bugzilla-daemon at mindrot.org
2006-Mar-02 16:32 UTC
[Bug 1168] sftp fails to HP - UX os even when pubic keys are present in HP-UX
http://bugzilla.mindrot.org/show_bug.cgi?id=1168 Summary: sftp fails to HP - UX os even when pubic keys are present in HP-UX Product: Portable OpenSSH Version: 3.7.1p2 Platform: Other OS/Version: HP-UX Status: NEW Keywords: help-wanted Severity: major Priority: P2 Component: sftp AssignedTo: bitbucket at mindrot.org ReportedBy: manikandan.selvaraju at wipro.com CC: manikandan.selvaraju at wipro.com Hi, I have SSH installed in a HP-UX system. Its version is SOE-openssh-3.7.1p2-pwexp26, SSH protocols 1.5/2.0, OpenSSL 0.9.7d 17 Mar 2004. Now when i try to use sftp from other systems to HP -UX where ssh is installed it is not working fine as excepted. In brief i will mention the steps i followed. 1) Create a ssh-agent (client)by giving eval `ssh-agent` And get its PID. 2)Then set the environment variables as -- export SSH_AGENT_PID=<ssh-agent_PID>> Then go to ?cd /tmp? and then do a ?ls -lrt? to find some directory which is of name ?ssh-___? and then get into that ssh-____ directory ? you will have some file with the name ?agent.xxxxx? -- export SSH_AUTH_SOCK=<complete path as you find from above pwd command > 3)Then create the ssh keys by giving #ssh-keygen -t rsa Generating public/private rsa key pair. Enter file in which to save the key (//.ssh/id_rsa): //.ssh/id_rsa already exists. Overwrite (y/n)? y Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in //.ssh/id_rsa. Your public key has been saved in //.ssh/id_rsa.pub. The key fingerprint is: 8d:30:30:54:63:76:ff:bb:46:f7:55:2f:fb:7a:f9:2d root at wcary2qw There enter the passphrase of some 8 characters. 4)Then add the keys to ssh-agent by giving #ssh-add Enter passphrase for //.ssh/id_rsa: Identity added: //.ssh/id_rsa (//.ssh/id_rsa) # Enter the passphrase typed before. 4)Copy the public key(id_rsa.pub) and put the public key in the HP -UX corresponding user's home directory under .ssh directory in authorized_keys file. Suppose if we are giving #sftp xxxx at 47.128.213.56 Then go /home/xxxx/.ssh #touch authorized_keys #chmod 777 authorized_keys Paste the public key inside this file. 5)Now when you do sftp xxxx at 47.128.213.56 it will not ask for password it will directly go to sftp prompt #sftp xxxx at 47.128.213.56 sftp> This as excepted.The same scenario is working for all os but for HP -UX it is not working. So could anyone throw some lights on this issue. Debug mode details obtained when tried sftp to HP-UX system #sftp -v -v -v xxxx at 47.128.213.56 OpenSSH_4.2p1, OpenSSL 0.9.7c 30 Sep 2003 debug1: Reading configuration data /usr/etc/ssh_config debug3: Seeding PRNG from /usr/libexec/ssh-rand-helper debug2: ssh_connect: needpriv 0 debug1: Connecting to 47.128.213.56[47.128.213.56] port 22. debug1: Connection established. debug1: permanently_set_uid: 0/0 debug1: identity file /home/root/.ssh/identity type 0 debug3: Not a RSA1 key file /home/root/.ssh/id_rsa. debug2: key_type_from_name: unknown key type '-----BEGIN' debug3: key_read: missing keytype debug2: key_type_from_name: unknown key type 'Proc-Type:' debug3: key_read: missing keytype debug2: key_type_from_name: unknown key type 'DEK-Info:' debug3: key_read: missing keytype debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug2: key_type_from_name: unknown key type '-----END' debug3: key_read: missing keytype debug1: identity file /home/root/.ssh/id_rsa type 1 debug3: Not a RSA1 key file /home/root/.ssh/id_dsa. debug2: key_type_from_name: unknown key type '-----BEGIN' debug3: key_read: missing keytype debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug2: key_type_from_name: unknown key type '-----END' debug3: key_read: missing keytype debug1: identity file /home/root/.ssh/id_dsa type 2 debug1: Remote protocol version 1.99, remote software version SOE-openssh-3.7.1p2-pwexp26 debug1: no match: SOE-openssh-3.7.1p2-pwexp26 debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_4.2 debug2: fd 4 setting O_NONBLOCK debug3: RNG is ready, skipping seeding debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: ssh-rsa,ssh-dss debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc at lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc at lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160 at