savannah-hackers
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Savannah-hackers] Trouble using ssh

From: Daniel Lemire
Subject: Re: [Savannah-hackers] Trouble using ssh
Date: Mon, 9 Feb 2004 10:32:12 -0400
User-agent: KMail/1.5.2 
No. I generated different keys on each account. I make sure there are not \n 
or \r before uploading the public key but if I were to do this, savannah 
would get wrong the number of keys I have which it doesn't.

Just to be complete, I'll redo every step again on yet another machine...

Here's what I just did...

address@hidden .ssh]$ echo "Protocol 2" > ~/.ssh/config
address@hidden .ssh]$ ssh-keygen -t dsa
Generating public/private dsa key pair.
Enter file in which to save the key (/home/lemired/.ssh/id_dsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/lemired/.ssh/id_dsa.
Your public key has been saved in /home/lemired/.ssh/id_dsa.pub.
The key fingerprint is:
46:46:58:9d:f5:b0:d5:c8:78:aa:fe:3d:83:a1:96:48 address@hidden
address@hidden .ssh]$ ssh -V
OpenSSH_3.1p1, SSH protocols 1.5/2.0, OpenSSL 0x0090602f

I've uploaded it and will wait an hour. I now have 4 different keys uploaded 
and savannah agrees with me that there are exactly 4 keys (but recall that 
this is the second time I do this exercice since I also did it before the 
crash).

Now, this will fail once more because I've done so many times now. At least 3 
times (this will be the fourth) since after savannah got hacked. No, I'm not 
being pessimistic, I'm just being realistic.

-- 
Daniel Lemire, Ph.D.
Research Officer, National Research Council of Canada
Adjunct Professor, University of New Brunswick
http://www.ondelette.com/acadia/


> I just created a test account, followed your steps, and could
> successfully connect to savannah.gnu.org via ssh after an hour.
> I also have OpenSSH_3.1p1 under GNU/Linux (RedHat 7.3).
>
> Your log points out that the key is not recognised by savannah.gnu.org.
> I think you already checked it, but to confirm, could you check it
> again (and that there is no linebreak inside it)?
>
> Otherwise, I suggest you remove and reupload it
> (https://savannah.gnu.org/account/editsshkeys.php), waiting an hour
> (the cron delay) each time.
>
>
> Actually, I assumed your tried each experiment with the same SSH key.
> Am I wrong?
>
> --
> Sylvain
>
> Daniel Lemire wrote :
> > Good day,
> >
> > I've tried just about everything I could think of, and I still cannot
> > connect
> > to savannah using ssh.
> >
> > Please help me.
> >
> >
> >
> > Ok, so what I did was to follow the instruction on
> > https://savannah.gnu.org/faq/?group_id=5802&question=How_do_I_configure_m
> >y_SSH_access.txt
> >
> > To be sure, I tried several machines I have access to.
> >
> > On one machine, I use OpenSSH_3.7.1p2 under FreeBSD on the other, I
> > use
> > OpenSSH_3.1p1 under Linux.
> >
> > On both machines, I do
> >
> > echo "Protocol 2" > ~/.ssh/config
> >
> > first.
> >
> > Then I do
> > "ssh-keygen -t dsa"
> >
> > This will general, in .ssh, the following files... (I used the default
> > names)
> >  id_dsa          id_dsa.pub
> >
> > I've then uploaded "id_dsa.pub" to the server.
> >
> > Then I've waited many days.
> >
> > Then I get asked for a password whichis my doom... of course...
> >
> > ssh address@hidden
> > (much deleted here)
> > debug1: Host 'savannah.nongnu.org' is known and matches the RSA host
> > key.
> > debug1: Found key in /home/lemire/.ssh/known_hosts:15
> > debug1: bits set: 1616/3191
> > debug1: ssh_rsa_verify: signature correct
> > debug1: kex_derive_keys
> > debug1: newkeys: mode 1
> > debug1: SSH2_MSG_NEWKEYS sent
> > debug1: waiting for SSH2_MSG_NEWKEYS
> > debug1: newkeys: mode 0
> > debug1: SSH2_MSG_NEWKEYS received
> > debug1: done: ssh_kex2.
> > debug1: send SSH2_MSG_SERVICE_REQUEST
> > debug1: service_accept: ssh-userauth
> > debug1: got SSH2_MSG_SERVICE_ACCEPT
> > debug1: authentications that can continue:
> > publickey,password,keyboard-interactive
> > debug1: next auth method to try is publickey
> > debug1: try privkey: /home/lemire/.ssh/id_rsa
> > debug1: try pubkey: /home/lemire/.ssh/id_dsa
> > debug1: authentications that can continue:
> > publickey,password,keyboard-interactive
> > debug1: next auth method to try is keyboard-interactive
> > debug1: authentications that can continue:
> > publickey,password,keyboard-interactive
> > debug1: next auth method to try is password
> > address@hidden's password:
> >
> >
> > and it goes downhill from here...
> >
> > I've actually repeated the experiment with 4 different machines, not
> > only 2,
> > but you get my point. I also did this before and after savannah got
> > hacked. I
> > seem to be getting exactly the same result...
> >
> > Underlying my plea for help is a "why does this need to be so complex
> > when
> > sourceforge has a much simpler approach and they don't seem to get
> > hacked so
> > much..." but I'll leave that for another day.
> >
> > Thanks!
reply via email to
[Prev in Thread] Current Thread [Next in Thread]