bugzilla-daemon at mindrot.org
2002-Jul-17 14:55 UTC
[Bug 357] New: SSH does not handle "Protocol" option in ~/.ssh/options properly
http://bugzilla.mindrot.org/show_bug.cgi?id=357 Summary: SSH does not handle "Protocol" option in ~/.ssh/options properly Product: Portable OpenSSH Version: -current Platform: ix86 OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: ssh AssignedTo: openssh-unix-dev at mindrot.org ReportedBy: dfs at roaringpenguin.com Running OpenSSH 3.4p1 on Linux. Here's the contents of ~/.ssh/options: Host * UsePrivilegedPort no Protocol 1 Host shevy HostName shevy.roaringpenguin.com User dfs Protocol 2 Port 23 When I do "ssh -v shevy", we see: OpenSSH_3.4p1, SSH protocols 1.5/2.0, OpenSSL 0x0090603f debug1: Reading configuration data /home/dfs/.ssh/config debug1: Applying options for * debug1: Applying options for shevy debug1: Rhosts Authentication disabled, originating port will not be trusted. debug1: ssh_connect: needpriv 0 debug1: Connecting to shevy.roaringpenguin.com [192.168.2.1] port 23. debug1: Connection established. debug1: identity file /home/dfs/.ssh/identity type 0 debug1: Remote protocol version 1.99, remote software version OpenSSH_3.4p1 debug1: match: OpenSSH_3.4p1 pat OpenSSH* debug1: Local version string SSH-1.5-OpenSSH_3.4p1 debug1: Waiting for server public key. debug1: Received server public key (768 bits) and host key (1024 bits). debug1: Host 'shevy.roaringpenguin.com' is known and matches the RSA1 host key. debug1: Found key in /home/dfs/.ssh/known_hosts:7 debug1: Encryption type: 3des debug1: Sent encrypted session key. debug1: cipher_init: set keylen (16 -> 32) debug1: cipher_init: set keylen (16 -> 32) debug1: Installing crc compensation attack detector. debug1: Received encrypted confirmation. debug1: Trying RSA authentication via agent with 'dfs at shishi.skoll.ca' debug1: Received RSA challenge from server. debug1: Sending response to RSA challenge. debug1: Remote: RSA authentication accepted. debug1: RSA authentication accepted by server. debug1: Requesting pty. debug1: fd 3 setting TCP_NODELAY debug1: Requesting shell. debug1: Entering interactive session. Last login: Wed Jul 17 10:47:58 2002 from shishi.roaringpenguin.com As you see, it used Protocol 1 instead of Protocol 2. When I explicitly put -2 on the command line, it works as expected: $ ssh -v -2 shevy OpenSSH_3.4p1, SSH protocols 1.5/2.0, OpenSSL 0x0090603f debug1: Reading configuration data /home/dfs/.ssh/config debug1: Applying options for shevy debug1: Reading configuration data /etc/ssh/ssh_config debug1: Rhosts Authentication disabled, originating port will not be trusted. debug1: ssh_connect: needpriv 0 debug1: Connecting to shevy.roaringpenguin.com [192.168.2.1] port 23. debug1: Connection established. debug1: identity file /home/dfs/.ssh/id_rsa type -1 debug1: identity file /home/dfs/.ssh/id_dsa type -1 debug1: Remote protocol version 1.99, remote software version OpenSSH_3.4p1 debug1: match: OpenSSH_3.4p1 pat OpenSSH* Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_3.4p1 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server->client aes128-cbc hmac-md5 none debug1: kex: client->server aes128-cbc hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug1: dh_gen_key: priv key bits set: 119/256 debug1: bits set: 1598/3191 debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY ... ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
Thomas Binder
2002-Jul-17 15:49 UTC
[Bug 357] New: SSH does not handle "Protocol" option in ~/.ssh/options properly
Hi! On Thu, Jul 18, 2002 at 12:55:00AM +1000, bugzilla-daemon at mindrot.org wrote:> Running OpenSSH 3.4p1 on Linux. Here's the contents of ~/.ssh/options: > > Host * > UsePrivilegedPort no > Protocol 1 > > Host shevy > HostName shevy.roaringpenguin.com > User dfs > Protocol 2 > Port 23 > > When I do "ssh -v shevy", we see: > [...] > As you see, it used Protocol 1 instead of Protocol 2. When I > explicitly put -2 on the command line, it works as expected:You should read the documentation. From ssh_config's manpage: -- snip -- Since the first obtained value for each parameter is used, more host-specific declarations should be given near the beginning of the file, and general defaults at the end. -- snap -- Ciao Thomas
Possibly Parallel Threads
- [Bug 357] SSH does not handle "Protocol" option in ~/.ssh/options properly
- [Bug 342] New: RhostsRSAAuthentication does not work with 3.4p1
- [Bug 369] Inconsistant exiit status from scp
- kerberosIV authentication is broken in openssh-3.4p1
- rsync error: error in rsync protocol data stream (code 12) at io.c(189)