Re: [Savannah-hackers] Trouble using ssh

[Sylvain Beucler]

Hello,

All documents that mention SSH v1 are obsolete, since Savannah upgraded 
to v2 after the crack. If you find again any reference to v1, it would 
be nice to submit a bug request - I had submitted one today for the 
reference to "identity.pub" (which is the default public key file for 
v1) in the FAQ that you also mentioned.

There is no password on savannah.gnu.org. The passphrase is another 
password you personaly put on your ssh key.

The log seems to show you could log to savannah.gnu.org. However, I do 
not know in what extend sftp currently works, since it cannot be used 
for uploads anymore (I never used it since I made my first file upload 
after the crack). The best way to check whether SSH works is to commit 
a change to the CVS repository of one of your projects.

The fact you are asked a passphrase is strange. Could you tell me if 
you entered some text here:
  Enter file in which to save the key (/home/lemired/.ssh/id_dsa):
  Enter passphrase (empty for no passphrase):
  Enter same passphrase again:
and here:
  debug1: read PEM private key done: type <unknown>
  Enter passphrase for key '/home/lemired/.ssh/id_dsa':
  debug1: read PEM private key done: type DSA
?

--
Sylvain


Daniel Lemire wrote :
> Good day,
>
> For some unknown reason, it will now ask for my passphrase instead of
> my
> password, which I guess is a form of progress. This is on one machine.
> Other
> machines are still stubborn and will still ask for password. I don't
> know
> exactly what differ between them. I suppose I could not copy over my
> keys
> from that one machine and disseminate them... fair enough...
>
> It is very modest progress though since I cannot connect anyhow. For
> example,
> I should be able to do "sftp  address@hidden:/lemur" since
> one of
> my projects is called "lemur". Strictly speaking, the doc says to use
> "sftp
> -1", but because I was told explicitely to disable Protocol 1 before,
> and I
> did, then it is too late to switch back and will out anger ssh.
>
> The gist of it is "Request for subsystem 'sftp' failed on channel 0".
>
> Here's the result below...
>
>
>  address@hidden lemired]$ sftp -v
> address@hidden:/lemur
> Connecting to savannah.nongnu.org...
> OpenSSH_3.1p1, SSH protocols 1.5/2.0, OpenSSL 0x0090602f
> debug1: Reading configuration data /home/lemired/.ssh/config
> debug1: Reading configuration data /etc/ssh/ssh_config
> debug1: Applying options for *
> debug1: Rhosts Authentication disabled, originating port will not be
> trusted.
> debug1: restore_uid
> debug1: ssh_connect: getuid 500 geteuid 0 anon 1
> debug1: Connecting to savannah.nongnu.org [199.232.41.4] port 22.
> debug1: temporarily_use_uid: 500/500 (e=0)
> debug1: restore_uid
> debug1: temporarily_use_uid: 500/500 (e=0)
> debug1: restore_uid
> debug1: Connection established.
> debug1: read PEM private key done: type DSA
> debug1: read PEM private key done: type RSA
> debug1: identity file /home/lemired/.ssh/id_rsa type -1
> debug1: identity file /home/lemired/.ssh/id_dsa type 2
> debug1: Remote protocol version 2.0, remote software version
> OpenSSH_3.4p1
> Debian 1:3.4p1-1.woody.3.1
> debug1: match: OpenSSH_3.4p1 Debian 1:3.4p1-1.woody.3.1 pat OpenSSH*
> Enabling compatibility mode for protocol 2.0
> debug1: Local version string SSH-2.0-OpenSSH_3.1p1
> debug1: SSH2_MSG_KEXINIT sent
> debug1: SSH2_MSG_KEXINIT received
> debug1: kex: server->client aes128-cbc hmac-md5 none
> debug1: kex: client->server aes128-cbc hmac-md5 none
> debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent
> debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
> debug1: dh_gen_key: priv key bits set: 132/256
> debug1: bits set: 1636/3191
> debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
> debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
> debug1: Host 'savannah.nongnu.org' is known and matches the RSA host
> key.
> debug1: Found key in /home/lemired/.ssh/known_hosts:7
> debug1: bits set: 1564/3191
> debug1: ssh_rsa_verify: signature correct
> debug1: kex_derive_keys
> debug1: newkeys: mode 1
> debug1: SSH2_MSG_NEWKEYS sent
> debug1: waiting for SSH2_MSG_NEWKEYS
> debug1: newkeys: mode 0
> debug1: SSH2_MSG_NEWKEYS received
> debug1: done: ssh_kex2.
> debug1: send SSH2_MSG_SERVICE_REQUEST
> debug1: service_accept: ssh-userauth
> debug1: got SSH2_MSG_SERVICE_ACCEPT
> debug1: authentications that can continue:
> publickey,password,keyboard-interactive
> debug1: next auth method to try is publickey
> debug1: try privkey: /home/lemired/.ssh/id_rsa
> debug1: try pubkey: /home/lemired/.ssh/id_dsa
> debug1: Remote: Forced command: cvs server
> debug1: Remote: Pty allocation disabled.
> debug1: Remote: Port forwarding disabled.
> debug1: Remote: Agent forwarding disabled.
> debug1: Remote: X11 forwarding disabled.
> debug1: input_userauth_pk_ok: pkalg ssh-dss blen 433 lastkey 0x8086d60
> hint 1
> debug1: PEM_read_PrivateKey failed
> debug1: read PEM private key done: type <unknown>
> Enter passphrase for key '/home/lemired/.ssh/id_dsa':
> debug1: read PEM private key done: type DSA
> debug1: Remote: Forced command: cvs server
> debug1: Remote: Pty allocation disabled.
> debug1: Remote: Port forwarding disabled.
> debug1: Remote: Agent forwarding disabled.
> debug1: Remote: X11 forwarding disabled.
> debug1: ssh-userauth2 successful: method publickey
> debug1: fd 4 setting O_NONBLOCK
> debug1: channel 0: new [client-session]
> debug1: send channel open 0
> debug1: Entering interactive session.
> debug1: ssh_session2_setup: id 0
> debug1: Sending subsystem: sftp
> debug1: channel request 0: subsystem
> debug1: channel 0: open confirm rwindow 0 rmax 32768
> Request for subsystem 'sftp' failed on channel 0
> debug1: Calling cleanup 0x80583c0(0x0)
> debug1: channel_free: channel 0: client-session, nchannels 1
> debug1: Calling cleanup 0x80634c0(0x0)
> Couldn't read packet: Connection reset by peer