[SunHELP] SSH Incompatibility ??

Dave Lewis dlewis at dsl-co.com
Tue Jul 29 14:17:42 CDT 2003 

Hey,

I've got a rather odd issue that I'm hoping you have seen before and you 
can straighten out..

I have a solaris 2.6 box running OpenSSH_3.6.1p1, SSH protocols 1.5/2.0, 
OpenSSL 0x0090702f
(openssl 0.9.7b) and I'm trying to connect to an existing solaris box 
running SSH-1.4-1.2.14
using ssh1..

I'll work no problem for a while and then my users will start getting

Warning: Server lies about size of server public key: actual size is 1151 
bits vs. announced 1152.
Warning: This may be due to an old implementation of ssh.
respond_to_rsa_challenge: server_key 1151 < host_key 1024 + 
SSH_KEY_BITS_RESERVED 128

And it stops working..


Unfortunately I have no control over the other box so I can't make any 
changes to it but I can do
whatever I want on the one running openssh/openssl.  Is there anyway I can 
stop this from
happening and can anyone explain why this keeps happening ?
I fixed it once by deleting my host keys and recreating them.. but I don't 
see how that could
fix it so maybe it was just a fluke..

below is a -v connection so you can see what's happening..

server1% ssh -v dlewis at server2
OpenSSH_3.6.1p1, SSH protocols 1.5/2.0, OpenSSL 0x0090702f
debug1: Reading configuration data /usr/local/etc/ssh_config
debug1: Rhosts Authentication disabled, originating port will not be
trusted.
debug1: Connecting to server2 [10.10.10.10] port 22.
debug1: Connection established.
debug1: identity file /opt/home/reach/.ssh/identity type -1
debug1: identity file /opt/home/reach/.ssh/id_rsa type -1
debug1: identity file /opt/home/reach/.ssh/id_dsa type -1
debug1: Remote protocol version 1.4, remote software version 1.2.14
debug1: match: 1.2.14 pat 1.2.1*,1.2.2*,1.2.3*
debug1: Enabling compatibility mode for protocol 1.3
debug1: Local version string SSH-1.3-OpenSSH_3.6.1p1
debug1: Waiting for server public key.
Warning: Server lies about size of server public key: actual size is
1151 bits vs. announced 1152.
Warning: This may be due to an old implementation of ssh.
debug1: Received server public key (1151 bits) and host key (1024 bits).
debug1: Host 'server2' is known and matches the RSA1 host key.
debug1: Found key in /opt/home/reach/.ssh/known_hosts:1
respond_to_rsa_challenge: server_key 1151 < host_key 1024 +
SSH_KEY_BITS_RESERVED 128
debug1: Calling cleanup 0x2cae4(0x0)
server1%


Thanks in advance for any help you can provide.

Dave

More information about the SunHELP mailing list