[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Savannah-hackers] Re: suddenly lost CVS access to subversions.gnu.org
From: |
Mathieu Roy |
Subject: |
[Savannah-hackers] Re: suddenly lost CVS access to subversions.gnu.org |
Date: |
05 Apr 2003 20:18:53 +0200 |
User-agent: |
Gnus/5.09 (Gnus v5.9.0) Emacs/21.2 |
Karl Fogel <address@hidden> said:
> Mathieu Roy <address@hidden> writes:
> > > $ cat ~/.ssh/config
> > > Protocol 2,1
> > > Host cvs.red-bean.com
> > > EscapeChar none
> > > ForwardX11 no
> > > Host subversions.gnu.org
> > > Protocol 1
> >
> > Normally it should work.
> > Please replace
> > Host subversions.gnu.org by Host *gnu.org
> >
> > and retry CVS connection.
>
> Nope, still the same problem. I get prompted for a password:
>
> $ echo $CVS_RSH
> ssh
> $ cd emacs-working-copy
> $ cat CVS/Root
> address@hidden:/cvsroot/emacs
> $ cvs up
> address@hidden's password: [*** try one password ***]
> Permission denied, please try again.
> address@hidden's password: [*** try a second password ***]
> Permission denied, please try again.
> address@hidden's password: [*** try a third password ***]
> Permission denied (publickey,password,keyboard-interactive).
> cvs [update aborted]: end of file from server \
> (consult above messages if any)
> $ cd ..
> $ cvs -d :ext:address@hidden:/cvsroot/emacs co -d tmp emacs
> address@hidden's password: ^C ^C
> cvs [checkout aborted]: received interrupt signal
> $ cat ~/.ssh/config
> Protocol 2,1
> Host cvs.red-bean.com
> EscapeChar none
> ForwardX11 no
> Host *.gnu.org
> Protocol 1
> $
I'm puzzled as we got
Accepted rsa for kfogel from 65.42.95.175 port 37964
in the logs.
But
>
> This is with OpenSSH in a relatively recent installation of Debian
> GNU/Linux. Here's the out put of 'ssh -v -v -v sv.gnu.org' again,
> with "Host *.gnu.org" in my ~/.ssh/config:
>
> $ ssh -v -v -v sv.gnu.org
> OpenSSH_3.0.2p1 Debian 1:3.0.2p1-8, SSH protocols 1.5/2.0, OpenSSL
> 0x0090603f
> debug1: Reading configuration data /home/kfogel/.ssh/config
> debug1: Applying options for *.gnu.org
> debug1: Reading configuration data /etc/ssh/ssh_config
> debug1: Seeding random number generator
> debug1: Rhosts Authentication disabled, originating port will not be
> trusted.
> debug1: restore_uid
> debug1: ssh_connect: getuid 1000 geteuid 0 anon 1
Can you provide the content of /etc/ssh/ssh_config
> debug1: Connecting to sv.gnu.org [199.232.41.3] port 22.
> debug1: temporarily_use_uid: 1000/1000 (e=0)
> debug1: restore_uid
> debug1: temporarily_use_uid: 1000/1000 (e=0)
> debug1: restore_uid
> debug1: Connection established.
> debug1: read PEM private key done: type DSA
> debug1: read PEM private key done: type RSA
> debug1: identity file /home/kfogel/.ssh/identity type 0
-> type 0 is what we are looking for
> debug1: identity file /home/kfogel/.ssh/id_rsa type -1
> debug3: Not a RSA1 key file /home/kfogel/.ssh/id_dsa.
> debug2: key_type_from_name: unknown key type '-----BEGIN'
> debug3: key_read: no key found
> debug2: key_type_from_name: unknown key type 'Proc-Type:'
> debug3: key_read: no key found
> debug2: key_type_from_name: unknown key type 'DEK-Info:'
> debug3: key_read: no key found
> debug3: key_read: no space
> debug3: key_read: no space
> debug3: key_read: no space
> debug3: key_read: no space
> debug3: key_read: no space
> debug3: key_read: no space
> debug3: key_read: no space
> debug3: key_read: no space
> debug3: key_read: no space
> debug3: key_read: no space
> debug2: key_type_from_name: unknown key type '-----END'
> debug3: key_read: no key found
> debug1: identity file /home/kfogel/.ssh/id_dsa type 2
> debug1: Remote protocol version 1.99, remote software version
> OpenSSH_3.4p1 Debian 1:3.4p1-0.0woody1
> debug1: match: OpenSSH_3.4p1 Debian 1:3.4p1-0.0woody1 pat ^OpenSSH
> Enabling compatibility mode for protocol 2.0
-> protocol 2.0?
