Mailing-List: contact cygwin-help AT sourceware DOT cygnus DOT com; run by ezmlm List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT sources DOT redhat DOT com Delivered-To: mailing list cygwin AT sources DOT redhat DOT com Reply-To: From: "Bob Leurck" To: Subject: re:sshd password authentication failure on windows 2000 advanced server + lots of debug info Date: Fri, 15 Jun 2001 07:34:21 -0500 Message-ID: <000701c0f597$81639db0$04fea8c0@rjl> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook CWS, Build 9.0.2416 (9.0.2911.0) X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400 Importance: Normal I am including detailed logs one of a successful logon and one unsuccessful. Username and i.p. addresses have been altered. $ ssh -v -v -v validusername AT valid_ip DOT 61 OpenSSH_2.9p1, SSH protocols 1.5/2.0, OpenSSL 0x0090600f debug1: Reading configuration data /etc/ssh_config debug1: Seeding random number generator debug1: Rhosts Authentication disabled, originating port will debug1: restore_uid debug1: ssh_connect: getuid 1001 geteuid 1001 anon 1 debug1: Connecting to valid_ip.61 [valid_ip.61] port 22. debug1: temporarily_use_uid: 1001/513 (e=1001) debug1: restore_uid debug1: temporarily_use_uid: 1001/513 (e=1001) debug1: restore_uid debug1: Connection established. debug1: read PEM private key done: type DSA debug1: read PEM private key done: type RSA debug1: identity file /.ssh/identity type -1 debug1: identity file /.ssh/id_rsa type -1 debug1: identity file /.ssh/id_dsa type -1 debug1: Remote protocol version 1.99, remote software version debug1: match: OpenSSH_2.9p1 pat ^OpenSSH Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_2.9p1 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1, up1-sha1 debug2: kex_parse_kexinit: ssh-rsa,ssh-dss debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,ca aes192-cbc,aes256-cbc,rijndael128-cbc,rijndael192-cbc,rijndael bc AT lysator DOT liu DOT se debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,ca aes192-cbc,aes256-cbc,rijndael128-cbc,rijndael192-cbc,rijndael bc AT lysator DOT liu DOT se debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,h ssh.com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,h ssh.com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: none debug2: kex_parse_kexinit: none debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1, up1-sha1 debug2: kex_parse_kexinit: ssh-rsa,ssh-dss debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,ca aes192-cbc,aes256-cbc,rijndael128-cbc,rijndael192-cbc,rijndael bc AT lysator DOT liu DOT se debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,ca aes192-cbc,aes256-cbc,rijndael128-cbc,rijndael192-cbc,rijndael bc AT lysator DOT liu DOT se debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,h ssh.com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,h ssh.com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: none,zlib debug2: kex_parse_kexinit: none,zlib debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: mac_init: found hmac-md5 debug1: kex: server->client aes128-cbc hmac-md5 none debug2: mac_init: found hmac-md5 debug1: kex: client->server aes128-cbc hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug1: dh_gen_key: priv key bits set: 124/256 debug1: bits set: 1036/2049 debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug3: check_host_in_hostfile: filename /.ssh/known_hosts2 debug3: check_host_in_hostfile: match line 3 debug1: Host 'valid_ip.61' is known and matches the RSA host debug1: Found key in /.ssh/known_hosts2:3 debug1: bits set: 1022/2049 debug1: ssh_rsa_verify: signature correct debug1: kex_derive_keys debug1: newkeys: mode 1 debug1: SSH2_MSG_NEWKEYS sent debug1: waiting for SSH2_MSG_NEWKEYS debug1: newkeys: mode 0 debug1: SSH2_MSG_NEWKEYS received debug1: done: ssh_kex2. debug1: send SSH2_MSG_SERVICE_REQUEST debug1: service_accept: ssh-userauth debug1: got SSH2_MSG_SERVICE_ACCEPT debug1: authentications that can continue: publickey,password, ve debug3: start over, passed a different list publickey,password ive debug3: preferred publickey,password,keyboard-interactive debug3: authmethod_lookup publickey debug3: remaining preferred: password,keyboard-interactive debug3: authmethod_is_enabled publickey debug1: next auth method to try is publickey debug1: try privkey: /.ssh/identity debug3: