Open GoogleCodeExporter opened 8 years ago
Can you either attach a log from OpenSSH doing "ssh -v" to the server in
question or
email it to me? You'll probably need to redact it, but I have no idea what kind
of
authentication mechanism it's trying to use if keyboard-interactive doesn't
work.
Original comment by kenny@the-b.org
on 8 Nov 2009 at 12:54
I've copied the log below. Thanks a lot for getting back to me so quickly!
xxx.org%> ssh -v xxxxx@yyyyyy.edu
OpenSSH_4.5p1, OpenSSL 0.9.8b 04 May 2006
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to xxxxxx.edu [xxxxx] port 22.
debug1: Connection established.
debug1: identity file /homes/nber/xxxxx/.ssh/identity type -1
debug1: identity file /homes/nber/xxxxx/.ssh/id_rsa type -1
debug1: identity file /homes/nber/xxxxx/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3
debug1: match: OpenSSH_5.3 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.5
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'xxxxxxxx' is known and matches the RSA host key.
debug1: Found key in /homes/nber/xxxxxx/.ssh/known_hosts:14
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: password,keyboard-interactive
debug1: Next authentication method: keyboard-interactive
Password:
Enter PASSCODE: [key fob code here]
debug1: Authentication succeeded (keyboard-interactive).
debug1: channel 0: new [client-session]
debug1: Entering interactive session.
debug1: Sending environment.
debug1: Sending env LANG = en_US.UTF-8
Last login: Fri Nov 6 11:12:07 2009 from dhcp-73-28.xxxxx.org
Original comment by ian.dewb...@gmail.com
on 8 Nov 2009 at 1:12
I'm having the same issue here. Attached is the sanitized output from a
successful
login from my Fedora 11 box to the remote system.
Original comment by BiloxiG...@gmail.com
on 11 Nov 2009 at 8:55
Attachments:
Hm, I tried this using a Yubikey and it worked fine. Maybe it has to do with
asking
for multiple pieces of information at once.
Original comment by kenny@the-b.org
on 25 Nov 2009 at 3:58
RSA is kindly shipping a SecurID eval kit to me. ETA 2 weeks.
Original comment by kenny@the-b.org
on 3 Dec 2009 at 11:07
my current solution is to simply use connectbot to log in to a machine that
doesn't
require using the key fob and then using ssh from that machine to the server
requiring the key fob.
Original comment by ian.dewb...@gmail.com
on 5 Dec 2009 at 9:10
RSA refused to ship an eval kit to me because this is an open source project
and not
commercial.
Could anyone try r451 and see if that helps?
Original comment by kr...@google.com
on 20 Dec 2009 at 9:21
Original issue reported on code.google.com by
ian.dewb...@gmail.com
on 8 Nov 2009 at 12:47