New subject: FIX: Re: SecureAdmin

12 Dec 2001


      Hi All,
Please use SecureAdmin 2.1.1D2. It's OK.
Hope this jelp.
neto
-----Original Message-----
From: Stout, Noelette [mailto:NStout@IKON.com]
Sent: Wednesday, December 12, 2001 12:23 PM
To: 'Hannes Herret'; Lance A. Brown
Cc: Kendall Libby; toasters@mathworks.com
Subject: RE: SecureAdmin
That's really interesting... I use OpenSSH 2.3.0p1 on Solaris and I have no
problem connecting to the filer (runnin 6.1.1R2) via SecureAdmin 2.1.1.
Noelette Stout
Unix System Administrator
IKON Office Solutions, Inc
Digital Express
tel. (770)326-4140
fax (770)326-4139
email: nstout@ikon.com
-----Original Message-----
From: Hannes Herret [mailto:hh@bacher.at]
Sent: Wednesday, December 12, 2001 5:28 AM
To: Lance A. Brown
Cc: Kendall Libby; toasters@mathworks.com
Subject: Re: SecureAdmin
hi,
i now had the same behaviour w/ 6.1.1R2P1 and secureadmin2.1.1 .
see the log from openssh-host -> connection closed without reason !!!
is there a debug of sshd available??
cu
hannes
=-> ssh -v -l root filer
OpenSSH_2.9p1, SSH protocols 1.5/2.0, OpenSSL 0x0090601f
debug1: Reading configuration data /usr/local/ssh/etc/ssh_config
debug1: Seeded RNG with 27 bytes from programs
debug1: Seeded RNG with 3 bytes from system calls
debug1: Rhosts Authentication disabled, originating port will not be
trusted.
debug1: restore_uid
debug1: ssh_connect: getuid 0 geteuid 0 anon 1
debug1: Connecting to filer [10.1.1.11] port 22.
debug1: temporarily_use_uid: 0/1 (e=0)
debug1: restore_uid
debug1: temporarily_use_uid: 0/1 (e=0)
debug1: restore_uid
debug1: Connection established.
debug1: read PEM private key done: type DSA
debug1: read PEM private key done: type RSA
debug1: identity file /root/.ssh/identity type 0
debug1: identity file /root/.ssh/id_rsa type 1
debug1: identity file /root/.ssh/id_dsa type -1
debug1: Remote protocol version 1.5, remote software version 2.1.1
debug1: no match: 2.1.1
debug1: Local version string SSH-1.5-OpenSSH_2.9p1
debug1: Waiting for server public key.
debug1: Received server public key (512 bits) and host key (768 bits).
debug1: Host 'filer' is known and matches the RSA1 host key.
debug1: Found key in /root/.ssh/known_hosts:4
debug1: Encryption type: 3des
debug1: Sent encrypted session key.
debug1: Installing crc compensation attack detector.
debug1: Received encrypted confirmation.
debug1: Doing password authentication.
root@filer's password:
debug1: Requesting pty.
debug1: Requesting shell.
debug1: Entering interactive session.
Connection to filer closed.
debug1: Transferred: stdin 0, stdout 1, stderr 29 bytes in 0.5 seconds
debug1: Bytes per second: stdin 0.0, stdout 2.0, stderr 58.0
debug1: Exit status 0
debug1: writing PRNG seed to file /root/.ssh/prng_seed
root@dumbo : /root :>
 =->
"Lance A. Brown" wrote:
...
Greetings,
This is bug 42404, according to my interactions with NetApp support.
It is fixed in 6.1.1R1
--[Lance]
...
SecureAdmin 2.1.1
ONTAP 6.1R1
New system, just slapped SecureAdmin on it...  secure filer view works
happily, ssh has ... issues.
I can connect fine from a host running ssh v1.2.27, but connecting
from OpenSSH hosts seems to fail.  Said hosts are FreeBSD and Solaris
running 2.3.0 and 2.5.1_p1 respectively.  Initially, I thought it was
a protocol 2 issue, but that's not it.  Here's what happens:
SSH Version OpenSSH_2.3.0 green@FreeBSD.org 20010321, protocol
versions 1.5/2.0.
Compiled with SSL (0x0090600f).
debug: Reading configuration data /etc/ssh/ssh_config
debug: Applying options for *
debug: ssh_connect: getuid 0 geteuid 0 anon 0
debug: Connecting to (null) [xxx.xxx.xxx.xxx] port 22.
debug: Allocated local port 1022.
debug: Connection established.
debug: Remote protocol version 1.5, remote software version 2.1.1
debug: match: 2.1.1 pat ^2.
debug: Local version string SSH-1.5-OpenSSH_2.3.0 green@FreeBSD.org
20010321
debug: Waiting for server public key.
debug: Received server public key (512 bits) and host key (768 bits).
debug: Host 'xxx.xxx.xxx.xxx' is known and matches the RSA host key.
debug: Encryption type: 3des
debug: Sent encrypted session key.
debug: Installing crc compensation attack detector.
debug: Received encrypted confirmation.
debug: Doing password authentication.
root@xxx.xxx.xxx.xxx's password:
debug: Requesting pty.
debug: Requesting X11 forwarding with authentication spoofing.
Warning: Remote host denied X11 forwarding.
debug: Requesting authentication agent forwarding.
Warning: Remote host denied authentication agent forwarding.
debug: Requesting shell.
debug: Entering interactive session.
Connection to xxx.xxx.xxx.xxx closed.
debug: Transferred: stdin 0, stdout 1, stderr 36 bytes in 0.5 seconds
debug: Bytes per second: stdin 0.0, stdout 2.0, stderr 73.4
debug: Exit status 0
I can't imagine that everyone out there using ssh on the filer is also
still using the old ssh versions, so it's gotta be me.  Right?
K.
--
-------------------------------------------------------------------
Hannes Herret                                  IT-Service / Storage
phone : +43 (1) 60 126-34                   Bacher Systems EDV GmbH
fax   : +43 (1) 60 126-555                       Wienerbergstr. 11B
mailto:hh@bacher.at                            A-1101 Wien, Austria
www   : http://www.bacher.at/                                Europe