no such identity: /.ssh/identity debug1: try privkey: /.ssh/id_rsa debug3: no such identity: /.ssh/id_rsa debug1: try privkey: /.ssh/id_dsa debug3: no such identity: /.ssh/id_dsa debug2: we did not send a packet, disable method debug3: authmethod_lookup password debug3: remaining preferred: keyboard-interactive debug3: authmethod_is_enabled password debug1: next auth method to try is password validusername AT valid_ip DOT 61's password: debug2: packet_inject_ignore: current 53 debug2: packet_inject_ignore: block 16 have 4 nb 4 mini 1 need debug2: we sent a password packet, wait for reply debug1: authentications that can continue: publickey,password, ve Permission denied, please try again. validusername AT valid_ip DOT 61's password: rleurck AT RJL ~ $ ssh -v -v -v validusername AT valid_dot DOT com OpenSSH_2.9p1, SSH protocols 1.5/2.0, OpenSSL 0x0090600f debug1: Reading configuration data /etc/ssh_config debug1: Seeding random number generator debug1: Rhosts Authentication disabled, originating port will debug1: restore_uid debug1: ssh_connect: getuid 1001 geteuid 1001 anon 1 debug1: Connecting to valid_dot.com [valid_ip.62] port debug1: temporarily_use_uid: 1001/513 (e=1001) debug1: restore_uid debug1: temporarily_use_uid: 1001/513 (e=1001) debug1: restore_uid debug1: Connection established. debug1: read PEM private key done: type DSA debug1: read PEM private key done: type RSA debug1: identity file /.ssh/identity type -1 debug1: identity file /.ssh/id_rsa type -1 debug1: identity file /.ssh/id_dsa type -1 debug1: Remote protocol version 1.99, remote software version debug1: match: OpenSSH_2.9p1 pat ^OpenSSH Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_2.9p1 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1, up1-sha1 debug2: kex_parse_kexinit: ssh-rsa,ssh-dss debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,ca aes192-cbc,aes256-cbc,rijndael128-cbc,rijndael192-cbc,rijndael bc AT lysator DOT liu DOT se debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,ca aes192-cbc,aes256-cbc,rijndael128-cbc,rijndael192-cbc,rijndael bc AT lysator DOT liu DOT se debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,h ssh.com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,h ssh.com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: none debug2: kex_parse_kexinit: none debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1, up1-sha1 debug2: kex_parse_kexinit: ssh-rsa,ssh-dss debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,ca aes192-cbc,aes256-cbc,rijndael128-cbc,rijndael192-cbc,rijndael bc AT lysator DOT liu DOT se debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,ca aes192-cbc,aes256-cbc,rijndael128-cbc,rijndael192-cbc,rijndael bc AT lysator DOT liu DOT se debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,h ssh.com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,h ssh.com,hmac-sha1-96,hmac-md5-96 debug2: kex_parse_kexinit: none,zlib debug2: kex_parse_kexinit: none,zlib debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: debug2: kex_parse_kexinit: first_kex_follows 0 debug2: kex_parse_kexinit: reserved 0 debug2: mac_init: found hmac-md5 debug1: kex: server->client aes128-cbc hmac-md5 none debug2: mac_init: found hmac-md5 debug1: kex: client->server aes128-cbc hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug1: dh_gen_key: priv key bits set: 122/256 debug1: bits set: 1032/2049 debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug3: check_host_in_hostfile: filename /.ssh/known_hosts2 debug3: check_host_in_hostfile: match line 2 debug3: check_host_in_hostfile: filename /.ssh/known_hosts2 debug3: check_host_in_hostfile: match line 2 debug1: Host 'valid_dot.com' is known and matches the RS debug1: Found key in /.ssh/known_hosts2:2 debug1: bits set: 1038/2049 debug1: ssh_rsa_verify: signature correct debug1: kex_derive_keys debug1: newkeys: mode 1 debug1: SSH2_MSG_NEWKEYS sent debug1: waiting for SSH2_MSG_NEWKEYS debug1: newkeys: mode 0 debug1: SSH2_MSG_NEWKEYS received debug1: done: ssh_kex2. debug1: send SSH2_MSG_SERVICE_REQUEST debug1: service_accept: ssh-userauth debug1: got SSH2_MSG_SERVICE_ACCEPT debug1: authentications that can continue: publickey,password, ve debug3: start over, passed a different list publickey,password ive debug3: preferred publickey,password,keyboard-interactive debug3: