Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Secure-Shell
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: connection with RSA and DSA

from [Kamchybek Jusupov] Network Security [Permanent Link]
Subject: Re: connection with RSA and DSA
Date: Wed, 11 Oct 2006 09:49:34 +0800 
Hi mansour77@yahoo.com,

Why do you create both RSA and DSA keys?

I would suggest trying the same steps with _only_ one type, say
"ssh-keygen -t dsa" on both servers, and cat over into authorized_keys.

Basically, my understanding of your log is:

1. Client is trying to authenticate with rsa key, but somehow it's not
there (on local box).

2. Client send dsa key, but remote box cannot recognize/ understand (it
expects rsa according to entry in it's authorized_keys) so the
last option is used as to prompt for a password.


I might be wrong, please correct me.


On Mon, 09 Oct 2006 23:35:55 -0300 / mansour77@yahoo.com wrote:
With a subject: connection with RSA and DSA


hello Admins:

I am having an issue connecting to a remote PC in the same lan usign
ssh with RSA or DSA.
the connection I am trying to establish is between two servers: ploto 
and neptune.
ploto is running Fedora 4 and neptune is Fedora 3.  I generated the
RSA and the DSA keys on both of them,
and copied the key the correct way. ( keys generated on ploto are
cat id_dsa.pub >>  ./ssh/authorized_keys on neptune).
The same way done on neptune and copied to ploto. Now theoretically
both systems are opened for each others.
That's not the case with me, I can connect from "ploto to ploto" with
no any problems. and I can connect "from neptune to ploto".
However I can not connect to neptune at all. I copied the
configuration files from ploto to neptune, and stil the same thing. I
am always prometed with the password. Any Help will be highly
appreciated. Here is the out put I have:

OpenSSH_4.2p1, OpenSSL 0.9.7f 22 Mar 2005
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to neptune [192.168.1.101] port 22.
debug1: Connection established.
debug1: identity file /home/mansour/.ssh/identity type -1
debug1: identity file /home/mansour/.ssh/id_rsa type -1
debug3: Not a RSA1 key file /home/mansour/.ssh/id_dsa.
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug3: key_read: missing keytype
debug2: key_type_from_name: unknown key type 'Proc-Type:'
debug3: key_read: missing keytype
debug2: key_type_from_name: unknown key type 'DEK-Info:'
debug3: key_read: missing keytype
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug2: key_type_from_name: unknown key type '-----END'
debug3: key_read: missing keytype
debug1: identity file /home/mansour/.ssh/id_dsa type 2
debug1: Remote protocol version 2.0, remote software version
OpenSSH_3.9p1 debug1: match: OpenSSH_3.9p1 pat OpenSSH_3.*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.2
debug2: fd 3 setting O_NONBLOCK
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: 
diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: 
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: 
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: 
hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: 
hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: 
diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: 
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: 
aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
debug2: kex_parse_kexinit: 
hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: 
hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit: none,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_init: found hmac-md5
debug1: kex: server->client aes128-cbc hmac-md5 none
debug2: mac_init: found hmac-md5
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug2: dh_gen_key: priv key bits set: 125/256
debug2: bits set: 486/1024
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug3: check_host_in_hostfile:
filename /home/mansour/.ssh/known_hosts debug3:
check_host_in_hostfile: match line 1 debug3: check_host_in_hostfile:
filename /home/mansour/.ssh/known_hosts debug3:
check_host_in_hostfile: match line 1 debug1: Host 'neptune' is known
and matches the RSA host key. debug1: Found key
in /home/mansour/.ssh/known_hosts:1 debug2: bits set: 494/1024
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /home/mansour/.ssh/identity ((nil))
debug2: key: /home/mansour/.ssh/id_rsa ((nil))
debug2: key: /home/mansour/.ssh/id_dsa (0x5555556b0780)
debug1: Authentications that can continue: 
publickey,gssapi-with-mic,password
debug3: start over, passed a different list 
publickey,gssapi-with-mic,password
debug3: preferred
gssapi-with-mic,publickey,keyboard-interactive,password debug3:
authmethod_lookup gssapi-with-mic debug3: remaining preferred:
publickey,keyboard-interactive,password debug3: authmethod_is_enabled
gssapi-with-mic debug1: Next authentication method: gssapi-with-mic
debug2: we sent a gssapi-with-mic packet, wait for reply
debug1: Authentications that can continue: 
publickey,gssapi-with-mic,password
debug2: we sent a gssapi-with-mic packet, wait for reply
debug1: Authentications that can continue: 
publickey,gssapi-with-mic,password
debug2: we did not send a packet, disable method
debug3: authmethod_lookup publickey
debug3: remaining preferred: keyboard-interactive,password
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /home/mansour/.ssh/identity
debug3: no such identity: /home/mansour/.ssh/identity
debug1: Trying private key: /home/mansour/.ssh/id_rsa
debug3: no such identity: /home/mansour/.ssh/id_rsa
debug1: Offering public key: /home/mansour/.ssh/id_dsa
debug3: send_pubkey_test
debug2: we sent a publickey packet, wait for reply
debug1: Authentications that can continue: 
publickey,gssapi-with-mic,password
debug2: we did not send a packet, disable method
debug3: authmethod_lookup password
debug3: remaining preferred: ,password
debug3: authmethod_is_enabled password
debug1: Next authentication method: password
mansour@neptune's password:








-- 
Rgds,
Kamchybek Jusupov

Attitude is no substitude for competence...
GPG Key: C565 2827 0858 ECFE 74D7  A556 7B09 59DA B6C8 FF8C
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: connection with RSA and DSA, Brad Lhotsky
Next by Date:  Re: connection with RSA and DSA, mansour77
Previous by Thread:  Re: connection with RSA and DSA, mansour77
Next by Thread:  Re: connection with RSA and DSA, mansour77
Indexes:  [Date] [Thread] [Top] [All Lists]