. ... Seeing the imminent release of code for cracking the game client (which ... At the beginning of each TCP session, the server sends a 1536 bit RSA ... void bytes_out(unsigned char *data, int len) ...
    • Re: Debian SSH server configuration
      ... I would like to configure a Debian server to only allow clients to ssh ... I don't want any client computers to be able to ssh into ... It sounds like what you are asking for is host based authentication, ... where the server check to make sure that it has the host public key ...