Re: 3.7.1p2 client ignores rsa2 public key authentication on HPUX 10.20
From: Darren Tucker (dtucker_at_zip.com.au)
Date: 02/27/04
- Previous message: Dave Howe: "Re: Logging into SSH"
- In reply to: uxadm (pk): "Re: 3.7.1p2 client ignores rsa2 public key authentication on HPUX 10.20"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 27 Feb 2004 12:00:13 +1100 To: "uxadm (pk)" <uxadm@bbl.ms.philips.com>
uxadm (pk) wrote:
> Darren Tucker wrote:
>
>>> Thanks for your answer but unfortunately it did not solve the problem.
>>> I still can only get publickey authentication using an rsa1 key pair
>>> whereas rsa2 or dsa key pairs are simply ignored.
>>> It seems 3.7 is not recognizing rsa2 features properly. I have heard
>>> from some HP guys that they turned back to 3.6
>>>
>>> > debug1: identity file /home/peterk/.ssh/id_rsa type -1
>>> ^^^^^^^
>>> Where can I find information what the type meanings are?
>>
>> Read the source :-)
>>
>> In this case, type = -1 means that the file was not recognised as a
>> public key. What were the debug lines preceding that one? They'll be
>> from key_load_public and friends.
>
> In fact I did look into the source but I could not find a detailed
> description of the type meanings.
They're defined in key.h:
enum types {
KEY_RSA1,
KEY_RSA,
KEY_DSA,
KEY_UNSPEC
};
debug1: identity file /home/peterk/.ssh/id_rsa type -1
[...]
debug1: identity file /home/peterk/.ssh/id_dsa type -1
Are those valid public keys? Try reading them with the openssl command, eg:
$ openssl rsa -in $HOME/.ssh/id_rsa -noout
$ openssl dsa -in $HOME/.ssh/id_dsa -noout
Note: if you omit the -noout, *DO NOT* post the output.
> When I use the same key pair from Linux I do also get a type -1 output
> but the key authenticates without problems, so the meaning must be
> somewhat different. See below for a more detailed debug output
[...]
> And here's what it says on Linux
> debug1: Connection established.
> debug1: identity file /home/peterk/.ssh/identity type -1
> debug1: identity file /home/peterk/.ssh/id_rsa type -1
> debug1: identity file /home/peterk/.ssh/id_dsa type -1
And the authentication succeeds? That's odd. Here's what I get on
Linux (RH9, OpenSSH 3.8p1):
debug1: identity file /home/dtucker/.ssh/identity type 0
debug1: identity file /home/dtucker/.ssh/id_rsa type 1
debug1: identity file /home/dtucker/.ssh/id_dsa type 2
--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
- Previous message: Dave Howe: "Re: Logging into SSH"
- In reply to: uxadm (pk): "Re: 3.7.1p2 client ignores rsa2 public key authentication on HPUX 10.20"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
