Login Problem using SSh in Solaris

From: Singhal, Ankit (Ankit) (asinghal_at_lucent.com)
Date: 08/16/04

  • Next message: Sven Maier: "Problem tunneling X11 on AIX"
    To: "'secureshell@securityfocus.com'" <secureshell@securityfocus.com>
    Date: Mon, 16 Aug 2004 18:17:57 +0530
    
    

    Hi

    I have two servers A and B.
    From A i want to Login to B as "root" through ssh.

    In A i generate keys using ssh-keygen -t dsa.

    I put the public keys of A in the authorized-key file of B.

    Now when i do ssh B -l root

    it gives me following error

    Connection closed by 0.0.0.0

    But if i remove the authorized files and do the login with password
    authentications, it allows me to login. Can any one give a solution for it.

    The Debug Dump is as follows:

    ================================
    SSH Version Sun_SSH_1.0, protocol versions 1.5/2.0.
    debug1: Reading configuration data /etc/ssh/ssh_config
    debug1: ssh_connect: getuid 0 geteuid 0 anon 0
    debug1: Connecting to 135.254.219.28 [135.254.219.28] port 22.
    debug1: Allocated local port 1023.
    debug1: Connection established.
    debug1: identity file //.ssh/identity type 3
    debug1: identity file //.ssh/id_rsa type 3
    debug1: Bad RSA1 key file //.ssh/id_dsa.
    debug1: identity file //.ssh/id_dsa type 3
    debug1: Remote protocol version 2.0, remote software version Sun_SSH_1.0
    debug1: match: Sun_SSH_1.0 pat ^Sun_SSH_1\.0
    Enabling compatibility mode for protocol 2.0
    debug1: Local version string SSH-2.0-Sun_SSH_1.0
    debug1: sent kexinit: diffie-hellman-group1-sha1
    debug1: sent kexinit: ssh-rsa,ssh-dss
    debug1: sent kexinit: aes128-cbc,blowfish-cbc,3des-cbc,rijndael128-cbc
    debug1: sent kexinit: aes128-cbc,blowfish-cbc,3des-cbc,rijndael128-cbc
    debug1: sent kexinit: hmac-sha1,hmac-md5
    debug1: sent kexinit: hmac-sha1,hmac-md5
    debug1: sent kexinit: none
    debug1: sent kexinit: none
    debug1: sent kexinit:
    debug1: sent kexinit:
    debug1: send KEXINIT
    debug1: done
    debug1: wait KEXINIT
    debug1: got kexinit: diffie-hellman-group1-sha1
    debug1: got kexinit: ssh-rsa,ssh-dss
    debug1: got kexinit: aes128-cbc,blowfish-cbc,3des-cbc
    debug1: got kexinit: aes128-cbc,blowfish-cbc,3des-cbc
    debug1: got kexinit: hmac-sha1,hmac-md5
    debug1: got kexinit: hmac-sha1,hmac-md5
    debug1: got kexinit: none,zlib
    debug1: got kexinit: none,zlib
    debug1: got kexinit:
    ,zh_HK.BIG5HK,zh_HK.UTF-8,zh_HK.BIG5HK@radical,zh_HK.BIG5HK@
    stroke,zh_HK.UTF-8@radical,zh_HK.UTF-8@stroke,zh_TW,zh_TW.BI
    G5,zh_TW.EUC,zh_TW.UTF-8,zh_TW.BIG5@pinyin,zh_TW.BIG5@radica
    l,zh_TW.BIG5@stroke,zh_TW.BIG5@zhuyin,zh_TW.EUC@pinyin,zh_TW
    .EUC@radical,zh_TW.EUC@stroke,zh_TW.EUC@zhuyin,zh_TW.UTF-8@p
    inyin,zh_TW.UTF-8@radical,zh_TW.UTF-8@stroke,zh_TW.UTF-8@zhu
    yin,geo,lcttab,ja,iso_8859_13,iso_8859_15,iso_8859_1,iso_885
    9_2,iso_8859_5,iso_8859_7,iso_8859_9,it,it.UTF-8,en_AU,en_AU
    .ISO8859-1,en_NZ,en_NZ.ISO8859-1,zh,zh.GBK,zh.UTF-8,zh_CN.EU
    C,zh_CN.GBK,zh_CN.UTF-8,es,es_CR,es_CR.ISO8859-1,es_GT,es_GT
    .ISO8859-1,es_NI,es_NI.ISO8859-1,es_PA,es_PA.ISO8859-1,es_SV
    ,es_SV.ISO8859-1,hi_IN.UTF-8,cs_CZ,cs_CZ.ISO8859-2,cz,de,de.
    ISO8859-15,de.UTF-8,de_AT,de_AT.ISO8859-1,de_AT.ISO8859-15,d
    e_AT.ISO8859-15@euro,de_CH,de_CH.ISO8859-1,de_DE,fr,de_DE.IS
    O8859-1,de_DE.ISO8859-15,de_DE.ISO8859-15@euro,de_DE.UTF-8,d
    e_DE.UTF-8@euro,fr_CH,fr_CH.ISO8859-1,hu,hu_HU,hu_HU.ISO8859
    -2,pl,pl.UTF-8,pl_PL,pl_PL.ISO8859-2,pl_PL
    debug1: got kexinit:
    ,zh_HK.BIG5HK,zh_HK.UTF-8,zh_HK.BIG5HK@radical,zh_HK.BIG5HK@
    stroke,zh_HK.UTF-8@radical,zh_HK.UTF-8@stroke,zh_TW,zh_TW.BI
    G5,zh_TW.EUC,zh_TW.UTF-8,zh_TW.BIG5@pinyin,zh_TW.BIG5@radica
    l,zh_TW.BIG5@stroke,zh_TW.BIG5@zhuyin,zh_TW.EUC@pinyin,zh_TW
    .EUC@radical,zh_TW.EUC@stroke,zh_TW.EUC@zhuyin,zh_TW.UTF-8@p
    inyin,zh_TW.UTF-8@radical,zh_TW.UTF-8@stroke,zh_TW.UTF-8@zhu
    yin,geo,lcttab,ja,iso_8859_13,iso_8859_15,iso_8859_1,iso_885
    9_2,iso_8859_5,iso_8859_7,iso_8859_9,it,it.UTF-8,en_AU,en_AU
    .ISO8859-1,en_NZ,en_NZ.ISO8859-1,zh,zh.GBK,zh.UTF-8,zh_CN.EU
    C,zh_CN.GBK,zh_CN.UTF-8,es,es_CR,es_CR.ISO8859-1,es_GT,es_GT
    .ISO8859-1,es_NI,es_NI.ISO8859-1,es_PA,es_PA.ISO8859-1,es_SV
    ,es_SV.ISO8859-1,hi_IN.UTF-8,cs_CZ,cs_CZ.ISO8859-2,cz,de,de.
    ISO8859-15,de.UTF-8,de_AT,de_AT.ISO8859-1,de_AT.ISO8859-15,d
    e_AT.ISO8859-15@euro,de_CH,de_CH.ISO8859-1,de_DE,fr,de_DE.IS
    O8859-1,de_DE.ISO8859-15,de_DE.ISO8859-15@euro,de_DE.UTF-8,d
    e_DE.UTF-8@euro,fr_CH,fr_CH.ISO8859-1,hu,hu_HU,hu_HU.ISO8859
    -2,pl,pl.UTF-8,pl_PL,pl_PL.ISO8859-2,pl_PL
    debug1: first kex follow: 0
    debug1: reserved: 0
    debug1: done
    debug1: kex: server->client unable to decide common locale
    debug1: kex: server->client aes128-cbc hmac-sha1 none
    debug1: kex: client->server unable to decide common locale
    debug1: kex: client->server aes128-cbc hmac-sha1 none
    debug1: Sending SSH2_MSG_KEXDH_INIT.
    debug1: bits set: 524/1024
    debug1: Wait SSH2_MSG_KEXDH_REPLY.
    debug1: Got SSH2_MSG_KEXDH_REPLY.
    debug1: Host '135.254.219.28' is known and matches the RSA host key.
    debug1: Found key in //.ssh/known_hosts:5
    debug1: bits set: 509/1024
    debug1: ssh_rsa_verify: signature correct
    debug1: Wait SSH2_MSG_NEWKEYS.
    debug1: GOT SSH2_MSG_NEWKEYS.
    debug1: send SSH2_MSG_NEWKEYS.
    debug1: done: send SSH2_MSG_NEWKEYS.
    debug1: done: KEX2.
    debug1: send SSH2_MSG_SERVICE_REQUEST
    debug1: service_accept: ssh-userauth
    debug1: got SSH2_MSG_SERVICE_ACCEPT
    debug1: authentications that can continue: publickey,password
    debug1: next auth method to try is publickey
    debug1: key does not exist: //.ssh/identity
    debug1: key does not exist: //.ssh/id_rsa
    debug1: try pubkey: //.ssh/id_dsa
    debug1: read SSH2 private key done: name dsa w/o comment success 1
    debug1: sig size 20 20
    Connection closed by 0.0.0.0
    debug1: Calling cleanup 0x39a0c(0x0)
    ===============================================


