l i n u x - u s e r s - g r o u p - o f - d a v i s
L U G O D
 
Next Meeting:
October 20: Web Application Hacking: How to Make and Break Security on the Web
Next Installfest:
TBD
Latest News:
Oct. 10: LUGOD Installfests coming again soon
Page last updated:
2001 Dec 30 17:02

The following is an archive of a post made to our 'vox-tech mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox-tech] ssh problem
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox-tech] ssh problem



On Fri, Mar 30, 2001 at 11:28:22AM -0800, Matt Roper wrote:
> On Fri, 30 Mar 2001, Micah Cowan wrote:
> 
> > On Thu, Mar 29, 2001 at 02:04:21PM -0800, Matt Roper wrote:
> > > The problem with using an alias like this is that it will keep you from
> > > connecting to sites that have only SSH1 servers (e.g. isun.ucdavis.edu).
> >
> > So in those cases, why not use:
> >
> > command ssh
> >
> > or \ssh
> >
> > ?
> 
> That will work, but what I meant is that an alias shouldn't be necessary
> at all; OpenSSH usually uses SSH2 protocol automatically if the server
> supports it and falls back to SSH1 only if necessary.  The only systems
> that I am aware of where this does not happen properly is on the CS
> department computers.  Something on those computers is setup strangely so
> that OpenSSH clients think they need to fall back to SSH1 mode unless
> forced to continue with the SSH2 protocol.
> 
> 
> > You could always set the source code to use -2 for the default.
> 
> I thought this was the way the source code came...I haven't made any
> changes of my own.

You're right - when you don't specify the option, it tries each one in
succession, starting with version 2.

What appears to be the problem, is that prior to starting
authentication, it queries the server for the version number.  The
regular (not Open-) SSH servers seem to call version 2 "1.99", which
confuses the ssh client and causes it to think that version 2 isn't
supported on the other end.  So it uses version 1.  Except that the
reality is that the other end supports version 2 (or 1.99) and /not/
version 1.

I wonder if that's fixed in a newer version of SSH(r) ?

Micah


LinkedIn
LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
facebook
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
O'Reilly and Associates
For numerous book donations.