Ok, I've been trying to get some version of ssh working on Red Hat 6.2 for almost a week now. I can't remember ever having such a hard time with something on Linux :-/.
This is my current setup:
I've downloaded the very latest src.rpms from an Openssh.com mirror, and compiled them as i686 binaries, as shown here:
[root garnet ssh]# ls /root/Dl/OpenSSH/Openssh.com/i686/ openssh-2.1.1p4-1.i686.rpm openssh-clients-2.1.1p4-1.i686.rpm openssl-devel-0.9.5a-1.i686.rpm openssh-askpass-2.1.1p4-1.i686.rpm openssh-server-2.1.1p4-1.i686.rpm openssh-askpass-gnome-2.1.1p4-1.i686.rpm openssl-0.9.5a-1.i686.rpm
All of these are installed EXCEPT openssl-devel-0.9.5a-1.i686.rpm (nothing wanted it, and I didn't see anything that suggested I need it)
To make things a little clearer;
The box in question is named "garnet" with an IP of 192.168.0.80, running Red Hat 6.2 Professional, trying to run OpenSSH. This is the one I'm trying to get ssh working on.
The other local box is bismuth, IP 192.168.0.70, running SusE 6.4 with SuSE's ssh rpm installed and working (NOT OpenSSH, just ssh).
It seems that the host keys were generated during the install - isn't that right?
[root garnet ssh]# ls /etc/ssh/ ssh_config ssh_host_dsa_key ssh_host_dsa_key.pub ssh_host_key ssh_host_key.pub sshd_config
Now, I can ssh from garnet to bimuth no prob:
[root garnet ssh]# su - jw [jw garnet jw]$ ssh bismuth jw bismuth's password: Last login: Fri Sep 1 12:18:41 2000 from 192.168.0.80 Have a lot of fun... You have new mail. jw bismuth:~ >
However I cannot from bimuth to garnet:
jw bismuth:~ > ssh garnet Connection closed by remote host. jw bismuth:~ > ssh 192.168.0.80 Connection closed by remote host. jw bismuth:~ >
I cannot ssh from garnet to garnet:
[jw garnet jw]$ ssh garnet Connection closed by 127.0.0.1
If I try:
[jw garnet jw]$ ssh 192.168.0.80
it just sits there forever (up to 20 mintues for far ;-) and doesn't even error.
Here's what /var/log/messages says while this is happening:
[root garnet ssh]# tail -f /var/log/messages
Sep 1 11:28:25 garnet sshd2[658]: connection from "192.168.0.70"
Sep 1 11:28:25 garnet sshd2[5747]: FATAL ERROR: Executing ssh1 in compatibility mode failed.
Sep 1 12:20:58 garnet sshd2[658]: connection from "192.168.0.70"
Sep 1 12:20:58 garnet sshd2[5822]: FATAL ERROR: Executing ssh1 in compatibility mode failed.
Sep 1 12:21:06 garnet sshd2[658]: connection from "192.168.0.70"
Sep 1 12:21:06 garnet sshd2[5823]: FATAL ERROR: Executing ssh1 in compatibility mode failed.
Sep 1 12:21:42 garnet sshd2[658]: connection from "127.0.0.1"
Sep 1 12:21:42 garnet sshd2[5825]: FATAL ERROR: Executing ssh1 in compatibility mode failed.
Below is my conf files:
[root garnet ssh]# cat /etc/ssh/sshd_config # This is ssh server systemwide configuration file.
Port 22 #Protocol 2,1 ListenAddress 0.0.0.0 #ListenAddress :: HostKey /etc/ssh/ssh_host_key ServerKeyBits 768 LoginGraceTime 600 KeyRegenerationInterval 3600 PermitRootLogin yes # # Don't read ~/.rhosts and ~/.shosts files IgnoreRhosts yes # Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication #IgnoreUserKnownHosts yes StrictModes yes X11Forwarding no X11DisplayOffset 10 PrintMotd yes KeepAlive yes
# Logging SyslogFacility AUTH LogLevel INFO #obsoletes QuietMode and FascistLogging
RhostsAuthentication no # # For this to work you will also need host keys in /etc/ssh_known_hosts RhostsRSAAuthentication no # RSAAuthentication yes
# To disable tunneled clear text passwords, change to no here! PasswordAuthentication yes PermitEmptyPasswords no # Uncomment to disable s/key passwords #SkeyAuthentication no
# To change Kerberos options #KerberosAuthentication no #KerberosOrLocalPasswd yes #AFSTokenPassing no #KerberosTicketCleanup no
# Kerberos TGT Passing does only work with the AFS kaserver #KerberosTgtPassing yes
CheckMail no UseLogin no
#Subsystem sftp /usr/local/sbin/sftpd
[root garnet ssh]# cat /etc/ssh/ssh_config # This is ssh client systemwide configuration file. This file provides # defaults for users, and the values can be changed in per-user configuration # files or on the command line.
# Configuration data is parsed as follows: # 1. command line options # 2. user-specific file # 3. system-wide file # Any configuration value is only changed the first time it is set. # Thus, host-specific definitions should be at the beginning of the # configuration file, and defaults at the end.
# Site-wide defaults for various options
# Host * # ForwardAgent yes # ForwardX11 yes # RhostsAuthentication yes # RhostsRSAAuthentication yes # RSAAuthentication yes # PasswordAuthentication yes # FallBackToRsh no # UseRsh no # BatchMode no # CheckHostIP yes # StrictHostKeyChecking no # IdentityFile ~/.ssh/identity # Port 22 # Protocol 2,1 # Cipher 3des # EscapeChar ~
# Be paranoid by default Host * ForwardAgent no ForwardX11 no FallBackToRsh no
Any help would be greatly appreciated. I'm probably missing some terribly simple thing :-\
JW