[Bug 3406] RSA key authentication doesn't work with enabled GSSAPIKeyExchange: sign_and_send_pubkey: internal error: initial hostkey not recorded
https://bugzilla.mindrot.org/show_bug.cgi?id=3406 Damien Miller changed: What|Removed |Added Status|RESOLVED|CLOSED --- Comment #7 from Damien Miller --- Closing bugs from openssh-9.1 release cycle -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug. ___ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 3406] RSA key authentication doesn't work with enabled GSSAPIKeyExchange: sign_and_send_pubkey: internal error: initial hostkey not recorded
https://bugzilla.mindrot.org/show_bug.cgi?id=3406 Damien Miller changed: What|Removed |Added Resolution|--- |WORKSFORME Status|NEW |RESOLVED --- Comment #6 from Damien Miller --- problem not in OpenSSH code but in a third-party patch -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug. ___ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 3406] RSA key authentication doesn't work with enabled GSSAPIKeyExchange: sign_and_send_pubkey: internal error: initial hostkey not recorded
https://bugzilla.mindrot.org/show_bug.cgi?id=3406 --- Comment #5 from Damien Miller --- Comment on attachment 3583 --> https://bugzilla.mindrot.org/attachment.cgi?id=3583 ssh_client_debug3_log_key_auth_failed.txt thanks - yes, this is the 3rd-party gssapi-kex modification causing this. It needs a tweak like the one I described above -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug. ___ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 3406] RSA key authentication doesn't work with enabled GSSAPIKeyExchange: sign_and_send_pubkey: internal error: initial hostkey not recorded
https://bugzilla.mindrot.org/show_bug.cgi?id=3406 --- Comment #4 from qji --- Created attachment 3583 --> https://bugzilla.mindrot.org/attachment.cgi?id=3583=edit ssh_client_debug3_log_key_auth_failed.txt And here is the client log (ssh -vvv) for the same event (but a different session) -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug. ___ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 3406] RSA key authentication doesn't work with enabled GSSAPIKeyExchange: sign_and_send_pubkey: internal error: initial hostkey not recorded
https://bugzilla.mindrot.org/show_bug.cgi?id=3406 --- Comment #3 from qji --- Created attachment 3582 --> https://bugzilla.mindrot.org/attachment.cgi?id=3582=edit sshd_debug3_log_key_auth_failed.txt Here is a sshd debug3 log showing the output the same time I ran the "ssh localadmin@myserver" command on my client. -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug. ___ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 3406] RSA key authentication doesn't work with enabled GSSAPIKeyExchange: sign_and_send_pubkey: internal error: initial hostkey not recorded
https://bugzilla.mindrot.org/show_bug.cgi?id=3406 --- Comment #2 from Damien Miller --- specifically, the gssapi-kex patch probably needs something like: > if (ssh->kex->initial_hostkey == NULL) > hostbound = 0; added after the first "if" statement near the start of sshconnect2.c:sign_and_send_pubkey() -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug. ___ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs
[Bug 3406] RSA key authentication doesn't work with enabled GSSAPIKeyExchange: sign_and_send_pubkey: internal error: initial hostkey not recorded
https://bugzilla.mindrot.org/show_bug.cgi?id=3406 Damien Miller changed: What|Removed |Added CC||d...@mindrot.org --- Comment #1 from Damien Miller --- Please attach a full debug trace from the server. It's hard to tell what has gone wrong from just the error message. Also: > GSSAPIKeyExchange yes This is a third-party patch to OpenSSH. It's fairly likely that this is causing the problem. -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug. ___ openssh-bugs mailing list openssh-bugs@mindrot.org https://lists.mindrot.org/mailman/listinfo/openssh-bugs