openssh.com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160 at openssh.com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: none,zlib at openssh.com,zlib debug2: kex_parse_kexinit: none,zlib at openssh.com,zlib debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1 debug2: kex_parse_kexinit: ssh-rsa,ssh-dss debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: none,zlib debug2: kex_parse_kexinit: none,zlib debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: mac_init: found hmac-md5 debug1: kex: server->client aes128-cbc hmac-md5 none debug2: mac_init: found hmac-md5 debug1: kex: client->server aes128-cbc hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug2: dh_gen_key: priv key bits set: 120/256 debug2: bits set: 510/1024 debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug3: check_host_in_hostfile: filename /home/root/.ssh/known_hosts debug3: check_host_in_hostfile: match line 6 debug1: Host '47.129.249.42' is known and matches the RSA host key. debug1: Found key in /home/root/.ssh/known_hosts:6 debug2: bits set: 500/1024 debug1: ssh_rsa_verify: signature correct debug2: kex_derive_keys debug2: set_newkeys: mode 1 debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug2: set_newkeys: mode 0 debug1: SSH2_MSG_NEWKEYS received debug1: SSH2_MSG_SERVICE_REQUEST sent debug2: service_accept: ssh-userauth debug1: SSH2_MSG_SERVICE_ACCEPT received debug2: key: /home/root/.ssh/id_rsa (20077848) debug2: key: /home/root/.ssh/id_dsa (20077868) debug3: input_userauth_banner ############################################################### # # # Access to this network and the information on it are # # lawfully available only for approved purposes by employees # # of Nortel Networks and other users authorized by Nortel # # Networks. If you are not an employee of Nortel Networks # # or an authorized user, do not attempt to log on. Other # # than where prohibited by law and subject to legal # # requirements, Nortel Networks reserves the right to review # # any information in any form on this network at any time. # # # ############################################################### * ** ****** IMPORTANT NOTE ****** Please note that in order to improve performance in this Exceed Pool, additional servers have been added. In order to ensure the pool is properly load balanced, please telnet/Exceed into ZCARXSS1, not the individual server names. Thank you for your cooperation. ** This server reboots every Sunday morning ** between 5:30am and 6:00am **************************** ** * debug1: Authentications that can continue: publickey,password debug3: start over, passed a different list publickey,password debug3: preferred publickey,keyboard-interactive,password debug3: authmethod_lookup publickey debug3: remaining preferred: keyboard-interactive,password debug3: authmethod_is_enabled publickey debug1: Next authentication method: publickey debug1: Offering public key: /home/root/.ssh/id_rsa debug3: send_pubkey_test debug2: we sent a publickey packet, wait for reply debug1: Authentications that can continue: publickey,password debug1: Offering public key: /home/root/.ssh/id_dsa debug3: send_pubkey_test debug2: we sent a publickey packet, wait for reply debug1: Authentications that can continue: publickey,password debug2: we did not send a packet, disable method debug3: authmethod_lookup password debug3: remaining preferred: ,password debug3: authmethod_is_enabled password debug1: Next authentication method: password xxxx at 47.128.213.56's password: ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at mindrot.org
2006-Mar-03 05:18 UTC
[Bug 1168] sftp fails to HP - UX os even when pubic keys are present in HP-UX
http://bugzilla.mindrot.org/show_bug.cgi?id=1168 dtucker at zip.com.au changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |DUPLICATE ------- Comment #1 from dtucker at zip.com.au 2006-03-03 16:18 ------- *** This bug has been marked as a duplicate of bug 1167 *** ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
Possibly Parallel Threads
- [Bug 1170] sftp fails to HP - UX os even when pubic keys are present in HP-UX
- [Bug 1167] sftp fails to HP - UX os even when pubic keys are present in HP-UX
- 3.8p1 password expiry, Solaris 8
- bug(?) with OpenSSH 4.4+ and large DSA ID keys
- Can not login with key-exchange is chrooted sftp environment