Hosting Provided By

Re: OPENSSH 3.4p1-3 on AIX 4.3.3

From: Alf Nicolaysen <Alf.Nicolaysen(at)de.ibm.com>
Date: Fri Feb 14 2003 - 02:55:31 EST

Neil,

thx for your answer so far. I tested it immediately and: It did not work! Here`s the output for the server in debug modus:

debug1: Server will not fork when running in debugging mode. Connection from 9.164.18.128 port 982

debug1: Client protocol version 1.5; client software version OpenSSH_3.4p1
debug1: match: OpenSSH_3.4p1 pat OpenSSH*
debug1: Local version string SSH-1.99-OpenSSH_3.4p1
debug2: Network child is on pid 27530
debug1: Sent 768 bit server key and 1024 bit host key.
debug1: Encryption type: 3des
debug2: monitor_read: 28 used once, disabling now
debug2: monitor_read: 30 used once, disabling nowdebug1: cipher_init: set

keylen (16 -> 32)

debug1: cipher_init: set keylen (16 -> 32)
debug1: Received session key; encryption turned on.
debug1: Installing crc compensation attack detector.
debug2: monitor_read: 6 used once, disabling now
debug1: Attempting authentication for nicolays.

Failed none for nicolays from 9.164.18.128 port 982 Could not reverse map address 9.164.18.128. debug2: auth_rhosts2: clientuser nicolays hostname 9.164.18.128 ipaddr 9.164.18.128
debug1: temporarily_use_uid: 201/1 (e=7) debug1: restore_uid
Failed rhosts for nicolays from 9.164.18.128 port 982 ruser nicolays debug1: rcvd SSH_CMSG_AUTH_TIS
Failed challenge-response for nicolays from 9.164.18.128 port 982

As you can, the client uses an privileged Port and shows up protocol 1.5. At the end of this output, two things are suspicious:

1)Seems to have name-resolution problems with this IP-Adress 9.164.18.128 (the client of course), but DNS is ok
2)Why at the end the server tries to authenticate via the TIS-Auth??

Further ist says "Failed rhosts for nicolays from 9.164.18.128 port 982" What does it exactly mean? Couldn't the server READ the rhosts, in this case .shosts? Or couldn't he simply not find it? Or wrong permissions ? (Strictmode is set to default = no)

Any more help is very much appreciated.

Do you need help?

Thx in advance

Alf Nicolaysen

Neil Martin <Neil@Car-Part.com> on 13.02.2003 21:51:54

To: Alf Nicolaysen/Germany/Contr/IBM@IBMDE cc:
Subject: Re: OPENSSH 3.4p1-3 on AIX 4.3.3

Alf,

I got that working under 3.5 on Solaris using .rhosts by doing something like ssh -o "RhostsAuthentication yes" - o "UsePrivilegedPort yes" - o "Procotol 1". It should work for .shosts

It appears that the version 2 Protocol will not allow rhosts authentication. In order to use the privileged port (low ports) you will need to set the suid bit on ssh or run ssh from the root account. This is very dangerous and insecure since someone would just need to spoof one of your clients IP's and they are in. The recommended method (under 2.0 of the protocol) would be to use ssh-agent to remember your clients pass phrases. This is less vulnerable to spoofing.

Hope this helps.

Do you need more help?

Neil
Alf Nicolaysen wrote:

>Hi all!
There
>is no way, as far as I tested, to use a .shosts file. In any case this
file
>will be ignored, regardless of modes, ownerships or user.
and
>i have to give the password.
trusted.
>
>How can the server machine trust a non-privileged port, that is choosen
Received on Fri Feb 14 13:45:11 2003

This message: [ Message body ]
Next message: Vangli, Bent: "VS: Strange problem with forwarding X11 traffic - solution !!!"
Maybe in reply to: Alf Nicolaysen: "OPENSSH 3.4p1-3 on AIX 4.3.3"
In reply to Wilson, Richard E: "RE: OPENSSH 3.4p1-3 on AIX 4.3.3"
Reply: Alf Nicolaysen: "Re: OPENSSH 3.4p1-3 on AIX 4.3.3"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:02:54 EDT