Pantek Library
Hosting Provided By
CybrHost
High Speed Hosting
Mailing Lists: securityfocus.com > secureshell > 03 > 020419.html (Request Expert securityfocus.com Support)

RE: OpenSSH_3.5p1 server, PC clients cannot connect

From: Greg Paik <gpaik(at)smithandhawken.com>
Date: Thu Feb 20 2003 - 13:56:34 EST


Did you upgrade a from a previous version of OpenSSH on the server in question? If you did, you probably just changed the host key. That would explain the "Failed SSH Key Exchange" error. Just delete the entry for the server in the known_hosts file for each of the clients.

Also, have you checked the logs on the server side? Or run sshd in debug mode? The first may not have any useful information without running sshd in debug, but you never know...

Otherwise, are you able to sftp to the server from a UNIX/Linux host and run sftp with the "-vvv" options for verbose output?

Greg

P.S.- What the heck are you doing running SunOS 4.1.4?!?

-----Original Message-----
From: John Mendenhall [mailto:john@surfutopia.net] Sent: Wednesday, February 19, 2003 4:20 PM To: secureshell@securityfocus.com
Subject: OpenSSH_3.5p1 server, PC clients cannot connect

I have setup an OpenSSH_3.5p1 ssh/sftp server on my SunOS 4.1.4 box. I can ssh to it just fine. The problem is SFTP from certain clients.

I can SFTP to it using my OpenSSH_3.5p1 sftp client. I can SFTP to it from MacSFTP from MacSSH.org, version 1.0.5. However, I have several clients that cannot connect. I have had them try CuteFTP Pro v2, v3, WS_FTP Pro v7.62, PuTTy pSFTP. None are able to connect.

Do you need help?X

WS_FTP Pro gives the error:

  Failed SSH Key Exchange

PuTTy gives the error message:

  Fatal: unable to initialise SFTP: could not connect

CuteFTP just seems to hang there.

I have turned on DEBUG logging and they each appear to stop at different places.

I did some searching and increased the Login time from 2 minutes to 5 minutes. No change. I turned off PrivSep. No apparent change. Compression is still on. I run the daemon with '-u0' to increase DNS lookup speed. I have included my config file below my signature.

Does anyone have any idea what I could be doing wrong? I would really like this to work for my PC/Win clients. Please let me know if you need any additional information to diagnose these clients.

Do you need more help?X

Thank you very much in advance.

JohnM 

-- 
John Mendenhall
john@surfutopia.net
surf utopia
internet services


-----  sshd_config  -----

#       $OpenBSD: sshd_config,v 1.59 2002/09/25 11:17:16 markus Exp $


# This is the sshd server system-wide configuration file.  See



# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin


# The strategy used for options in the default sshd_config shipped with





#Port 22


Protocol 2

#ListenAddress 0.0.0.0


# HostKey for protocol version 1


HostKey /usr/local/etc/ssh_host_key

# HostKeys for protocol version 2


HostKey /usr/local/etc/ssh_host_rsa_key
HostKey /usr/local/etc/ssh_host_dsa_key

# Lifetime and size of ephemeral version 1 server key


# Logging


SyslogFacility AUTH


#LogLevel INFO


LogLevel DEBUG


# Authentication:



#LoginGraceTime 120


LoginGraceTime 300


#PermitRootLogin yes


PermitRootLogin no


#StrictModes yes


#RSAAuthentication yes


# rhosts authentication should not be used


# To disable tunneled clear text passwords, change to no here!


# Change to no to disable s/key passwords


# Kerberos options



#AFSTokenPassing no


# Kerberos TGT Passing only works with the AFS kaserver


# Set this to 'yes' to enable PAM keyboard-interactive authentication


#X11Forwarding no


# 20030219 jem turned off Privilege Separation for Putty pSFTP to work


UsePrivilegeSeparation no
PermitUserEnvironment no


#Compression yes


#MaxStartups 10


# override default of no subsystems


Subsystem       sftp    /usr/local/libexec/sftp-server
Received on Thu Feb 20 14:43:52 2003

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:02:54 EDT

Contact Us  Legal Notices  Order Services Online 
Pantek Home  Privacy Policy  IT news  Site Map  Pantek Library