On Tuesdayen den 17 October 2006 09:19, you wrote: > On Tue, 17 Oct 2006, Per-Olov SjC6holm wrote: > > On Tuesday 17 October 2006 01:07, you wrote: > > > After I upgraded to 3.9 stable from Oct 10 SSH key login no longer > > > work. > > > > > > All my servers stopped working with SSH key logins with the result that > > > all my rsync automated backups gave up. This happened after my last > > > upgrade October 10, where I did a full source update of my 3.9 stable. > > > I could however still login with any account where I use passwords. > > > Both source and target SSH was OpenBSD and 3.9 from October 10. And as > > > said it happened on six server at the same time. The only thing that > > > could have caused this is that this update contained the new OpenSSH > > > 4.4. > > > > > > I think the thread " > > > Cannot login into OpenSSH after applying patch 020_ssh2.patch to > > > OpenBSD 3.8 stable" is not the same problem. Or is it? Well... the fix > > > for that thread problem was "cd /usr/src/usr.bin/ssh && make obj depend > > > && make && make install". And that does not help here.... Apart from > > > that, the result is EXACTLY the same as the referenced thread. > > > > > > Login with keys from a patched 3.9 system to a non patched system (ssh > > > 4.4 against 4.3) still works... > > > > > > Any clues? > > > > > > Thanks in advance > > > Per-Olov > > > > Will add some output of a verbose login as well..... > > (name and IP changed) > > > > This worked on all six servers before the 3.9 STABLE update that changed > > OpenSSH to 4.4. And after the stable update all key logins are broken and > > only password login works. > > It could be you forgat the make depend. > To rule out bad dependencies. run make cleandir first and then try again. > > -Otto
What should I clean when I totaly wiped out /usr/src and /usr/obj before the cvs update. The build is done as follows... --snip-- cd /usr export CVSROOT="[EMAIL PROTECTED]:/cvs" cvs -z5 -q get -rOPENBSD_3_9 -P src cd /usr/src/sys/arch/i386/conf config GENERIC cd ../compile/GENERIC make clean && make depend && make mv /bsd /bsd.old cp bsd / reboot cd /usr/src rm -r /usr/obj/* make obj && make build reboot --snip-- Am I missing something? If so. What? The above has worked every time on every release for many years.... Regards and thanks in advance /Per-Olov > > > [EMAIL PROTECTED]:~#ssh -v [EMAIL PROTECTED] > > > > OpenSSH_4.4, OpenSSL 0.9.7g 11 Apr 2005 > > debug1: Reading configuration data /etc/ssh/ssh_config > > debug1: Connecting to MYSERVER.MYDOMAIN.COM [1.1.1.1] port 22. > > debug1: Connection established. > > debug1: permanently_set_uid: 0/0 > > debug1: identity file /root/.ssh/identity type -1 > > debug1: identity file /root/.ssh/id_rsa type -1 > > debug1: identity file /root/.ssh/id_dsa type 2 > > debug1: Remote protocol version 1.99, remote software version OpenSSH_4.4 > > debug1: match: OpenSSH_4.4 pat OpenSSH* > > debug1: Enabling compatibility mode for protocol 2.0 > > debug1: Local version string SSH-2.0-OpenSSH_4.4 > > debug1: SSH2_MSG_KEXINIT sent > > debug1: SSH2_MSG_KEXINIT received > > debug1: kex: server->client aes128-cbc hmac-md5 none > > debug1: kex: client->server aes128-cbc hmac-md5 none > > debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent > > debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP > > debug1: SSH2_MSG_KEX_DH_GEX_INIT sent > > debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY > > debug1: Host 'MYSERVER.MYDOMAIN.COM' is known and matches the RSA host > > key. debug1: Found key in /root/.ssh/known_hosts:3 > > debug1: ssh_rsa_verify: signature correct > > debug1: SSH2_MSG_NEWKEYS sent > > debug1: expecting SSH2_MSG_NEWKEYS > > debug1: SSH2_MSG_NEWKEYS received > > debug1: SSH2_MSG_SERVICE_REQUEST sent > > debug1: SSH2_MSG_SERVICE_ACCEPT received > > debug1: Authentications that can continue: > > publickey,password,keyboard-interactive > > debug1: Next authentication method: publickey > > debug1: Trying private key: /root/.ssh/identity > > debug1: Trying private key: /root/.ssh/id_rsa > > debug1: Offering public key: /root/.ssh/id_dsa > > debug1: Server accepts key: pkalg ssh-dss blen 1585 > > debug1: read PEM private key done: type DSA > > debug1: Authentications that can continue: > > publickey,password,keyboard-interactive > > debug1: Next authentication method: keyboard-interactive > > Connection closed by 1.1.1.1 > > > > > > /Per-Olov
