This is the mail archive of the cygwin mailing list for the Cygwin project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Openssh compatibility problem?

From: Michael Makuch <gmanedotorg at makuch dot org>
To: cygwin at cygwin dot com
Date: Tue, 30 Dec 2008 19:30:52 -0600
Subject: Openssh compatibility problem?

Recently installed latest cygwin and can't ssh to it from older openssh rev.
Is there a known compatibility problem?

3 systems: plum, oak, pecan

I can ssh from pecan to oak. I cannot ssh from pecan to plum, it appears to timeout.

Versions of the 3 systems:

plum $ uname -a
CYGWIN_NT-5.1 plum 1.5.25(0.156/4/2) 2008-06-12 19:34 i686 Cygwin
plum $ ssh -V
OpenSSH_5.1p1, OpenSSL 0.9.8i 15 Sep 2008

oak $ uname -a Linux oak 2.6.27.5-117.fc10.x86_64 #1 SMP Tue Nov 18 11:58:53 EST 2008 x86_64 x86_64 x86_64 GNU/Linux oak $ cat /etc/fedora-release Fedora release 10 (Cambridge) oak $ ssh -V OpenSSH_5.1p1, OpenSSL 0.9.8g 19 Oct 2007

pecan $ uname -a Linux pecan 2.6.23.17-88.fc7 #1 SMP Thu May 15 00:35:10 EDT 2008 i686 i686 i386 GNU/Linux pecan $ cat /etc/fedora-release Fedora release 7 (Moonshine) pecan $ ssh -V OpenSSH_4.5p1, OpenSSL 0.9.8b 04 May 2006

Sessions:

ssh from pecan to plum appears to timeout:

pecan $ ssh -vvvv plum OpenSSH_4.5p1, OpenSSL 0.9.8b 04 May 2006 debug1: Reading configuration data /home2/mkm/.ssh/config debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug1: Applying options for * debug2: ssh_connect: needpriv 0 debug1: Connecting to plum [192.168.2.21] port 22. debug1: Connection established. debug1: identity file /home2/mkm/.ssh/identity type -1 debug3: Not a RSA1 key file /home2/mkm/.ssh/id_rsa. debug2: key_type_from_name: unknown key type '-----BEGIN' debug3: key_read: missing keytype debug3: key_read: missing whitespace [snip more of same] debug3: key_read: missing whitespace debug2: key_type_from_name: unknown key type '-----END' debug3: key_read: missing keytype debug1: identity file /home2/mkm/.ssh/id_rsa type 1 debug1: identity file /home2/mkm/.ssh/id_dsa type -1 ssh_exchange_identification: Connection closed by remote host

ssh from pecan to oak works a.o.k:

pecan $ ssh -vvvvv oak
OpenSSH_4.5p1, OpenSSL 0.9.8b 04 May 2006
debug1: Reading configuration data /home2/mkm/.ssh/config
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to oak [192.168.2.15] port 22.
debug1: Connection established.
debug1: identity file /home2/mkm/.ssh/identity type -1
debug3: Not a RSA1 key file /home2/mkm/.ssh/id_rsa.
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug3: key_read: missing keytype
debug3: key_read: missing whitespace
[snip more of same]
debug3: key_read: missing whitespace
debug2: key_type_from_name: unknown key type '-----END'
debug3: key_read: missing keytype
debug1: identity file /home2/mkm/.ssh/id_rsa type 1
debug1: identity file /home2/mkm/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.1
debug1: match: OpenSSH_5.1 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.5
[snip lots more lines then successful login]

ssh from oak to plum works a.o.k:
oak $ ssh -vvv mark@plum
OpenSSH_5.1p1, OpenSSL 0.9.8g 19 Oct 2007
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to plum [192.168.2.21] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: identity file /root/.ssh/identity type -1
debug1: identity file /root/.ssh/id_rsa type -1
debug1: identity file /root/.ssh/id_dsa type -1
debug1: Remote protocol version 1.99, remote software version OpenSSH_5.1
debug1: match: OpenSSH_5.1 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.1
[snip succeeds]


config files:
plum $ grep -v "^#" /etc/sshd_config|grep  -i "[a-z]"
Port 22
Protocol 2,1
StrictModes no
PasswordAuthentication yes
ChallengeResponseAuthentication no
GSSAPIAuthentication yes
GSSAPICleanupCredentials yes
UsePAM yes
AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE
UsePrivilegeSeparation yes
Subsystem       sftp    /usr/sbin/sftp-server

oak $ grep -v "^#" /etc/ssh/sshd_config|grep  -i "[a-z]"
Protocol 2
SyslogFacility AUTHPRIV
PasswordAuthentication yes
ChallengeResponseAuthentication no
GSSAPIAuthentication yes
GSSAPICleanupCredentials yes
UsePAM yes
AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES
AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE
X11Forwarding yes
Subsystem       sftp    /usr/libexec/openssh/sftp-server

pecan $ grep -v "^#" /etc/ssh/ssh_config |grep -i "[a-z]" Host * Protocol 2,1 Host * GSSAPIAuthentication yes ForwardX11Trusted yes SendEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES SendEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT SendEnv LC_IDENTIFICATION LC_ALL

I prefer to not upgrade the version of openssh on pecan just now if I can avoid it.

I'd appreciate any clues. Thanks.

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]