tanakaです。
バージョンがだめなのかなと思いサーバー機「tstest」のsshのバージョンを上げて
みました。
sshのバージョンは以下のとおりです。
-----------------------------------------
openssh-askpass-gnome-3.7.1p2-1
openssh-askpass-3.7.1p2-1
openssh-clients-3.7.1p2-1
openssh-server-3.7.1p2-1
openssh-3.7.1p2-1
openssh-debuginfo-3.7.1p2-1
-----------------------------------------
> 先のログではこれを聞かれていなかったので, passphrease
> を付けていないのかと思いましたが, ここではそうではないようです.
> この点はどうなのでしょうか?
passphreaseは付けております。
>
> tanakaさん> debug1: Sending response to host key RSA challenge.
> tanakaさん> debug1: Remote: RSA authentication accepted.
> tanakaさん> debug1: RSA authentication accepted by server.
> tanakaさん> debug1: Requesting pty.
> tanakaさん> debug1: fd 3 setting TCP_NODELAY
> tanakaさん> debug1: Requesting shell.
> tanakaさん> debug1: Entering interactive session.
>
> ログインできるのですね.
>
> 先に ~/.ssh/identity をコピーしたとありましたが
> ほんとうに2つのホストで同一かどうか確かめてください.
以前identityと書いてしまったのですが、identity.pubの間違いでした。
identity.pubは2つのホストで同一のものでした。
> 可能性は低いと思いますが,
> OpenSSLが行なうRSAかMD5の処理が SVX=192.168.1.237 では
> おかしいのかもしれません.
それではまた別のマシンを構築して試してみます。
> ----------
> -v 冗長表示モード。 ssh が進行中のデバッグメッセージを表示するよ
うに
> します。これは接続や認証、設定の問題をデバッグするときに助け
とな
> ります。複数の -v オプションをつけると出力が増えます。最大は
3個
> です。
> ----------
> とあるように,
> sshの場合 v を増やせばより出力されるメッセージが増えます.
ssh -vvvのログは以下のとおりです。
$ssh -1 -l tgm -vvv tstest
OpenSSH_3.1p1, SSH protocols 1.5/2.0, OpenSSL 0x0090609f
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug3: cipher ok: aes128-cbc
[aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc]
debug3: cipher ok: 3des-cbc
[aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc]
debug3: cipher ok: blowfish-cbc
[aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc]
debug3: cipher ok: cast128-cbc
[aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc]
debug3: cipher ok: arcfour
[aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc]
debug3: cipher ok: aes192-cbc
[aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc]
debug3: cipher ok: aes256-cbc
[aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc]
debug3: ciphers ok:
[aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc]
debug1: Rhosts Authentication disabled, originating port will not be
trusted.
debug1: restore_uid
debug1: ssh_connect: getuid 500 geteuid 0 anon 1
debug1: Connecting to tstest [192.168.1.55] port 22.
debug1: temporarily_use_uid: 500/501 (e=0)
debug1: restore_uid
debug1: temporarily_use_uid: 500/501 (e=0)
debug1: restore_uid
debug1: Connection established.
debug1: identity file /home/ora8/.ssh/identity type 0
debug1: Remote protocol version 1.99, remote software version
OpenSSH_3.7.1p2
debug1: match: OpenSSH_3.7.1p2 pat OpenSSH*
debug1: Local version string SSH-1.5-OpenSSH_3.1p1
debug1: Waiting for server public key.
debug1: Received server public key (768 bits) and host key (1024 bits).
debug3: check_host_in_hostfile: filename /home/ora8/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 1
debug1: Host 'tstest' is known and matches the RSA1 host key.
debug1: Found key in /home/ora8/.ssh/known_hosts:1
debug1: Encryption type: 3des
debug1: Sent encrypted session key.
debug1: cipher_init: set keylen (16 -> 32)
debug1: cipher_init: set keylen (16 -> 32)
debug1: Installing crc compensation attack detector.
debug1: Received encrypted confirmation.
debug1: Trying RSA authentication with key '/home/ora8/.ssh/identity'
debug1: Received RSA challenge from server.
debug1: Remote: Wrong response to RSA authentication challenge.
Permission denied.
debug1: Calling cleanup 0x8062f60(0x0)
sshd -dddのログは以下のとおりです。
$/usr/sbin/sshd -ddd
debug2: read_server_config: filename /etc/ssh/sshd_config
debug1: sshd version OpenSSH_3.7.1p2
debug1: private host key: #0 type 0 RSA1
debug3: Not a RSA1 key file /etc/ssh/ssh_host_rsa_key.
debug1: read PEM private key done: type RSA
debug1: private host key: #1 type 1 RSA
debug3: Not a RSA1 key file /etc/ssh/ssh_host_dsa_key.
debug1: read PEM private key done: type DSA
debug1: private host key: #2 type 2 DSA
socket: Address family not supported by protocol
debug1: Bind to port 22 on 0.0.0.0.
