Bug 744 - Login Problems
Summary: Login Problems
Status: CLOSED FIXED
Alias: None
Product: Portable OpenSSH
Classification: Unclassified
Component: scp (show other bugs)
Version: 3.7p1
Hardware: SPARC All
: P2 normal
Assignee: OpenSSH Bugzilla mailing list
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2003-10-16 01:09 AEST by Frank Beckmann
Modified: 2004-04-14 12:24 AEST (History)
0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Frank Beckmann 2003-10-16 01:09:58 AEST 
Hello 

something is wrong:
ssh -o fbeckman@10.128.46.46
Password:
Password:
Password:
fbeckman@10.128.46.46's password:
Permission denied, please try again.
fbeckman@10.128.46.46's password:
Permission denied, please try again.
fbeckman@10.128.46.46's password:

scp /etc/ssh_config fbeckman@10.128.46.46:/tmp/
Password: 
Response: < i not give anything by Passwort he jum direct to Response

I can Loginwith the corrcet password, but the Response is not ok ...

SunOS unknown 5.8 Generic_108528-23 sun4u sparc SUNW,Ultra-5_10

gcc (GCC) 3.3.1
Copyright (C) 2003 Free Software Foundation, Inc.
This is free software; see the source for copying conditions.  There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

OpenSSH_3.7.1p2, SSH protocols 1.5/2.0, OpenSSL 0.9.7c 30 Sep 2003

./configure --prefix=/usr --sysconfdir=/etc --with-pid-dir=/etc --
libexecdir=/usr/bin --x-libraries=/usr/openwin \
--with-pam --with-ssl-dir=/opt/openssl-0.9.7c --with-entropy-timeout=2000  \
--with-zlib=/home/fbeckman/zlib-new \
--mandir=/usr/share/man --without-rpath

CFLAGS="-m32 -mcpu=ultrasparc -O3"
Comment 1 Darren Tucker 2003-10-16 10:57:06 AEST 
> Password: 
> Response: < i not give anything by Passwort he jum direct to Response

That looks like SSHv1 TIS Challenge/Response authentication, which is how PAM
now works with SSHv1.

"Password:" is the challenge.  The "Response" it wants it your password.  Try
connecting with SSHv2 keyboard-interactive (ssh -o
PreferredAuthentications=keyboard-interactive [hostname]).

I suggest changing sshd_config to have:
UsePAM yes
PasswordAuthentication no
ChallengeResponseAuthentication yes

and ssh_config to have
Protocol 2,1
Comment 2 Frank Beckmann 2003-10-16 16:31:24 AEST 
Hi :-)

for old Stuff we have Protocl 1,2 in /etc/ssh_config, the user have in 
~HOME/.ssh/config Protocoll 2.

I have testet the scp as user ixfbeckm uid=0, the homedir contains the config.
when i use ssh he use the config file, but not by scp it build a Protocol 1 
Connection.

Ok.. The problem is Protocol 1... why scp dont use the config file ?

Exceed with ssh Support dosent run, with 3.7.1p2
No login promp by
PasswordAuthentication no
Login prompt:
PasswordAuthentication yes
but auth error... :-( (ldap user)

SSH Client from ssh.org run, after passwort commes ab button for respons.
Putty and winscp runs fine...

Frank
Comment 3 Darren Tucker 2003-11-20 00:34:04 AEDT 
The issue with scp and auto selection of Protocol 1/2 is discussed at length in
bug #742.
Comment 4 Darren Tucker 2003-12-18 17:15:13 AEDT 
I think this is now resolved, can it be closed?
Comment 5 Darren Tucker 2003-12-22 20:47:43 AEDT 
Please re-open if you can reproduce with -current with UsePAM=yes,
PasswordAuthentication=no and ChallengeResponseAuthentication=yes.
Comment 6 Damien Miller 2004-04-14 12:24:19 AEST 
Mass change of RESOLVED bugs to CLOSED