Date: Wed, 28 Nov 2001 17:15:22 +0300 From: Odhiambo Washington <wash@wananchi.com> To: freebsd-questions@freebsd.org Cc: juha.o.ylitalo@nokia.com Subject: Re: ssh agent forwarding with FreeBSD and Linux... Message-ID: <20011128171522.E14252@ns2.wananchi.com> In-Reply-To: <20011128143703.D1623@jylitwork.lnx.nokia.com> References: <20011128143703.D1623@jylitwork.lnx.nokia.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--envbJBWh7q8WU6mo Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable * Ylitalo Juha . O <juha.o.ylitalo@nokia.com> [20011128 15:36]: wrote: > I think I have found funny problem, but I don't know where I should > report about it or if someone would have solution for it. To summarize > it, ssh authentication agent forwarding doesnt seem to work in ssh > protocol 2 >=20 > To give you complete picture about situation, we probably should start > with more detailed information about environment. It consists one > RedHat Linux 7.1 (openssh 2.9p2) and FreeBSD 4.4-RELEASE (openssh > 2.3.0). >=20 > In RH box, I've started my session with "exec ssh-agent > gnome-session", I've then added my sshv1 and sshv2 identities into > agent. >=20 > [jylitalo@jylitwork jylitalo]$ ssh-add -l 1024 > 84:c6:5d:ab:21:62:32:84:5d:cd:fd:f9:2b:f3:40:6f > jylitalo@jylitpc.ntc.nokia.com (RSA1) 1024 > 0d:38:19:99:b6:9a:8e:29:db:5c:5f:0e:df:a3:7c:94 dsa w/o comment (DSA) > [jylitalo@jylitwork jylitalo]$ >=20 > I have first identity in FreeBSD machines ~/.ssh/authorized_keys and > second one in authorized_keys2 file and I don't have any problems at > doing ssh commands from RH box to FreeBSD. >=20 > Things start going wrong, if I first open session with=20 > "ssh -A FreeBSD" and then try to give "ssh-add -l". > bash-2.05$ ssh-add -l > Could not open a connection to your authentication agent. > bash-2.05$=20 > Also I don't seem to have SSH_AUTH_SOCK defined in my environment. >=20 > Work-around to this situation is to use "ssh -1 -A FreeBSD" command > for that session, because then "ssh-add -l" will work correctly and I > have SSH_AUTH_SOCK is defined. If someone has found same situation and > found way to fix it (other than editing /etc/ssh/ssh_config in RH > box), I would love to hear about it. I have no problem at all ssh-ing from FreeBSD to Linux (Redhead 6.2): ns2 is FreeBSD and "3" (aka ns1) is Redhead Linux (3 is an alias to ssh -l = root -c blowfish ns1) wash@ns2 ('tty') ~/.ssh 35 -> 3 -v OpenSSH_2.9 FreeBSD localisations 20010713, SSH protocols 1.5/2.0, OpenSSL = 0x0090601f debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug1: Rhosts Authentication disabled, originating port will not be truste= d. debug1: restore_uid debug1: ssh_connect: getuid 3497 geteuid 3497 anon 1 debug1: Connecting to ns1.wananchi.com [62.8.64.3] port 22. debug1: temporarily_use_uid: 3497/0 (e=3D3497) debug1: restore_uid debug1: temporarily_use_uid: 3497/0 (e=3D3497) debug1: restore_uid debug1: Connection established. debug1: identity file /home/wash/.ssh/identity type 0 debug1: identity file /home/wash/.ssh/id_rsa type -1 debug1: identity file /home/wash/.ssh/id_dsa type -1 debug1: Remote protocol version 1.99, remote software version OpenSSH_2.5.1= p2 debug1: match: OpenSSH_2.5.1p2 pat ^OpenSSH_2\.5\.[012] debug1: Local version string SSH-1.5-OpenSSH_2.9 FreeBSD localisations 2001= 0713 debug1: Waiting for server public key. debug1: Received server public key (768 bits) and host key (1024 bits). debug1: Host 'ns1.wananchi.com' is known and matches the RSA1 host key. debug1: Found key in /home/wash/.ssh/known_hosts:6 debug1: Encryption type: blowfish debug1: Sent encrypted session key. debug1: Installing crc compensation attack detector. debug1: Received encrypted confirmation. debug1: Trying RSA authentication with key 'wash@ns2.wananchi.com' debug1: Received RSA challenge from server. debug1: Sending response to host key RSA challenge. debug1: Remote: RSA authentication accepted. debug1: RSA authentication accepted by server. debug1: Requesting pty. debug1: Requesting shell. debug1: Entering interactive session. Last login: Tue Nov 27 17:35:25 2001 from ns2.wananchi.com [root@ns1 /root]# -Wash S y s t e m s A d m i n. --=20 Odhiambo Washington <wash@wananchi.com> "The box said 'Requires Wananchi Online Ltd. www.wananchi.com Windows 95, NT, or better,' Tel: 254 2 313985-9 Fax: 254 2 313922 so I installed FreeBSD." =20 GSM: 254 72 743 223 GSM: 254 733 744 121 This sig is McQ! :-) ++ Overflow on /dev/null, please empty the bit bucket. --envbJBWh7q8WU6mo Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE8BPF6n7LIsuxjem8RAk5iAJ45xjSnlw7DJwqC8iZIEBQPLDQSNgCgoTO2 hD3XRJKQ23DQARlmmmaPEJc= =xrH6 -----END PGP SIGNATURE----- --envbJBWh7q8WU6mo-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011128171522.E14252>