Hosting Provided By

SSH incompatibility issue ?

From: Dave Lewis <dave(at)dsl-co.com>
Date: Tue Jul 29 2003 - 07:40:45 EDT

Hey,

I've got a rather odd issue that I'm hoping you have seen before and you can straighten out..

I have a solaris 2.6 box running OpenSSH_3.6.1p1, SSH protocols 1.5/2.0, OpenSSL 0x0090702f
(openssl 0.9.7b) and I'm trying to connect to an existing solaris box running SSH-1.4-1.2.14
using ssh1..

I'll work no problem for a while and then my users will start getting

Warning: Server lies about size of server public key: actual size is 1151 bits vs. announced 1152.
Warning: This may be due to an old implementation of ssh. respond_to_rsa_challenge: server_key 1151 < host_key 1024 + SSH_KEY_BITS_RESERVED 128 And it stops working..

Unfortunately I have no control over the other box so I can't make any changes to it but I can do
whatever I want on the one running openssh/openssl. Is there anyway I can stop this from
happening and can anyone explain why this keeps happening ? I fixed it once by deleting my host keys and recreating them.. but I don't see how that could
fix it so maybe it was just a fluke..

below is a -v connection so you can see what's happening..

server1% ssh -v dlewis@server2
OpenSSH_3.6.1p1, SSH protocols 1.5/2.0, OpenSSL 0x0090702f debug1: Reading configuration data /usr/local/etc/ssh_config debug1: Rhosts Authentication disabled, originating port will not be trusted.

debug1: Connecting to server2 [10.10.10.10] port 22.
debug1: Connection established.
debug1: identity file /opt/home/reach/.ssh/identity type -1
debug1: identity file /opt/home/reach/.ssh/id_rsa type -1
debug1: identity file /opt/home/reach/.ssh/id_dsa type -1
debug1: Remote protocol version 1.4, remote software version 1.2.14
debug1: match: 1.2.14 pat 1.2.1*,1.2.2*,1.2.3*
debug1: Enabling compatibility mode for protocol 1.3
debug1: Local version string SSH-1.3-OpenSSH_3.6.1p1
debug1: Waiting for server public key.

Warning: Server lies about size of server public key: actual size is 1151 bits vs. announced 1152.
Warning: This may be due to an old implementation of ssh.

debug1: Received server public key (1151 bits) and host key (1024 bits).
debug1: Host 'server2' is known and matches the RSA1 host key.
debug1: Found key in /opt/home/reach/.ssh/known_hosts:1

respond_to_rsa_challenge: server_key 1151 < host_key 1024 + SSH_KEY_BITS_RESERVED 128
debug1: Calling cleanup 0x2cae4(0x0)
server1%

Do you need help?

Thanks in advance for any help you can provide.

Dave Received on Tue Jul 29 18:48:00 2003

This message: [ Message body ]
Next message: Dan Gapinski: "Re: Keyboard-interactive authentication refused?"
Previous message: Reid Johnson: "Bootable CD Problems"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:03:01 EDT