Subject: Re: bin/17023: OpenSSH 3.2.1 not compatible with older ssh
To: None <bouyer@antioche.lip6.fr>
From: Chris Pinnock <cjep@fawlty.net>
List: netbsd-bugs
Date: 05/25/2002 19:02:36
On Sat, May 25, 2002 at 07:43:24PM +0200, bouyer@antioche.lip6.fr wrote:
>
> >Number: 17023
> >Category: bin
> >Synopsis: OpenSSH 3.2.1 not compatible with older ssh
> >Confidential: no
> >Severity: critical
> >Priority: high
> >Responsible: bin-bug-people
> >State: open
> >Class: sw-bug
> >Submitter-Id: net
> >Arrival-Date: Sat May 25 10:44:03 PDT 2002
> >Closed-Date:
> >Last-Modified:
> >Originator:
> >Release: NetBSD 1.6_BETA1 checked out 2 hours ago
> >Organization:
>
> LIP6, Universite Paris VI.
>
> >Environment:
>
> client: OpenSSH_3.0.2 NetBSD_Secure_Shell-20020307, SSH protocols 1.5/2.0, OpenSSL 0x0090581f, from 1.5.3_BETA2
> server: SSH-1.99-OpenSSH_3.2.1 NetBSD_Secure_Shell-20020513 from 1.6_BETA1
> >Description:
> older ssh client can't connect to the recently-imported sshd:
> armandeche:/users/cao/bouyer>ssh -v swing
> OpenSSH_3.0.2 NetBSD_Secure_Shell-20020307, SSH protocols 1.5/2.0, OpenSSL 0x0090581f
> debug1: Reading configuration data /users/cao/bouyer/.ssh/config
> debug1: Reading configuration data /etc/ssh.conf
> debug1: Applying options for *
> debug1: restore_uid
> debug1: ssh_connect: getuid 373 geteuid 0 anon 0
> debug1: Connecting to swing [132.227.63.66] port 22.
> debug1: Allocated local port 614.
> debug1: temporarily_use_uid: 373/20 (e=0)
> debug1: restore_uid
> debug1: Connection established.
> debug1: read PEM private key done: type DSA
> debug1: read PEM private key done: type RSA
> debug1: identity file /users/cao/bouyer/.ssh/identity type 0
> debug1: identity file /users/cao/bouyer/.ssh/id_rsa type -1
> debug1: identity file /users/cao/bouyer/.ssh/id_dsa type 2
> debug1: Remote protocol version 1.99, remote software version OpenSSH_3.2.1 NetBSD_Secure_Shell-20020513
> debug1: match: OpenSSH_3.2.1 NetBSD_Secure_Shell-20020513 pat OpenSSH*
> Enabling compatibility mode for protocol 2.0
> debug1: Local version string SSH-2.0-OpenSSH_3.0.2 NetBSD_Secure_Shell-20020307
> debug1: SSH2_MSG_KEXINIT sent
> debug1: SSH2_MSG_KEXINIT received
> debug1: kex: server->client aes128-cbc hmac-md5 none
> debug1: kex: client->server aes128-cbc hmac-md5 none
> debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent
> debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
> debug1: dh_gen_key: priv key bits set: 131/256
> debug1: bits set: 1631/3191
> debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
> debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
> debug1: Host 'swing' is known and matches the RSA host key.
> debug1: Found key in /users/cao/bouyer/.ssh/known_hosts:217
> debug1: bits set: 1595/3191
> debug1: ssh_rsa_verify: signature correct
> debug1: kex_derive_keys
> debug1: newkeys: mode 1
> debug1: SSH2_MSG_NEWKEYS sent
> debug1: waiting for SSH2_MSG_NEWKEYS
> debug1: newkeys: mode 0
> debug1: SSH2_MSG_NEWKEYS received
> debug1: done: ssh_kex2.
> debug1: send SSH2_MSG_SERVICE_REQUEST
> debug1: service_accept: ssh-userauth
> debug1: got SSH2_MSG_SERVICE_ACCEPT
> debug1: authentications that can continue: publickey,password,keyboard-interactive,hostbased
> debug1: next auth method to try is hostbased
> e54b 9eed 6112 391c f0c8 d3fc 335b f57e
>
> Disconnecting: Bad packet length -448028947.
> debug1: Calling cleanup 0x8059e90(0x0)
>
> armandeche:/users/cao/bouyer>ssh -v -1 swing
> OpenSSH_3.0.2 NetBSD_Secure_Shell-20020307, SSH protocols 1.5/2.0, OpenSSL 0x0090581f
> debug1: Reading configuration data /users/cao/bouyer/.ssh/config
> debug1: Reading configuration data /etc/ssh.conf
> debug1: Applying options for *
> debug1: restore_uid
> debug1: ssh_connect: getuid 373 geteuid 0 anon 0
> debug1: Connecting to swing [132.227.63.66] port 22.
> debug1: Allocated local port 613.
> debug1: temporarily_use_uid: 373/20 (e=0)
> debug1: restore_uid
> debug1: Connection established.
> debug1: read PEM private key done: type DSA
> debug1: read PEM private key done: type RSA
> debug1: identity file /users/cao/bouyer/.ssh/identity type 0
> debug1: Remote protocol version 1.99, remote software version OpenSSH_3.2.1 NetBSD_Secure_Shell-20020513
> debug1: match: OpenSSH_3.2.1 NetBSD_Secure_Shell-20020513 pat OpenSSH*
> debug1: Local version string SSH-1.5-OpenSSH_3.0.2 NetBSD_Secure_Shell-20020307
> debug1: Waiting for server public key.
> debug1: Received server public key (768 bits) and host key (1024 bits).
> debug1: Host 'swing' is known and matches the RSA1 host key.
> debug1: Found key in /users/cao/bouyer/.ssh/known_hosts:221
> debug1: Encryption type: 3des
> debug1: Sent encrypted session key.
> debug1: Installing crc compensation attack detector.
> debug1: Received encrypted confirmation.
> debug1: Trying rhosts or /etc/hosts.equiv with RSA host authentication.
> Disconnecting: Corrupted check bytes on input.
> debug1: Calling cleanup 0x8059e90(0x0)
>
> connecting from a ssh 1.2.27 client still works, though.
>
> >How-To-Repeat:
> try to ssh from a 1.5.x, x>=2 client to a 1.6_BETA1 server.
> >Fix:
> unknown.
> >Release-Note:
> >Audit-Trail:
> >Unformatted:
Have you got the sshd user and group id on the 1.6_BETA1? I've just had
the same problem and the error appears to be caused by not having those
id entries.
May 25 18:08:47 voodoolady sshd[19654]: fatal: Privilege separation user
sshd does not exist
best wishes,
Chris