Bug#428968: openssh-server: logging in using my shared keys no longer working after upgrade

2007-06-18 Thread keith001 
For what it's worth, I encountered the same problem after updating.

My sshd config used to read:
## commented out for password ssh: ChallengeResponseAuthentication no
PasswordAuthentication no
which I understand:
- don't not process passwords at sshd level
- yes to Challenge/Response (handled by pam if I remember correctly)

Adding:
ChallengeResponseAuthentication yes
made it work again.

Which would mean that:
- the default value to ChallengeResponseAuthentication switched from Y to N 
with this update;
- people who report being surprised of having PasswordAuthentication no in 
their config were
probably using challenge/response as I did.

I think I remember there was a reason for using challenge/response through pam 
instead 
of direct password.
I see some activity about that in the changelog (1:4.1p1-1 for instance, says:
Disable ChallengeResponseAuthentication in new installations, returning
 to PasswordAuthentication by default, since it now supports PAM and
 apparently works better with a non-threaded sshd (closes: #247521).)

Anybody knowledgeable has an opinion?

Thanks


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#428968: openssh-server: logging in using my shared keys no longer working after upgrade

2007-06-17 Thread Good Times 
Package: openssh-server
Version: 1:4.6p1-1
Followup-For: Bug #428968

After upgrading, I cannot log into my machine. 

 $ ssh zoe
 Permission denied (publickey).

i wanted to append this case to this bug because it seems like the two
things are related

i'm attaching a sshd -ddd and my ssh -vvv output


-- System Information:
Debian Release: lenny/sid
  APT prefers unstable
  APT policy: (990, 'unstable'), (500, 'stable')
Architecture: i386 (i686)

Kernel: Linux 2.6.21-1-686 (SMP w/1 CPU core)
Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1)
Shell: /bin/sh linked to /bin/bash

Versions of packages openssh-server depends on:
ii  adduser  3.102   Add and remove users and groups
ii  debconf  1.5.13  Debian configuration management sy
ii  dpkg 1.14.4  package maintenance system for Deb
ii  libc62.5-11  GNU C Library: Shared libraries
ii  libcomer 1.39+1.40-WIP-2007.04.07+dfsg-2 common error description library
ii  libkrb53 1.6.dfsg.1-4MIT Kerberos runtime libraries
ii  libpam-m 0.79-4  Pluggable Authentication Modules f
ii  libpam-r 0.79-4  Runtime support for the PAM librar
ii  libpam0g 0.79-4  Pluggable Authentication Modules l
ii  libselin 2.0.15-2SELinux shared libraries
ii  libssl0. 0.9.8e-5SSL shared libraries
ii  libwrap0 7.6.dbs-13  Wietse Venema's TCP wrappers libra
ii  lsb-base 3.1-23.1Linux Standard Base 3.1 init scrip
ii  openssh- 1:4.6p1-1   secure shell client, an rlogin/rsh
ii  zlib1g   1:1.2.3-15  compression library - runtime

openssh-server recommends no packages.

-- debconf information:
  ssh/new_config: true
* ssh/use_old_init_script: true
* ssh/disable_cr_auth: false
  ssh/encrypted_host_key_but_no_keygen:
OpenSSH_4.3p2 Debian-10, OpenSSL 0.9.8e 23 Feb 2007
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to zoe [192.168.1.16] port 22.
debug1: Connection established.
debug1: identity file /home/aaron/.ssh/identity type -1
debug3: Not a RSA1 key file /home/aaron/.ssh/id_rsa.
debug2: key_type_from_name: unknown key type '-BEGIN'
debug3: key_read: missing keytype
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug2: key_type_from_name: unknown key type '-END'
debug3: key_read: missing keytype
debug1: identity file /home/aaron/.ssh/id_rsa type 1
debug3: Not a RSA1 key file /home/aaron/.ssh/id_dsa.
debug2: key_type_from_name: unknown key type '-BEGIN'
debug3: key_read: missing keytype
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug2: key_type_from_name: unknown key type '-END'
debug3: key_read: missing keytype
debug1: identity file /home/aaron/.ssh/id_dsa type 2
debug1: Remote protocol version 2.0, remote software version OpenSSH_4.6p1 
Debian-1
debug1: match: OpenSSH_4.6p1 Debian-1 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.3p2 Debian-10
debug2: fd 3 setting O_NONBLOCK
debug1: Miscellaneous failure
No credentials cache found

debug1: Miscellaneous failure
No credentials cache found

debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: 
diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: 
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,[EMAIL
 PROTECTED],aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: 
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,[EMAIL
 PROTECTED],aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,[EMAIL 
PROTECTED],hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,[EMAIL 
PROTECTED],hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,[EMAIL PROTECTED],zlib
debug2: kex_parse_kexinit: