Re: OpenSSH 3.8p1 Privilege Separation and "connection closed" error at KEXINIT

From: Darren Tucker (dtucker_at_dodgy.net.au)
Date: 03/31/04

• Next message: Darren Tucker: "Re: 2 SSH questions: why does it pause so much, and, can I keep connection alive?"
• Previous message: Michael Levin: "2 SSH questions: why does it pause so much, and, can I keep connection alive?"
• In reply to: Val: "OpenSSH 3.8p1 Privilege Separation and "connection closed" error at KEXINIT"
• Next in thread: Val: "Re: OpenSSH 3.8p1 Privilege Separation and "connection closed" error at KEXINIT"
• Reply: Val: "Re: OpenSSH 3.8p1 Privilege Separation and "connection closed" error at KEXINIT"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Wed, 31 Mar 2004 00:56:56 +0000 (UTC)

In article <sEjac.1364$w84.157385@twister.southeast.rr.com>,
Val <vbaranov@nc.rr.com> wrote:
>I'm experiecing a problem on AIX 4.3.3 ML11 with OpenSSH 3.8p1 compiled with
>all the default flags, the "prefix" ONLY has been defined as
>"/usr/local/openssh":
>If enable "PrivilegeSeparation" to "yes", the session ends with an error.
>With "Privilege Separation no" everything works normal. "sshd" user has all
>the attributes required, home directory is "/var/empty", and shell is
>"/usr/bin/false" (chown root:sys /var/empty; chmod 755 /var/empty); the only
>member of "sshd" group is "sshd" user; both private and public keys are in
>place for participating user IDs, and premissions on "./ssh" directory and
>all the files underneath are correct. Below is the output from both client
>and server side - evidently, the reply didn't received while sending
>SSH2_MSG_KEXINIT (wait approx. 2 seconds at this point until closing
>connection).
>
>Does anybody have an idea what's wrong (permissions? ownership? what else?)
>and how to fix it? Txs.

The debug doesn't shed much light. A wild guess is zlib: what version
do you have? Which compiler are you using?

-- 
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
    Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.

• Next message: Darren Tucker: "Re: 2 SSH questions: why does it pause so much, and, can I keep connection alive?"
• Previous message: Michael Levin: "2 SSH questions: why does it pause so much, and, can I keep connection alive?"
• In reply to: Val: "OpenSSH 3.8p1 Privilege Separation and "connection closed" error at KEXINIT"
• Next in thread: Val: "Re: OpenSSH 3.8p1 Privilege Separation and "connection closed" error at KEXINIT"
• Reply: Val: "Re: OpenSSH 3.8p1 Privilege Separation and "connection closed" error at KEXINIT"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: SSH Advice ... >> advice on where to start. ... I think I need both client and server ends for ... Good judgement comes with experience. ... (comp.security.ssh) Re: 2 SSH questions: why does it pause so much, and, can I keep connection alive? ... >I'm running SSH clients on a Mac OSX to connect to a Unix box. ... Do you have a firewall between client and server? ... Good judgement comes with experience. ... (comp.security.ssh) Re: generating a ssh key without ssh-keygen ... >>I have a server that runs linux and a client running Solaris. ... to generate the host keys if sshd is installed) but you can generate ... Good judgement comes with experience. ... (comp.os.linux.networking) Re: generating a ssh key without ssh-keygen ... >>I have a server that runs linux and a client running Solaris. ... to generate the host keys if sshd is installed) but you can generate ... Good judgement comes with experience. ... (comp.security.ssh) Re: SSH Connecting through Firewall ... >client to use HTTPS or FTP proxy. ... There is no such option in the OpenSSH ... Good judgement comes with experience. ... (comp.security.ssh)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint