Skip Menu |

This queue is for tickets about the Net-OpenSSH CPAN distribution.

Report information
The Basics
Id: 51581
Status: resolved
Worked: 20 min
Priority: 0/
Queue: Net-OpenSSH
People
Owner: salva [...] cpan.org
Requestors: toddr [...] null.net
Cc:
AdminCc:
Bug Information
Severity: Important
Broken in: 0.40
Fixed in: (no value)
Attachments
Net-OpenSSH-0.41_01.tar.gz
suse.patch

History Show all quoted text
  Mon Nov 16 13:48:16 2009 toddr [...] null.net - Ticket created
Subject: password autentication broken connecting to suse servers
The recent flag to prefer authentications breaks password authentication to SuSE. The reason for this is that 'password' is not an authentication method in their list. The attached patch fixes this by also trying keyboard-interactive after password. All of my SuSE environments are straight out of the box installs without modification. $>ssh -v -o StrictHostKeyChecking=no -o NumberOfPasswordPrompts=1 -o PreferredAuthentications=password root@<target_ip> OpenSSH_5.2p1, OpenSSL 0.9.8k 25 Mar 2009 debug1: Reading configuration data /etc/ssh_config ... debug1: Connection established. ... debug1: Remote protocol version 2.0, remote software version OpenSSH_5.0 debug1: match: OpenSSH_5.0 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_5.2 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server->client aes128-ctr hmac-md5 none debug1: kex: client->server aes128-ctr hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY ... debug1: ssh_rsa_verify: signature correct debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: SSH2_MSG_SERVICE_REQUEST sent debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey,keyboard-interactive debug1: No more authentication methods to try. Permission denied (publickey,keyboard-interactive). $>
Subject: suse.patch
diff --git a/OpenSSH.pm b/OpenSSH.pm index e2da06c..efa49ee 100644 --- a/OpenSSH.pm +++ b/OpenSSH.pm @@ -441,7 +441,7 @@ sub _connect { _load_module('IO::Pty'); $self->{_mpty} = $mpty = IO::Pty->new; push @master_opts, (-o => 'NumberOfPasswordPrompts=1', - -o => 'PreferredAuthentications=password'); + -o => 'PreferredAuthentications=password,keyboard-interactive'); } my @call = $self->_make_call(\@master_opts);
  Mon Nov 16 16:56:42 2009 sfandino [...] yahoo.com - Correspondence added
Subject: Re: [rt.cpan.org #51581] password autentication broken connecting to suse servers
Date: Mon, 16 Nov 2009 13:56:23 -0800 (PST)
To: toddr [...] null.net, bug-Net-OpenSSH [...] rt.cpan.org
From: Salvador Fandino <sfandino [...] yahoo.com>
Thank you for the patch version 1.41_01 is now available from CPAN - Salva Show quoted text
----- Original Message ----
> From: "toddr@null.net via RT" <bug-Net-OpenSSH@rt.cpan.org> > Sent: Mon, November 16, 2009 7:48:17 PM > Subject: [rt.cpan.org #51581] password autentication broken connecting to suse servers > > Mon Nov 16 13:48:16 2009: Request 51581 was acted upon. > Transaction: Ticket created by toddr@null.net > Queue: Net-OpenSSH > Subject: password autentication broken connecting to suse servers > Broken in: 0.40 > Severity: Important > Owner: Nobody > Requestors: toddr@null.net > Status: new > Ticket > > > The recent flag to prefer authentications breaks password authentication to > SuSE. The reason > for this is that 'password' is not an authentication method in their list. The > attached patch > fixes this by also trying keyboard-interactive after password. All of my SuSE > environments > are straight out of the box installs without modification. > > $>ssh -v -o StrictHostKeyChecking=no -o NumberOfPasswordPrompts=1 -o > PreferredAuthentications=password root@ > > OpenSSH_5.2p1, OpenSSL 0.9.8k 25 Mar 2009 > debug1: Reading configuration data /etc/ssh_config > ... > debug1: Connection established. > ... > debug1: Remote protocol version 2.0, remote software version OpenSSH_5.0 > debug1: match: OpenSSH_5.0 pat OpenSSH* > debug1: Enabling compatibility mode for protocol 2.0 > debug1: Local version string SSH-2.0-OpenSSH_5.2 > debug1: SSH2_MSG_KEXINIT sent > debug1: SSH2_MSG_KEXINIT received > debug1: kex: server->client aes128-ctr hmac-md5 none > debug1: kex: client->server aes128-ctr hmac-md5 none > debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent > debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP > debug1: SSH2_MSG_KEX_DH_GEX_INIT sent > debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY > ... > debug1: ssh_rsa_verify: signature correct > debug1: SSH2_MSG_NEWKEYS sent > debug1: expecting SSH2_MSG_NEWKEYS > debug1: SSH2_MSG_NEWKEYS received > debug1: SSH2_MSG_SERVICE_REQUEST sent > debug1: SSH2_MSG_SERVICE_ACCEPT received > debug1: Authentications that can continue: publickey,keyboard-interactive > debug1: No more authentication methods to try. > Permission denied (publickey,keyboard-interactive). > $>
Download Net-OpenSSH-0.41_01.tar.gz
application/x-gzip 31.5k

Message body not shown because it is not plain text.

  Mon Nov 16 16:56:43 2009 The RT System itself - Status changed from 'new' to 'open'
  Tue Nov 17 05:36:02 2009 salva [...] cpan.org - TimeWorked changed from (no value) to '20'
  Tue Nov 17 05:36:02 2009 salva [...] cpan.org - Status changed from 'open' to 'resolved'
  Tue Nov 17 05:36:04 2009 salva [...] cpan.org - Given to SALVA