> debug1: Local version string SSH-2.0-OpenSSH_3.0.2p1 Debian 1:3.0.2p1-8
> debug1: SSH2_MSG_KEXINIT sent
> debug1: SSH2_MSG_KEXINIT received
-> idem
> debug2: kex_parse_kexinit:
> diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
> debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
> debug2: kex_parse_kexinit:
> aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael128-cbc,rijndael192-cbc,rijndael256-cbc,address@hidden
> debug2: kex_parse_kexinit:
> aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael128-cbc,rijndael192-cbc,rijndael256-cbc,address@hidden
> debug2: kex_parse_kexinit:
> hmac-md5,hmac-sha1,hmac-ripemd160,address@hidden,hmac-sha1-96,hmac-md5-96
> debug2: kex_parse_kexinit:
> hmac-md5,hmac-sha1,hmac-ripemd160,address@hidden,hmac-sha1-96,hmac-md5-96
> debug2: kex_parse_kexinit: none
> debug2: kex_parse_kexinit: none
> debug2: kex_parse_kexinit:
> debug2: kex_parse_kexinit:
> debug2: kex_parse_kexinit: first_kex_follows 0
> debug2: kex_parse_kexinit: reserved 0
> debug2: kex_parse_kexinit:
> diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
> debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
> debug2: kex_parse_kexinit:
> aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,address@hidden
> debug2: kex_parse_kexinit:
> aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,address@hidden
> debug2: kex_parse_kexinit:
> hmac-md5,hmac-sha1,hmac-ripemd160,address@hidden,hmac-sha1-96,hmac-md5-96
> debug2: kex_parse_kexinit:
> hmac-md5,hmac-sha1,hmac-ripemd160,address@hidden,hmac-sha1-96,hmac-md5-96
> debug2: kex_parse_kexinit: none,zlib
> debug2: kex_parse_kexinit: none,zlib
> debug2: kex_parse_kexinit:
> debug2: kex_parse_kexinit:
> debug2: kex_parse_kexinit: first_kex_follows 0
> debug2: kex_parse_kexinit: reserved 0
> debug2: mac_init: found hmac-md5
> debug1: kex: server->client aes128-cbc hmac-md5 none
> debug2: mac_init: found hmac-md5
> debug1: kex: client->server aes128-cbc hmac-md5 none
> debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent
> debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
> debug1: dh_gen_key: priv key bits set: 134/256
> debug1: bits set: 1625/3191
> debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
> debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
> debug3: check_host_in_hostfile: filename /home/kfogel/.ssh/known_hosts
> debug2: key_type_from_name: unknown key type '1024'
> debug3: key_read: no key found
> debug3: check_host_in_hostfile: match line 149
> debug3: check_host_in_hostfile: filename /home/kfogel/.ssh/known_hosts
> debug2: key_type_from_name: unknown key type '1024'
> debug3: key_read: no key found
> debug3: check_host_in_hostfile: match line 149
> debug1: Host 'sv.gnu.org' is known and matches the RSA host key.
> debug1: Found key in /home/kfogel/.ssh/known_hosts:149
Authentication of the server is ok.
After that, your ssh does not try the rsa1 key (identity).
Normally, you should get a
debug1: Trying RSA authentication with key '/home/xxx/.ssh/identity'
> debug1: bits set: 1567/3191
> debug1: ssh_rsa_verify: signature correct
> debug1: kex_derive_keys
> debug1: newkeys: mode 1
> debug1: SSH2_MSG_NEWKEYS sent
> debug1: waiting for SSH2_MSG_NEWKEYS
> debug1: newkeys: mode 0
> debug1: SSH2_MSG_NEWKEYS received
> debug1: done: ssh_kex2.
> debug1: send SSH2_MSG_SERVICE_REQUEST
> debug1: service_accept: ssh-userauth
> debug1: got SSH2_MSG_SERVICE_ACCEPT
> debug1: authentications that can continue:
> publickey,password,keyboard-interactive
> debug3: start over, passed a different list
> publickey,password,keyboard-interactive
> debug3: preferred publickey,keyboard-interactive,password
> debug3: authmethod_lookup publickey
> debug3: remaining preferred: keyboard-interactive,password
> debug3: authmethod_is_enabled publickey
> debug1: next auth method to try is publickey
> debug1: userauth_pubkey_agent: testing agent key .ssh/id_dsa
> debug3: send_pubkey_test
> debug2: we sent a publickey packet, wait for reply
> debug1: authentications that can continue:
> publickey,password,keyboard-interactive
> debug3: clear_auth_state: key_free 0x8092878
> debug2: userauth_pubkey_agent: no more keys
> debug2: userauth_pubkey_agent: no message sent
> debug1: try privkey: /home/kfogel/.ssh/id_rsa
> debug3: no such identity: /home/kfogel/.ssh/id_rsa
> debug1: try pubkey: /home/kfogel/.ssh/id_dsa
> debug3: send_pubkey_test
> debug2: we sent a publickey packet, wait for reply
> debug1: authentications that can continue:
> publickey,password,keyboard-interactive
> debug2: userauth_pubkey_agent: no more keys
> debug2: userauth_pubkey_agent: no message sent
> debug2: we did not send a packet, disable method
> debug3: authmethod_lookup keyboard-interactive
> debug3: remaining preferred: password
> debug3: authmethod_is_enabled keyboard-interactive
> debug1: next auth method to try is keyboard-interactive
> debug2: userauth_kbdint
> debug2: we sent a keyboard-interactive packet, wait for reply
> debug1: authentications that can continue:
> publickey,password,keyboard-interactive
> debug3: userauth_kbdint: disable: no info_req_seen
> debug2: we did not send a packet, disable method
> debug3: authmethod_lookup password
> debug3: remaining preferred:
> debug3: authmethod_is_enabled password
> debug1: next auth method to try is password
> address@hidden's password:
> ^C ^C ^C [on seeing the password prompt, I hit ^C to exit]
> $
>
> Any ideas?,
Does your connection with your rsa1 keys (identity) works somewhere
else?
Maybe an explanation is in /etc/ssh/ssh_config
Regards,
--
Mathieu Roy
<< Profile << http://savannah.gnu.org/users/yeupou <<
>> Homepage >> http://yeupou.coleumes.org >>
<< GPG Key << http://stock.coleumes.org/gpg <<