i am working with folks to resolve an issue on a server that has been recently upgraded to OpenSolaris 2008.11 from OpenSolaris b98. the cygwin client was able to use OpenSSH_5.1 to connect to the OpenSolaris b98 server without problem. i have not seen anything in the archives that jumps out at me. i have used pkg verify to validate that SUNWopenssl, SUNWssh, SUNWsshcu, and SUNWsshd are installed correctly, the keys are present in /etc/ssh. if i use an OpenSolaris 2008.11 or Solaris10U4 client ssh connection there is no problem. the Win XP client is up to date on patches.
thoughts or suggestions are welcome, wanted to see if other have seen a similar issue or can point me in the right direction. the example output when running the sshd in debug mode on the server follows: OpenSolaris sshd ---------------- javasig1 at jupiter:~# /usr/lib/ssh/sshd -d debug1: sshd version Sun_SSH_1.2 debug1: read PEM private key done: type RSA debug1: private host key: #0 type 1 RSA debug1: read PEM private key done: type DSA debug1: private host key: #1 type 2 DSA debug1: Bind to port 22 on ::. Server listening on :: port 22. [FG: server now waits for my client........] debug1: Server will not fork when running in debugging mode. Connection from 68.45.21.44 port 4518 debug1: Client protocol version 2.0; client software version OpenSSH_5.1 debug1: match: OpenSSH_5.1 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-Sun_SSH_1.2 monitor debug1: list_hostkey_types: ssh-rsa,ssh-dss monitor debug1: reading the context from the child debug1: use_engine is 'yes' debug1: pkcs11 engine initialized, now setting it as default for RSA, DSA, and symmetric ciphers debug1: pkcs11 engine initialization complete debug1: list_hostkey_types: ssh-rsa,ssh-dss debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: client->server aes128-cbc hmac-md5 none debug1: kex: server->client aes128-cbc hmac-md5 none debug1: Peer sent proposed langtags, ctos: debug1: Peer sent proposed langtags, stoc: debug1: We proposed langtags, ctos: ar-SA,cs-CZ,de,de-AT,de-CH,de-DE,de-LU,en-AU,en-CA,en-GB,en-IE,en-MT,en-NZ,en-US,es,es-AR,es-BO,es-CL,es-CO,es-CR,es-EC,es-ES,es-GT,es-MX,es-NI,es-PA,es-PE,es-PY,es-SV,es-UY,es-VE,fr,fr-BE,fr-CA,fr-CH,fr-FR,fr-LU,he-IL,hu-HU,id-ID,it,it-IT,ja-JP,ko,ko-KR,pt-BR,ru,ru-RU,sk-SK,sv,sv-SE,zh,zh-CN,zh-HK,i-default,zh-TW debug1: We proposed langtags, stoc: ar-SA,cs-CZ,de,de-AT,de-CH,de-DE,de-LU,en-AU,en-CA,en-GB,en-IE,en-MT,en-NZ,en-US,es,es-AR,es-BO,es-CL,es-CO,es-CR,es-EC,es-ES,es-GT,es-MX,es-NI,es-PA,es-PE,es-PY,es-SV,es-UY,es-VE,fr,fr-BE,fr-CA,fr-CH,fr-FR,fr-LU,he-IL,hu-HU,id-ID,it,it-IT,ja-JP,ko,ko-KR,pt-BR,ru,ru-RU,sk-SK,sv,sv-SE,zh,zh-CN,zh-HK,i-default,zh-TW [FG: server now just sits there...] WinXP cygwin ssh [ssh -v -l javasig1 jupiter.javasig.com] --------------------------------------------------------- [fgreco at zztop(1)] $ ssh -v -l javasig1 jupiter.javasig.com OpenSSH_5.1p1, OpenSSL 0.9.8i 15 Sep 2008 debug1: Connecting to jupiter.javasig.com [198.138.68.91] port 22. debug1: Connection established. debug1: identity file /home/Frank Greco/.ssh/identity type 0 debug1: identity file /home/Frank Greco/.ssh/id_rsa type 1 debug1: identity file /home/Frank Greco/.ssh/id_dsa type 2 debug1: Remote protocol version 2.0, remote software version Sun_SSH_1.2 debug1: no match: Sun_SSH_1.2 debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_5.1 debug1: SSH2_MSG_KEXINIT sent [FG: client just hangs at this point.............] Read from socket failed: Connection reset by peer -- Michael F. Biniasz Sun Microsystems, Inc. 101 Park Avenue New York, NY 10178 877-420-9997 work 631-987-7995 cell *********************************************************************** NOTICE: This email message is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message. ***********************************************************************
