Re: Can't login to an OS X box using ssh

From: Ben Nave (
Date: 02/26/03

From: (Ben Nave)
Date: 25 Feb 2003 23:59:28 -0800

using sshd -d which seems to be more helpful than ssh -d5 or any level
verbose mode on the client side. I envoked sshd using "sshd -d" and
then attempted to log into my OS X box from a Sun Machine. I get the
following debug output:

root# sshd -d
debug1: sshd version <CHANGED>
debug1: private host key: #0 type 0 RSA1
debug1: read PEM private key done: type RSA
debug1: private host key: #1 type 1 RSA
debug1: read PEM private key done: type DSA
debug1: private host key: #2 type 2 DSA
debug1: setgroups() failed: Invalid argument
debug1: Bind to port 22 on
Server listening on port 22.
Generating 768 bit RSA key.
RSA key generation complete.
debug1: Server will not fork when running in debugging mode.
Connection from <AN_IP> port 58758
debug1: Client protocol version 1.99; client software version 3.1.0
SSH Secure Shell (non-commercial)
debug1: no match: 3.1.0 SSH Secure Shell (non-commercial)
Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-1.99-<CHANGED>
debug1: list_hostkey_types: ssh-rsa,ssh-dss
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: client->server aes128-cbc hmac-sha1 zlib
debug1: kex: server->client aes128-cbc hmac-sha1 zlib
debug1: dh_gen_key: priv key bits set: 134/320
debug1: bits set: 514/1024
debug1: expecting SSH2_MSG_KEXDH_INIT
debug1: bits set: 496/1024
debug1: kex_derive_keys
debug1: newkeys: mode 1
debug1: Enabling compression at level 6.
debug1: SSH2_MSG_NEWKEYS sent
debug1: waiting for SSH2_MSG_NEWKEYS
debug1: compress outgoing: raw data 60, compressed 62, factor 1.03
debug1: compress incoming: raw data 0, compressed 0, factor 0.00
Disconnecting: Protocol error: expected packet type 21, got 30
debug1: Calling cleanup 0x25308(0x0)
debug1: Calling cleanup 0x25308(0x0)

(Explanation of "debug1: sshd version <CHANGED>": one of my linux guru
friends seemed to think that sshd giving out it's version tag was a
security issue since a hacker could look for vulerabilities in that
particular version. This seemed correct to me at the time and so I
allowed him to help me hack the sshd to display a wierd string there.
It worked fine after I made the change and sshd is still working in
some cases, so I don't think this is the problem. But then again, I
could be wrong ;-) )

It seems like the "Disconnecting: Protocol error" is the important
line, but then I am lost at this point. Does this help anyone to
better understand my problem?

thanks for the help (Richard E. Silverman) wrote in message news:<>...
> > [horta:~] nave> ssh -v bnave@<hostname>
> > debug: SshAppCommon/sshappcommon.c:133: Allocating global SshRegex context.
> > [horta:~] nave>
> You didn't mention that you were using the Unix client, as opposed
> to OpenSSH (which is what's on the OS X box). In fact, you didn't give
> the versions of any of the SSH implementations you're using.
> Try upping the verbosity, e.g. "ssh -d5 ..." Also look at the server-side
> sshd syslog messages, and/or try a connection with the server running as
> "sshd -d".