  • Next message: Sven Maier: "Problem tunneling X11 on AIX"

    Relevant Pages

    • Unable to login without password using ssh
      ... I am unable to login without password prompt on the target hosts even I added authorized_key on the .ssh directory of the users home directory. ... Target host: $ ssh -V ... debug1: Rhosts Authentication disabled, originating port will not be trusted. ... debug1: sent kexinit: none ...
      (SunManagers)
    • Re: bad packet length
      ... telecommuting. ... It really burns me that ssh just fell apart on me after ... > debug1: Rhosts Authentication disabled, ... > debug1: send KEXINIT ...
      (comp.security.ssh)
    • Re: bad packet length
      ... > telecommuting. ... It really burns me that ssh just fell apart on me after ... >> debug1: Rhosts Authentication disabled, ... >> debug1: send KEXINIT ...
      (comp.security.ssh)
    • Re: New ssh/sshd patches for Solaris 9
      ... tried to ssh to a remote/local machine ... debug1: Allocated local port 1023. ... debug1: sent kexinit: none ... next auth method to try is publickey ...
      (comp.unix.solaris)
    • Cant Get Kerberos & ssh to forward authentication / tickets (ssh without entering password)
      ... userauth-request for user stever service ssh-connection method none ... debug1: Reading configuration data /etc/ssh/ssh_config ... debug1: sent kexinit: diffie-hellman-group1-sha1 ...
      (comp.security.ssh)