authmethod_lookup publickey debug3: remaining preferred: password,keyboard-interactive debug3: authmethod_is_enabled publickey debug1: next auth method to try is publickey debug1: try privkey: /.ssh/identity debug3: no such identity: /.ssh/identity debug1: try privkey: /.ssh/id_rsa debug3: no such identity: /.ssh/id_rsa debug1: try privkey: /.ssh/id_dsa debug3: no such identity: /.ssh/id_dsa debug2: we did not send a packet, disable method debug3: authmethod_lookup password debug3: remaining preferred: keyboard-interactive debug3: authmethod_is_enabled password debug1: next auth method to try is password validusername AT valid_dot DOT com's password: debug2: packet_inject_ignore: current 53 debug2: packet_inject_ignore: block 16 have 4 nb 4 mini 1 need debug2: we sent a password packet, wait for reply debug1: ssh-userauth2 successful: method password debug3: clear hostkey 0 debug3: clear hostkey 1 debug3: clear hostkey 2 debug1: channel 0: new [client-session] debug1: channel_new: 0 debug1: send channel open 0 debug1: Entering interactive session. debug2: callback start debug1: client_init id 0 arg 0 debug2: tty_make_modes: ospeed 38400 debug2: tty_make_modes: ispeed 38400 debug2: tty_make_modes: 1 3 debug2: tty_make_modes: 2 28 debug2: tty_make_modes: 3 8 debug2: tty_make_modes: 4 21 debug2: tty_make_modes: 5 4 debug2: tty_make_modes: 6 0 debug2: tty_make_modes: 7 0 debug2: tty_make_modes: 8 17 debug2: tty_make_modes: 9 19 debug2: tty_make_modes: 10 26 debug2: tty_make_modes: 12 18 debug2: tty_make_modes: 13 23 debug2: tty_make_modes: 14 22 debug2: tty_make_modes: 18 15 debug2: tty_make_modes: 30 0 debug2: tty_make_modes: 31 0 debug2: tty_make_modes: 32 0 debug2: tty_make_modes: 33 0 debug2: tty_make_modes: 34 0 debug2: tty_make_modes: 35 0 debug2: tty_make_modes: 36 1 debug2: tty_make_modes: 37 0 debug2: tty_make_modes: 38 1 debug2: tty_make_modes: 39 0 debug2: tty_make_modes: 40 0 debug2: tty_make_modes: 41 0 debug2: tty_make_modes: 50 1 debug2: tty_make_modes: 51 1 debug2: tty_make_modes: 53 1 debug2: tty_make_modes: 54 0 debug2: tty_make_modes: 55 0 debug2: tty_make_modes: 56 0 debug2: tty_make_modes: 57 0 debug2: tty_make_modes: 58 0 debug2: tty_make_modes: 59 1 debug2: tty_make_modes: 60 0 debug2: tty_make_modes: 61 0 debug2: tty_make_modes: 70 1 debug2: tty_make_modes: 71 0 debug2: tty_make_modes: 72 1 debug2: tty_make_modes: 73 0 debug2: tty_make_modes: 74 0 debug2: tty_make_modes: 75 0 debug2: tty_make_modes: 90 1 debug2: tty_make_modes: 91 1 debug2: tty_make_modes: 92 0 debug2: tty_make_modes: 93 0 debug1: channel request 0: shell debug2: callback done debug1: channel 0: open confirm rwindow 0 rmax 16384 debug2: channel 0: rcvd adjust 32768 lastlog_perform_login: Couldn't stat /var/log/lastlog: No such lastlog_openseek: /var/log/lastlog is not a file or directory! lastlog_perform_login: Couldn't stat /var/log/lastlog: No such lastlog_openseek: /var/log/lastlog is not a file or directory! Environment: NUMBER_OF_PROCESSORS=2 PROMPT=$P$G PWD=/usr/sbin LOGONSERVER=\\validusernameWEB OS2LIBPATH=C:\WINNT\system32\os2\dll; COMSPEC=C:\WINNT\system32\cmd.exe !C:=C:\cygwin\bin SYSTEMDRIVE=C: HOSTNAME=validusernameWEB INCLUDE=C:\Program Files\Mts\Include PROCESSOR_REVISION=0801 PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH COMPUTERNAME=validusernameWEB WINDIR=C:\WINNT USERPROFILE=C:\WINNT\Profiles\validusername PS1=\[\033]0;\w\007 \033[32m\]\u@\h \[\033[33m\w\033[0m\] $ USER=validusername MACHTYPE=i686-pc-cygwin PROCESSOR_IDENTIFIER=x86 Family 6 Model 8 Stepping 1, Genuin OS=Windows_NT OLDPWD=/home/validusername PROCESSOR_ARCHITECTURE=x86 TEMP=/cygdrive/c/TEMP PROCESSOR_LEVEL=6 SYSTEMROOT=C:\WINNT HOMEDRIVE=C: LIB=C:\Program Files\Mts\Lib SHLVL=1 MAKE_MODE=unix HOMEPATH=\ USERDOMAIN=validusernameWEB USERNAME=validusername SHELL=/bin/bash HOSTTYPE=i686 OSTYPE=cygwin TERM=cygwin HOME=/home/validusername PATH=/usr/local/bin:/usr/bin:/bin:/cygdrive/c/WINNT/system32 :/cygdrive/c/Program Files/Mts:/cygdrive/c/MSSQL7/BINN _=./sshd LOGNAME=validusername MAIL=/var/spool/mail/validusername SSH_CLIENT=valid_clientIP.95 20100 22 SSH_TTY=/dev/tty0 validusername AT validusernameWEB ~ $ Bob Leurck (847) 803-6820 rleurck AT ifserv DOT com http://www.quotepartner.com http://www.2myagent.com -- Want to unsubscribe from this list? Check out: http://cygwin.com/ml/#unsubscribe-simple