Date: Mon, 19 Jun 2000 02:38:07 -0700 (PDT) From: Kris Kennaway <kris@FreeBSD.org> To: Alessandro de Manzano <demanzano@playstos.com> Cc: "stable@freebsd.org" <stable@freebsd.org> Subject: Re: SSH failed on 4.0-S Message-ID: <Pine.BSF.4.21.0006190230430.30155-100000@freefall.freebsd.org> In-Reply-To: <200006190857.KAA15589@rizla.energy.it>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 19 Jun 2000, Alessandro de Manzano wrote:
> I've installed a 4.0-R box from CD, then CVSUPped to 4.0-S last
> friday. All went ok, but now I'm configuring SSH (OpenSSH) and
> I've problems.
>
> After successufully generating an host key, I copied my "old" SSH user
> key into ~/.ssh/authorized_keys (as user) then from another box I did
> the usual "ssh -C gandalf" (gandalf is the new 4.0-S box name) but it
> got rejected by remote.
>
> in /var/log/messages on gandalf I found :
>
> Jun 19 10:48:27 gandalf sshd[438]: fatal: rsa_private_decrypt() failed
This means the key could not be processed for some reason. Are you certain
you are using an sshd from 4.0-STABLE? The most common cause of this error
under older versions was because the RSA key was > 1024 bits, and you're
using the RSAREF version of OpenSSL. Under -stable this error message
became more helpful and it now tells you specifically when this is the
problem.
Another problem which might (I'm not sure off the top of my head) give the
same symptons is if all of the necessary RSA and crypto libraries cannot
be found on the system - but again, that should be showing up as a helpful
message in the logs under -stable.
Try rebuilding sshd from sources which you know are from 4.0-STABLE and
run it in debug mode (-d) to make sure you're not missing any of the error
messages from it.
Kris
--
In God we Trust -- all others must submit an X.509 certificate.
-- Charles Forsythe <forsythe@alum.mit.edu>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0006190230430.30155-100000>