bugzilla-daemon at mindrot.org
2002-Jul-17 14:55 UTC
[Bug 357] New: SSH does not handle "Protocol" option in ~/.ssh/options properly
http://bugzilla.mindrot.org/show_bug.cgi?id=357
Summary: SSH does not handle "Protocol" option in
~/.ssh/options
properly
Product: Portable OpenSSH
Version: -current
Platform: ix86
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: ssh
AssignedTo: openssh-unix-dev at mindrot.org
ReportedBy: dfs at roaringpenguin.com
Running OpenSSH 3.4p1 on Linux. Here's the contents of ~/.ssh/options:
Host *
UsePrivilegedPort no
Protocol 1
Host shevy
HostName shevy.roaringpenguin.com
User dfs
Protocol 2
Port 23
When I do "ssh -v shevy", we see:
OpenSSH_3.4p1, SSH protocols 1.5/2.0, OpenSSL 0x0090603f
debug1: Reading configuration data /home/dfs/.ssh/config
debug1: Applying options for *
debug1: Applying options for shevy
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: ssh_connect: needpriv 0
debug1: Connecting to shevy.roaringpenguin.com [192.168.2.1] port 23.
debug1: Connection established.
debug1: identity file /home/dfs/.ssh/identity type 0
debug1: Remote protocol version 1.99, remote software version OpenSSH_3.4p1
debug1: match: OpenSSH_3.4p1 pat OpenSSH*
debug1: Local version string SSH-1.5-OpenSSH_3.4p1
debug1: Waiting for server public key.
debug1: Received server public key (768 bits) and host key (1024 bits).
debug1: Host 'shevy.roaringpenguin.com' is known and matches the RSA1
host key.
debug1: Found key in /home/dfs/.ssh/known_hosts:7
debug1: Encryption type: 3des
debug1: Sent encrypted session key.
debug1: cipher_init: set keylen (16 -> 32)
debug1: cipher_init: set keylen (16 -> 32)
debug1: Installing crc compensation attack detector.
debug1: Received encrypted confirmation.
debug1: Trying RSA authentication via agent with 'dfs at
shishi.skoll.ca'
debug1: Received RSA challenge from server.
debug1: Sending response to RSA challenge.
debug1: Remote: RSA authentication accepted.
debug1: RSA authentication accepted by server.
debug1: Requesting pty.
debug1: fd 3 setting TCP_NODELAY
debug1: Requesting shell.
debug1: Entering interactive session.
Last login: Wed Jul 17 10:47:58 2002 from shishi.roaringpenguin.com
As you see, it used Protocol 1 instead of Protocol 2. When I explicitly put -2
on the command line, it works as expected:
$ ssh -v -2 shevy
OpenSSH_3.4p1, SSH protocols 1.5/2.0, OpenSSL 0x0090603f
debug1: Reading configuration data /home/dfs/.ssh/config
debug1: Applying options for shevy
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: ssh_connect: needpriv 0
debug1: Connecting to shevy.roaringpenguin.com [192.168.2.1] port 23.
debug1: Connection established.
debug1: identity file /home/dfs/.ssh/id_rsa type -1
debug1: identity file /home/dfs/.ssh/id_dsa type -1
debug1: Remote protocol version 1.99, remote software version OpenSSH_3.4p1
debug1: match: OpenSSH_3.4p1 pat OpenSSH*
Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_3.4p1
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: dh_gen_key: priv key bits set: 119/256
debug1: bits set: 1598/3191
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
...
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
Thomas Binder
2002-Jul-17 15:49 UTC
[Bug 357] New: SSH does not handle "Protocol" option in ~/.ssh/options properly
Hi! On Thu, Jul 18, 2002 at 12:55:00AM +1000, bugzilla-daemon at mindrot.org wrote:> Running OpenSSH 3.4p1 on Linux. Here's the contents of ~/.ssh/options: > > Host * > UsePrivilegedPort no > Protocol 1 > > Host shevy > HostName shevy.roaringpenguin.com > User dfs > Protocol 2 > Port 23 > > When I do "ssh -v shevy", we see: > [...] > As you see, it used Protocol 1 instead of Protocol 2. When I > explicitly put -2 on the command line, it works as expected:You should read the documentation. From ssh_config's manpage: -- snip -- Since the first obtained value for each parameter is used, more host-specific declarations should be given near the beginning of the file, and general defaults at the end. -- snap -- Ciao Thomas
Reasonably Related Threads
- [Bug 357] SSH does not handle "Protocol" option in ~/.ssh/options properly
- [Bug 342] New: RhostsRSAAuthentication does not work with 3.4p1
- [Bug 369] Inconsistant exiit status from scp
- kerberosIV authentication is broken in openssh-3.4p1
- rsync error: error in rsync protocol data stream (code 12) at io.c(189)