Anthony R Iano-Fletcher
2003-Apr-02 21:25 UTC
broken ssh-keysign for openssh 3.6.1p1 on Solaris 8
The latter versions of openssh (3.4,3.5 and 3.6.1) all seem to suffer
from a broken ssh-keysign binary. This causes HostbasedAuthentication to
fail.
We have installed 3.6.1p1 on a Solaris 8 machine using
openssl-0.9.6i. This fails thusly
ssh server
<......some \digits removed - a key perhaps?>
ssh_keysign: no reply
key_sign failed
a at server's password
For version 3.4p1 we patched ssh-keysign.c and it worked as
expected. When we use the same ssh-keysign with the 3.6.1 distribution
it also works as expected.
Have other people noticed this? Is it so on other OSes? Is there a
patch anyway?
openssh was configured:
./configure --with-libs=-lresolv --sysconfdir=/etc/ssh --with-pam
Anthony.
--
Anthony R Iano-Fletcher Anthony.Iano-Fletcher at nih.gov
http://cbel.cit.nih.gov/~arif
CBEL, CIT, NIH, Bethesda, MD, USA.
Phone: (+1) 301 402 1741.
On Wed, 2 Apr 2003, Anthony R Iano-Fletcher wrote:> The latter versions of openssh (3.4,3.5 and 3.6.1) all seem to suffer > from a broken ssh-keysign binary. This causes HostbasedAuthentication to > fail.Did you add "EnableSSHKeysign yes" to your ssh_config ? [snip] -- Tim Rice Multitalents (707) 887-1469 tim at multitalents.net