Ok, I've been trying to get some version of ssh working on Red Hat 6.2 for
almost a week now. I can't remember ever having such a hard time with
something on Linux :-/.
This is my current setup:
I've downloaded the very latest src.rpms from an Openssh.com mirror, and
compiled them as i686 binaries, as shown here:
[root@garnet ssh]# ls /root/Dl/OpenSSH/Openssh.com/i686/
openssh-2.1.1p4-1.i686.rpm
openssh-clients-2.1.1p4-1.i686.rpm
openssl-devel-0.9.5a-1.i686.rpm
openssh-askpass-2.1.1p4-1.i686.rpm
openssh-server-2.1.1p4-1.i686.rpm
openssh-askpass-gnome-2.1.1p4-1.i686.rpm
openssl-0.9.5a-1.i686.rpm
All of these are installed EXCEPT openssl-devel-0.9.5a-1.i686.rpm (nothing
wanted it, and I didn't see anything that suggested I need it)
To make things a little clearer;
The box in question is named "garnet" with an IP of 192.168.0.80, running
Red Hat 6.2 Professional, trying to run OpenSSH. This is the one I'm trying
to get ssh working on.
The other local box is bismuth, IP 192.168.0.70, running SusE 6.4 with
SuSE's ssh rpm installed and working (NOT OpenSSH, just ssh).
It seems that the host keys were generated during the install - isn't that
right?
[root@garnet ssh]# ls /etc/ssh/
ssh_config
ssh_host_dsa_key
ssh_host_dsa_key.pub
ssh_host_key
ssh_host_key.pub
sshd_config
Now, I can ssh from garnet to bimuth no prob:
[root@garnet ssh]# su - jw
[jw@garnet jw]$ ssh bismuth
jw@bismuth's password:
Last login: Fri Sep 1 12:18:41 2000 from 192.168.0.80
Have a lot of fun...
You have new mail.
jw@bismuth:~ >
However I cannot from bimuth to garnet:
jw@bismuth:~ > ssh garnet
Connection closed by remote host.
jw@bismuth:~ > ssh 192.168.0.80
Connection closed by remote host.
jw@bismuth:~ >
I cannot ssh from garnet to garnet:
[jw@garnet jw]$ ssh garnet
Connection closed by 127.0.0.1
If I try:
[jw@garnet jw]$ ssh 192.168.0.80
it just sits there forever (up to 20 mintues for far ;-) and doesn't even
error.
Here's what /var/log/messages says while this is happening:
[root@garnet ssh]# tail -f /var/log/messages
Sep 1 11:28:25 garnet sshd2[658]: connection from "192.168.0.70"
Sep 1 11:28:25 garnet sshd2[5747]: FATAL ERROR: Executing ssh1 in
compatibility mode failed.
Sep 1 12:20:58 garnet sshd2[658]: connection from "192.168.0.70"
Sep 1 12:20:58 garnet sshd2[5822]: FATAL ERROR: Executing ssh1 in
compatibility mode failed.
Sep 1 12:21:06 garnet sshd2[658]: connection from "192.168.0.70"
Sep 1 12:21:06 garnet sshd2[5823]: FATAL ERROR: Executing ssh1 in
compatibility mode failed.
Sep 1 12:21:42 garnet sshd2[658]: connection from "127.0.0.1"
Sep 1 12:21:42 garnet sshd2[5825]: FATAL ERROR: Executing ssh1 in
compatibility mode failed.
Below is my conf files:
[root@garnet ssh]# cat /etc/ssh/sshd_config
# This is ssh server systemwide configuration file.
Port 22
#Protocol 2,1
ListenAddress 0.0.0.0
#ListenAddress ::
HostKey /etc/ssh/ssh_host_key
ServerKeyBits 768
LoginGraceTime 600
KeyRegenerationInterval 3600
PermitRootLogin yes
#
# Don't read ~/.rhosts and ~/.shosts files
IgnoreRhosts yes
# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
#IgnoreUserKnownHosts yes
StrictModes yes
X11Forwarding no
X11DisplayOffset 10
PrintMotd yes
KeepAlive yes
# Logging
SyslogFacility AUTH
LogLevel INFO
#obsoletes QuietMode and FascistLogging
RhostsAuthentication no
#
# For this to work you will also need host keys in /etc/ssh_known_hosts
RhostsRSAAuthentication no
#
RSAAuthentication yes
# To disable tunneled clear text passwords, change to no here!
PasswordAuthentication yes
PermitEmptyPasswords no
# Uncomment to disable s/key passwords
#SkeyAuthentication no
# To change Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#AFSTokenPassing no
#KerberosTicketCleanup no
# Kerberos TGT Passing does only work with the AFS kaserver
#KerberosTgtPassing yes
CheckMail no
UseLogin no
#Subsystem sftp /usr/local/sbin/sftpd
[root@garnet ssh]# cat /etc/ssh/ssh_config
# This is ssh client systemwide configuration file. This file provides
# defaults for users, and the values can be changed in per-user configuration
# files or on the command line.
# Configuration data is parsed as follows:
# 1. command line options
# 2. user-specific file
# 3. system-wide file
# Any configuration value is only changed the first time it is set.
# Thus, host-specific definitions should be at the beginning of the
# configuration file, and defaults at the end.
# Site-wide defaults for various options
# Host *
# ForwardAgent yes
# ForwardX11 yes
# RhostsAuthentication yes
# RhostsRSAAuthentication yes
# RSAAuthentication yes
# PasswordAuthentication yes
# FallBackToRsh no
# UseRsh no
# BatchMode no
# CheckHostIP yes
# StrictHostKeyChecking no
# IdentityFile ~/.ssh/identity
# Port 22
# Protocol 2,1
# Cipher 3des
# EscapeChar ~
# Be paranoid by default
Host *
ForwardAgent no
ForwardX11 no
FallBackToRsh no
Any help would be greatly appreciated. I'm probably missing some terribly
simple thing :-\
JW
