Re: Configuring ssh on Red Hat Linux 7.3

From: Jean-David Beyer (jdbeyer@exit109.com)
Date: 05/15/02 

From: Jean-David Beyer <jdbeyer@exit109.com>
Date: Tue, 14 May 2002 22:33:38 -0400

Nico Kadel-Garcia wrote:
>
> "Jean-David Beyer" <jdbeyer@exit109.com> wrote in message
> news:3CDFC60A.FC219DA9@exit109.com...
> > I have two machines running dialects of Red Hat Linux. My new machine
> > is named "valinux" and the old one is named "touchl". They are
> > connected by two NICs.
> >
> > The valinux machine runs a version of Red Hat Linux from VA Linux
> > Systems that they call 6.2.4.
> >
> > I just installed R.H.L. 7.3 on the touchl machine (that used to run
> > R.H.L. 6.0) and it basically works, but there are a bunch of problems.
> >
> > Each machine can ping the other, so the lower levels of connectivity
> > are there. I can look up the IP address of each machine from the other
> > using dig (but not nslookup).
> >
> > I can run the following command on touchl:
> >
> > valinux:jdbeyer[~]$ ssh -4 -X touchl
> > jdbeyer@touchl's password: [the password]
> > Last login: Mon May 13 08:28:20 2002 from touchl.localdomain
> > [jdbeyer@touchl jdbeyer]$
> >
> > so it works in one direction. When I try from the touchl machine,
> > though, I get:
> >
> > touchl:jdbeyer[~]$ ssh -4 -X valinux
> > jdbeyer@valinux's password: [the password]
> > Permission denied: please try again.
> >
> > I did type the correct password.
> >
> > /var/log/messages contains this as a result of the attempt:
> >
> > May 13 09:46:53 valinux sshd[22746]:
> > Failed password for jdbeyer from 192.168.1.201 port 1034
> > May 13 09:46:55 valinux sshd[22746]:
> > Connection closed by 192.168.1.201
> >
> > On valinux, file /usr/local/etc/ssh_config contains (other than
> > comments):
> >
> > # Be paranoid by default
> > Host *
> > ForwardAgent no
> > ForwardX11 no
> > FallBackToRsh no
> >
> > On touchl, file /etc/ssh/ssh_config contains (other than comments):
> >
> > Host *
> > ForwardX11 yes
>
> /etc/ssh/sshd_config ...

I did not understand your reply the first time around; I remembered
the very old days when all the stuff now in /sbin and /usr/sbin were
in /etc/ sshd_config is not a program, as you perfectly well knew, but
I did not.

I examined the file on both machines, and they are quite a bit
different, though inspection has not revealed what is the cause of the
problem.

On the valinux machine, openssh is openssh-3.1p1, built from source
and on the touchl machine, openssh is openssh-3.1p1-3 installed from
the Red Hat 7.3 disk as an .rpm.

Further investigation reveals one more data point, from which I infer
that the problem is not related to the touchl machine: I cannot ssh -4
valinux from the valinux machine. Normally, you would probably not
wish to do that, but you should be able to. However, I can ssh -4
touchl from the touchl machine and I can ssh -4 valinux from the
touchl machine.

The machines seem to generate very different keys. Here are two
slightly scrambled keys from my ~/.ssh/known_hosts file:

valinux 1024 35
119385520731956190239141892195636584454881159248527929502102180370961194814878836447744696233640736817641060032320056276413135308996257774287475296095805649828891774067712210125169452427461038590278316335543306412519062418531203779336555548183515862455216418925226668052889694898614918404978281681930052886949
touchl,192.168.1.201 ssh-rsa
AAAAB3NzaC1yc2EAAAABIwAAAIEA6xruV5l9L66rH4qsR8NrCMT7px3cHSu+MPYsPydVLoZYoQ/Rgb7t4pIqT6jJG0H/TsfykLa6QKEFlVTVrXdD/wsulS23L3jc0Vlgau7ZQ2iGlBhejrCi+VXaYIJiIHyNqNmEoUI99uRs0z4Lut9di42wdpQ1HVINep7HOIJ1kQE=

I am at a loss as to why they should be so different. I assume I have
arranged for incompatible key types. What part of sshd_config or
ssh_config deals with this? 

-- 
 .~.  Jean-David Beyer           Registered Linux User 85642.
 /V\                             Registered Machine    73926.
/( )\ Shrewsbury, New Jersey     http://counter.li.org 
^^-^^ 10:15pm up 4 days, 23:18, 3 users, load average: 2.00, 2.01,
2.00