Bugzilla – Attachment 256 Details for
Bug 516
RhostsAuthentication failing with privsep
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
sshd & ssh debug traces for rhosts authentication
sshd.debug (text/plain), 9.32 KB, created by
Darren Tucker
on 2003-03-24 20:58:15 AEDT
(
hide
)
Description:
sshd & ssh debug traces for rhosts authentication
Filename:
MIME Type:
Creator:
Darren Tucker
Created:
2003-03-24 20:58:15 AEDT
Size:
9.32 KB
patch
obsolete
># sshd without privsep > >$ sudo ./sshd -ddd -p 2022 -o RhostsAuthentication=yes -o IgnoreRhosts=no -o UsePrivilegeSeparation=no >debug3: Seeding PRNG from /usr/local/libexec/ssh-rand-helper >debug1: sshd version OpenSSH_3.5p1 >debug1: private host key: #0 type 0 RSA1 >debug3: Not a RSA1 key file /usr/local/etc/ssh_host_rsa_key. >debug1: read PEM private key done: type RSA >debug1: private host key: #1 type 1 RSA >debug3: Not a RSA1 key file /usr/local/etc/ssh_host_dsa_key. >debug1: read PEM private key done: type DSA >debug1: private host key: #2 type 2 DSA >debug1: Bind to port 2022 on 0.0.0.0. >Server listening on 0.0.0.0 port 2022. >Generating 768 bit RSA key. >RSA key generation complete. >debug1: Server will not fork when running in debugging mode. >Connection from 127.0.0.1 port 874 >debug1: Client protocol version 1.5; client software version OpenSSH_3.5p1 >debug1: match: OpenSSH_3.5p1 pat OpenSSH* >debug1: Local version string SSH-1.99-OpenSSH_3.5p1 >debug1: Sent 768 bit server key and 1024 bit host key. >debug1: Encryption type: 3des >debug1: cipher_init: set keylen (16 -> 32) >debug1: cipher_init: set keylen (16 -> 32) >debug1: Received session key; encryption turned on. >debug1: Installing crc compensation attack detector. >debug1: Attempting authentication for root. >debug3: Trying to reverse map address 127.0.0.1. >debug2: auth_rhosts2: clientuser root hostname localhost ipaddr 127.0.0.1 >debug1: temporarily_use_uid: 0/0 (e=0/0) >debug1: restore_uid: 0/0 >debug1: temporarily_use_uid: 0/0 (e=0/0) >debug1: restore_uid: 0/0 >Accepted rhosts for root from 127.0.0.1 port 874 ruser root >debug1: session_new: init >debug1: session_new: session 0 >debug1: Exec command 'echo yes' >debug1: Entering interactive session. >debug1: fd 7 setting O_NONBLOCK >debug2: fd 7 is O_NONBLOCK >debug1: fd 9 setting O_NONBLOCK >debug1: fd 3 setting O_NONBLOCK >debug1: fd 8 setting O_NONBLOCK >debug1: server_init_dispatch_13 >debug1: server_init_dispatch_15 >debug1: End of interactive session; stdin 0, stdout (read 4, sent 4), stderr 1075 bytes. >debug1: Command exited with status 0. >debug1: Received exit confirmation. >debug1: session_close: session 0 pid 13366 >Closing connection to 127.0.0.1 > ># sshd w/privsep > >$ ./sshd -ddd -p 2022 -o RhostsAuthentication=yes -o IgnoreRhosts=no >debug3: Seeding PRNG from /usr/local/libexec/ssh-rand-helper >debug1: sshd version OpenSSH_3.5p1 >debug1: private host key: #0 type 0 RSA1 >debug3: Not a RSA1 key file /usr/local/etc/ssh_host_rsa_key. >debug1: read PEM private key done: type RSA >debug1: private host key: #1 type 1 RSA >debug3: Not a RSA1 key file /usr/local/etc/ssh_host_dsa_key. >debug1: read PEM private key done: type DSA >debug1: private host key: #2 type 2 DSA >debug1: Bind to port 2022 on 0.0.0.0. >Server listening on 0.0.0.0 port 2022. >Generating 768 bit RSA key. >RSA key generation complete. >debug1: Server will not fork when running in debugging mode. >Connection from 127.0.0.1 