savannah-hackers
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Savannah-hackers] Re: suddenly lost CVS access to subversions.gnu.org

From: Karl Fogel
Subject: [Savannah-hackers] Re: suddenly lost CVS access to subversions.gnu.org
Date: 05 Apr 2003 14:10:37 -0600
User-agent: Gnus/5.09 (Gnus v5.9.0) Emacs/21.3.50 
Mathieu Roy <address@hidden> writes:
> I'm puzzled as we got
>         Accepted rsa for kfogel from 65.42.95.175 port 37964
> in the logs.

Wow.  That's strange, yeah.

> Can you provide the content of /etc/ssh/ssh_config

Suer.  Note that my system is not OpenBSD (I guess the file was
inherited from some OpenBSD tree at some point).  I've indented
everything by three spaces; the file looks to be all comments anyway:

   #    $OpenBSD: ssh_config,v 1.10 2001/04/03 21:19:38 todd Exp $
   
   # This is ssh client systemwide configuration file.  See ssh(1) for more
   # information.  This file provides defaults for users, and the values can
   # be changed in per-user configuration files or on the command line.
   
   # Configuration data is parsed as follows:
   #  1. command line options
   #  2. user-specific file
   #  3. system-wide file
   # Any configuration value is only changed the first time it is set.
   # Thus, host-specific definitions should be at the beginning of the
   # configuration file, and defaults at the end.
   
   # Site-wide defaults for various options
   
   # Host *
   #   ForwardAgent no
   #   ForwardX11 no
   #   RhostsAuthentication no
   #   RhostsRSAAuthentication yes
   #   RSAAuthentication yes
   #   PasswordAuthentication yes
   #   FallBackToRsh no
   #   UseRsh no
   #   BatchMode no
   #   CheckHostIP yes
   #   StrictHostKeyChecking yes
   #   IdentityFile ~/.ssh/identity
   #   IdentityFile ~/.ssh/id_dsa
   #   IdentityFile ~/.ssh/id_rsa
   #   Port 22
   #   Protocol 2,1
   #   Cipher blowfish
   #   EscapeChar ~

> Does your connection with your rsa1 keys (identity) works somewhere
> else?

I don't know; mainly I connect to machines using DSA.  I'll try
reversing the Protocol order in my ~/.ssh/config...

Holy cow!  That did it!

If ~/.ssh/config has

   Protocol 2,1

as its first line, then I see the same symptoms we've been seeing.
But if I switch it to:

   Protocol 1,2

then the cvs update of my Emacs tree works.

So, it appears there's some bug in OpenSSH 3.0.2p1, whereby the top
level Protocol specification in the config file cannot be overridden,
neither by the command line, nor by a Host section later in the config
file.

But I can't find anything about such a bug on Google, so perhaps
something more complex is going on here...

Anyway, I have a workaround now, even if a clumsy one.  If I find out
anything more about this problem, I'll let you know.

Thanks for all your help,
-Karl
reply via email to
[Prev in Thread] Current Thread [Next in Thread]