Re: 3.7.1p2 client ignores rsa2 public key authentication on HPUX 10.20

• Previous message: Bill: "what is BSD-style authentication in auth-bsdauth"
• In reply to: Darren Tucker: "Re: 3.7.1p2 client ignores rsa2 public key authentication on HPUX 10.20"
• Next in thread: Darren Tucker: "Re: 3.7.1p2 client ignores rsa2 public key authentication on HPUX 10.20"
• Reply: Darren Tucker: "Re: 3.7.1p2 client ignores rsa2 public key authentication on HPUX 10.20"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Thu, 26 Feb 2004 13:42:36 +0100
To: Darren Tucker <dtucker@zip.com.au>

Darren Tucker wrote:

>> Thanks for your answer but unfortunately it did not solve the problem.
>> I still can only get publickey authentication using an rsa1 key pair
>> whereas rsa2 or dsa key pairs are simply ignored.
>> It seems 3.7 is not recognizing rsa2 features properly. I have heard
>> from some HP guys that they turned back to 3.6
>>
>> > debug1: identity file /home/peterk/.ssh/id_rsa type -1
>> ^^^^^^^
>> Where can I find information what the type meanings are?
>
>
> Read the source :-)
>
> In this case, type = -1 means that the file was not recognised as a
> public key. What were the debug lines preceding that one? They'll be
> from key_load_public and friends.

In fact I did look into the source but I could not find a detailed
description of the type meanings.
When I use the same key pair from Linux I do also get a type -1 output
but the key authenticates without problems, so the meaning must be
somewhat different. See below for a more detailed debug output

>
> Another wild guess: does OpenSSL's self tests (ie "make test") pass?

make test passes without errors.

Peter

debug1: Connection established.
debug1: identity file /home/peterk/.ssh/identity type 0
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug2: key_type_from_name: unknown key type '-----END'
debug1: identity file /home/peterk/.ssh/id_rsa type -1
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug2: key_type_from_name: unknown key type '-----END'
debug1: identity file /home/peterk/.ssh/id_dsa type -1
debug1: Remote protocol version 1.99, remote software version
OpenSSH_3.7.1p2
debug1: match: OpenSSH_3.7.1p2 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_3.7.1p2
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
 . . .
debug2: bits set: 1603/3191
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'xxxxxxx' is known and matches the RSA host key.
debug1: Found key in /home/peterk/.ssh/known_hosts:5
debug2: bits set: 1557/3191
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
HP-UX xxxxxxx B.10.20 A
debug1: Authentications that can continue:
publickey,password,keyboard-interactive
debug1: Next authentication method: publickey
debug2: we did not send a packet, disable method
debug1: Next authentication method: keyboard-interactive
debug2: userauth_kbdint
debug2: we sent a keyboard-interactive packet, wait for reply
debug1: Authentications that can continue:
publickey,password,keyboard-interactive
debug2: we did not send a packet, disable method
debug1: Next authentication method: password

And here's what it says on Linux
debug1: Connection established.
debug1: identity file /home/peterk/.ssh/identity type -1
debug1: identity file /home/peterk/.ssh/id_rsa type -1
debug1: identity file /home/peterk/.ssh/id_dsa type -1
debug1: Remote protocol version 1.99, remote software version
OpenSSH_3.7.1p2
debug1: match: OpenSSH_3.7.1p2 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_3.6.1p2
debug1: SSH2_MSG_KEXINIT sent
. . . .
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'xxxxxx' is known and matches the RSA host key.
debug1: Found key in /home/peterk/.ssh/known_hosts:3
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
HP-UX xxxxxx B.10.20
debug1: Authentications that can continue:
publickey,password,keyboard-interact
ive
debug1: Next authentication method: publickey
debug1: Trying private key: /home/peterk/.ssh/identity
debug1: Trying private key: /home/peterk/.ssh/id_rsa
debug1: read PEM private key done: type RSA
debug1: Authentication succeeded (publickey).

• Previous message: Bill: "what is BSD-style authentication in auth-bsdauth"
• In reply to: Darren Tucker: "Re: 3.7.1p2 client ignores rsa2 public key authentication on HPUX 10.20"
• Next in thread: Darren Tucker: "Re: 3.7.1p2 client ignores rsa2 public key authentication on HPUX 10.20"
• Reply: Darren Tucker: "Re: 3.7.1p2 client ignores rsa2 public key authentication on HPUX 10.20"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]