port 733 >debug1: Client protocol version 1.5; client software version OpenSSH_3.5p1 >debug1: match: OpenSSH_3.5p1 pat OpenSSH* >debug1: Local version string SSH-1.99-OpenSSH_3.5p1 >debug3: privsep user:group 218:211 >debug1: permanently_set_uid: 218/211 >debug1: Sent 768 bit server key and 1024 bit host key. >debug2: Network child is on pid 13420 >debug3: preauth child monitor started >debug3: mm_request_receive entering >debug1: Encryption type: 3des >debug3: mm_request_send entering: type 28 >debug3: mm_request_receive_expect entering: type 29 >debug3: mm_request_receive entering >debug3: monitor_read: checking request 28 >debug3: mm_request_send entering: type 29 >debug3: mm_ssh1_session_id entering >debug3: mm_request_send entering: type 30 >debug1: cipher_init: set keylen (16 -> 32) >debug1: cipher_init: set keylen (16 -> 32) >debug1: Received session key; encryption turned on. >debug2: monitor_read: 28 used once, disabling now >debug3: mm_request_receive entering >debug3: monitor_read: checking request 30 >debug3: mm_answer_sessid entering >debug2: monitor_read: 30 used once, disabling now >debug3: mm_request_receive entering >debug1: Installing crc compensation attack detector. >debug3: mm_getpwnamallow entering >debug3: mm_request_send entering: type 6 >debug3: mm_getpwnamallow: waiting for MONITOR_ANS_PWNAM >debug3: mm_request_receive_expect entering: type 7 >debug3: mm_request_receive entering >debug3: monitor_read: checking request 6 >debug3: mm_answer_pwnamallow >debug3: mm_answer_pwnamallow: sending MONITOR_ANS_PWNAM: 1 >debug3: mm_request_send entering: type 7 >debug1: Attempting authentication for root. >debug3: mm_auth_password entering >debug3: mm_request_send entering: type 10 >debug3: mm_auth_password: waiting for MONITOR_ANS_AUTHPASSWORD >debug3: mm_request_receive_expect entering: type 11 >debug3: mm_request_receive entering >debug2: monitor_read: 6 used once, disabling now >debug3: mm_request_receive entering >debug3: monitor_read: checking request 10 >debug3: mm_answer_authpassword: sending result 0 >debug3: mm_request_send entering: type 11 >debug3: mm_auth_password: user not authenticated >Failed none for root from 127.0.0.1 port 733 >debug3: mm_request_receive entering >debug3: Trying to reverse map address 127.0.0.1. >debug2: auth_rhosts2: clientuser root hostname 127.0.0.1 ipaddr 127.0.0.1 >debug1: temporarily_use_uid: 0/0 (e=218/211) >debug1: restore_uid: (unprivileged) >Failed rhosts for root from 127.0.0.1 port 733 ruser root >debug1: rcvd SSH_CMSG_AUTH_TIS >Failed challenge-response for root from 127.0.0.1 port 733 >debug3: mm_auth_password entering >debug3: mm_request_send entering: type 10 >debug3: mm_auth_password: waiting for MONITOR_ANS_AUTHPASSWORD >debug3: mm_request_receive_expect entering: type 11 >debug3: mm_request_receive entering >debug3: monitor_read: checking request 10 >debug3: mm_answer_authpassword: sending result 0 >debug3: mm_request_send entering: type 11 >Failed password for root from 127.0.0.1 port 733 >debug3: Trying to reverse map address 127.0.0.1. >debug3: mm_auth_password: user not authenticated >Failed password for root from 127.0.0.1 port 733 >debug3: mm_request_receive entering >Connection closed by 127.0.0.1 >debug1: Calling cleanup 0x200785f0(0x0) >$ exit > ># Corresponding ssh debug to above ># ssh connecting to sshd w/privsep > >$ ./ssh -p 2022 -o RhostsAuthentication=yes -o UsePrivilegedPort=yes -1 localhost -vvv "echo yes" >OpenSSH_3.5p1, SSH protocols 1.5/2.0, OpenSSL 0x0090607f >debug1: Reading configuration data /usr/local/etc/ssh_config >debug3: Seeding PRNG from /usr/local/libexec/ssh-rand-helper >debug1: ssh_connect: needpriv 1 >debug1: Connecting to localhost [127.0.0.1] port 2022. >debug3: RNG is ready, skipping seeding >debug1: Allocated local port 874. >debug1: Connection established. >debug1: identity file /root/.ssh/identity type -1 >debug1: Remote protocol version 1.99, remote software version OpenSSH_3.5p1 >debug1: match: OpenSSH_3.5p1 pat OpenSSH* >debug1: Local version string SSH-1.5-OpenSSH_3.5p1 >debug1: Waiting for server public key. >debug1: Received server public key (768 bits) and host key (1024 bits). >debug3: check_host_in_hostfile: filename /root/.ssh/known_hosts >debug3: check_host_in_hostfile: match line 9 >debug1: Host 'localhost' is known and matches the RSA1 host key. >debug1: Found key in /root/.ssh/known_hosts:9 >debug1: Encryption type: 3des >debug1: Sent encrypted session key. >debug1: cipher_init: set keylen (16 -> 32) >debug1: cipher_init: set keylen (16 -> 32) >debug1: Installing crc compensation attack detector. >debug1: Received encrypted confirmation. >debug1: Trying rhosts authentication. >debug1: Remote: Accepted by .shosts. >debug1: Remote: Accepted host localhost ip 127.0.0.1 client_user root server_user root >debug1: Sending command: echo yes >debug1: Entering interactive session. >debug3: AIX/UsrInfo: set len 23 >debug1: permanently_set_uid: 0/0 >Environment: > [snip] >yes >debug1: Transferred: stdin 0, stdout 4, stderr 1075 bytes in 0.2 seconds >debug1: Bytes per second: stdin 0.0, stdout 19.1, stderr 5130.9 >debug1: Exit status 0 > ># ssh connecting to sshd with privsep > >$ ./ssh -p 2022 -o RhostsAuthentication=yes -o UsePrivilegedPort=yes -1 localhoost -vvv "echo yes" >OpenSSH_3.5p1, SSH protocols 1.5/2.0, OpenSSL 0x0090607f >debug1: Reading configuration data /usr/local/etc/ssh_config >debug3: Seeding PRNG from /usr/local/libexec/ssh-rand-helper >debug1: ssh_connect: needpriv 1 >debug1: Connecting to localhost [127.0.0.1] port 2022. >debug3: RNG is ready, skipping seeding >debug1: Allocated local port 733. >debug1: Connection established. >debug1: identity file /root/.ssh/identity type -1 >debug1: Remote protocol version 1.99, remote software version OpenSSH_3.5p1 >debug1: match: OpenSSH_3.5p1 pat OpenSSH* >debug1: Local version string SSH-1.5-OpenSSH_3.5p1 >debug1: Waiting for server public key. >debug1: Received server public key (768 bits) and host key (1024 bits). >debug3: check_host_in_hostfile: filename /root/.ssh/known_hosts >debug3: check_host_in_hostfile: match line 9 >debug1: Host 'localhost' is known and matches the RSA1 host key. >debug1: Found key in /root/.ssh/known_hosts:9 >debug1: Encryption type: 3des >debug1: Sent encrypted session key. >debug1: cipher_init: set keylen (16 -> 32) >debug1: cipher_init: set keylen (16 -> 32) >debug1: Installing crc compensation attack detector. >debug1: Received encrypted confirmation. >debug1: Trying rhosts authentication. >debug1: RSA authentication using agent refused. >debug1: Doing challenge response authentication. >debug1: No challenge. >debug1: Doing password authentication. >root@localhost's password: >Permission denied, please try again. >root@localhost's password: ^C > >$ exit
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Actions:
View
Attachments on
bug 516
: 256