Hi, ssh-vulnkey still detects your key as 'compromised' :/
# ssh-vulnkey ~jboffel/.ssh/authorized_keys COMPROMISED: 1024 d4:82:cf:bc:24:b8:1e:e8:9d:07:65:b4:f3:4d:89:dd [EMAIL PROTECTED] -- Sylvain On Fri, Jun 27, 2008 at 03:12:11PM +0200, jboffel wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Hi all, > > I just got a problem with my account as I tried to use my CVS access > to upload my project. > > I followed the FAQ about the public key and the basic CVS command to > upload my project but I got a : Permission denied (publikey) > > I'm not behind a proxy or a firewall and I checked my public key on > savannah and the format looks great. On the FAQ the worst case is > supposed to be 1 hour before we can use our public key to log on. I > waited more of course but I'm still stuck. > > Can you help me on that ? > > Here my public key (on one line on savannah of course) : > > sh-dss > AAAAB3NzaC1kc3MAAACBALM5IvZo7Q7fRTD97S5tvtBhH9jLzUUwGNhLD64UaqmR4KmwroaCc9DWofDr31ipqEVAKo2/waucuR6oVRq7Qz7ZW0htAkM78seiFFDfCOsxbB1rlU9D/msDROyyCAl9Ol9PZ18G2Dw2CQqLToxqdxq2ZW4Ur7qQ7RtCRNytTEJlAAAAFQCtV4HM6T2zzu6c/c+XglLJ827IHQAAAIEAnobkwkUtmA59TBmgnifXmlrINyCapkrpDgwWFj0tlST3+aZ0pYysRApEf8tmPYJpFidPi/XJZdMv4ftdLRQU63mAw54+PiZ6ae2BP898X97R1ZRzFWWSDzpWFR7QtaGtw/LaxtiG6JU4wAafJw7ow6oL/8OQzUL9HRS2sslYKUcAAACAElm1qk0LiTmpGnX6SwlCLw3ashVYEo9o6jsH4HkQjs273i9wQ3Y75UVUSDu8o65+RE4UXeGhu2J7uU1TEiY3PJl6MoOG8cxyWG2IZEDLbebWMxcGKKZcKa1U3T7tWyKUX2OmxqGSYGWBkG/M0K0WPJ55+4c9x4XxtD0Lx9Ie3mI= > [EMAIL PROTECTED] > > In a first e-mail I sent to Sylvain Beucler, I had another public key > generated with a weak version of openssl from debian which I update to a > safer one. So now that pass the dowkd.pl test thanks to Sylvain. > > Here the debug ask in the FAQ in case of problem : > > ssh -v [EMAIL PROTECTED] -i /home/user/.ssh/id_dsa_savannah > OpenSSH_4.3p2 Debian-9, OpenSSL 0.9.8c 05 Sep 2006 > debug1: Reading configuration data /etc/ssh/ssh_config > debug1: Applying options for * > debug1: Connecting to cvs.sv.gnu.org [199.232.41.69] port 22. > debug1: Connection established. > debug1: identity file /home/user/.ssh/id_dsa_savannah type 2 > debug1: Remote protocol version 2.0, remote software version > OpenSSH_4.3p2 Debian-9etch2 > debug1: match: OpenSSH_4.3p2 Debian-9etch2 pat OpenSSH* > debug1: Enabling compatibility mode for protocol 2.0 > debug1: Local version string SSH-2.0-OpenSSH_4.3p2 Debian-9 > debug1: Miscellaneous failure > No credentials cache found > > debug1: Miscellaneous failure > No credentials cache found > > debug1: SSH2_MSG_KEXINIT sent > debug1: SSH2_MSG_KEXINIT received > debug1: kex: server->client aes128-cbc hmac-md5 none > debug1: kex: client->server aes128-cbc hmac-md5 none > debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent > debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP > debug1: SSH2_MSG_KEX_DH_GEX_INIT sent > debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY > debug1: Host 'cvs.sv.gnu.org' is known and matches the RSA host key. > debug1: Found key in /home/user/.ssh/known_hosts:9 > debug1: ssh_rsa_verify: signature correct > debug1: SSH2_MSG_NEWKEYS sent > debug1: expecting SSH2_MSG_NEWKEYS > debug1: SSH2_MSG_NEWKEYS received > debug1: SSH2_MSG_SERVICE_REQUEST sent > debug1: SSH2_MSG_SERVICE_ACCEPT received > debug1: Authentications that can continue: publickey > debug1: Next authentication method: publickey > debug1: Offering public key: /home/user/.ssh/id_dsa_savannah > debug1: Authentications that can continue: publickey > debug1: No more authentication methods to try. > Permission denied (publickey). > > Thanks ! > > Jeannie > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.6 (GNU/Linux) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org > > iD8DBQFIZOcrIrTgmwVLaT4RAtLLAKDzreJPS7zsvWgJ343yXxRPEPckGgCgyBif > yo1qH9YILCFB3BGmipuSwHw= > =a3ca > -----END PGP SIGNATURE-----