Server listening on 0.0.0.0 port 22.
Generating 768 bit RSA key.
RSA key generation complete.
debug1: Server will not fork when running in debugging mode.
Connection from 192.168.1.237 port 1067
debug1: Client protocol version 1.5; client software version OpenSSH_3.1p1
debug1: match: OpenSSH_3.1p1 pat OpenSSH_2.*,OpenSSH_3.0*,OpenSSH_3.1*
debug1: Local version string SSH-1.99-OpenSSH_3.7.1p2
debug3: privsep user:group 74:74
debug1: permanently_set_uid: 74/74
debug1: Sent 768 bit server key and 1024 bit host key.
debug2: Network child is on pid 8980
debug3: preauth child monitor started
debug3: mm_request_receive entering
debug1: Encryption type: 3des
debug3: mm_request_send entering: type 28
debug3: mm_request_receive_expect entering: type 29
debug3: mm_request_receive entering
debug3: monitor_read: checking request 28
debug3: mm_request_send entering: type 29
debug2: monitor_read: 28 used once, disabling now
debug3: mm_request_receive entering
debug3: mm_ssh1_session_id entering
debug3: mm_request_send entering: type 30
debug2: cipher_init: set keylen (16 -> 32)
debug2: cipher_init: set keylen (16 -> 32)
debug1: Received session key; encryption turned on.
debug3: monitor_read: checking request 30
debug3: mm_answer_sessid entering
debug2: monitor_read: 30 used once, disabling now
debug3: mm_request_receive entering
debug1: Installing crc compensation attack detector.
debug3: mm_getpwnamallow entering
debug3: mm_request_send entering: type 6
debug3: mm_getpwnamallow: waiting for MONITOR_ANS_PWNAM
debug3: mm_request_receive_expect entering: type 7
debug3: mm_request_receive entering
debug3: monitor_read: checking request 6
debug3: mm_answer_pwnamallow
debug3: mm_answer_pwnamallow: sending MONITOR_ANS_PWNAM: 1
debug3: mm_request_send entering: type 7
debug2: monitor_read: 6 used once, disabling now
debug3: mm_request_receive entering
debug1: Attempting authentication for tgm.
debug3: mm_auth_password entering
debug3: mm_request_send entering: type 10
debug3: mm_auth_password: waiting for MONITOR_ANS_AUTHPASSWORD
debug3: mm_request_receive_expect entering: type 11
debug3: mm_request_receive entering
debug3: monitor_read: checking request 10
debug3: mm_answer_authpassword: sending result 0
debug3: mm_request_send entering: type 11
Failed none for tgm from 192.168.1.237 port 1067
debug3: mm_request_receive entering
debug3: mm_auth_password: user not authenticated
debug3: mm_auth_rsa_key_allowed entering
debug3: mm_request_send entering: type 31
debug3: mm_request_receive_expect entering: type 32
debug3: mm_request_receive entering
debug3: monitor_read: checking request 31
debug3: mm_answer_rsa_keyallowed entering
debug1: temporarily_use_uid: 500/500 (e=0/0)
debug1: trying public RSA key file /home/tgm/.ssh/authorized_keys
debug3: secure_filename: checking '/home/tgm/.ssh'
debug3: secure_filename: checking '/home/tgm'
debug3: secure_filename: terminating check at '/home/tgm'
debug1: restore_uid: 0/0
debug3: mm_request_send entering: type 32
debug3: mm_request_receive entering
debug3: mm_auth_rsa_generate_challenge entering
debug3: mm_request_send entering: type 33
debug3: mm_request_receive_expect entering: type 34
debug3: mm_request_receive entering
debug3: monitor_read: checking request 33
debug3: mm_answer_rsa_challenge entering
debug3: mm_answer_rsa_challenge sending reply
debug3: mm_request_send entering: type 34
debug2: monitor_read: 33 used once, disabling now
debug3: mm_request_receive entering
debug3: mm_auth_rsa_verify_response entering
debug3: mm_request_send entering: type 35
debug3: mm_request_receive_expect entering: type 36
debug3: mm_request_receive entering
debug3: monitor_read: checking request 35
debug3: mm_answer_rsa_response entering
debug3: mm_request_send entering: type 36
debug2: monitor_read: 35 used once, disabling now
Failed rsa for tgm from 192.168.1.237 port 1067
debug3: mm_request_receive entering
Wrong response to RSA authentication challenge.
Failed rsa for tgm from 192.168.1.237 port 1067
Connection closed by 192.168.1.237
debug1: Calling cleanup 0x8071b80(0x0)
sshの設定とはこんなにも難しいものなのでしょうか。
いくつかのサイトを見て真似て試しても全然だめなので、
sshの参考書を読んで知識を付けて再度挑戦した方が良いのかな〜
などと考えております。
何かお気づきの点ございましたら宜しくお願いします。
何度もすみません。