fdumptch
Registered
Hi all,
I'm having a few problems with SSH on my local network since upgrading to ADL.
I'm using a SpeedStream 4200 and connecting via Ethernet.
I have the SpeedStream connected to a 5 port Ethernet switch and two macs also connected to the switch.
Everything works fine - internet, mail, afp etc etc.... I'm just having problems with:
1. getting password-less SSH logins
2. SSH from G4 ---> G5 works quickly - just won't use my keys and always ends up requiring password. However, SSH from G5---> G4 is sooooooo slow - but exhibits exactly the same errors during the connection attempt.
I believe it has something to do with DNS lookup - because I couldn't get SSH to work at all prior to going into the ADSL modem set-up and putting in my ISP's primary and secondary DNS info within the DHCP page.
I've tried using GUI SSH assistant utilities (SSH Helper) to set up both computers and copy across keys.
I've tried Apple's solution for local DNS using a script that writes to /etc/resolve/local.1 here
And I've also tried manually generating SSH2 keys and cat them to the authorized_keys2 file on each computer. Nothing seems to solve these issues.
I'm pretty clueless as to how DNS effects my local LAN and why I have NO problems with mounting file share volumes... both ways, either using direct IP address in format 10.x.x.x or using ComputerName.local with no problems - but SSH throws up all these Host Name errors.
Here's a copy of what happens when I try to SSH from G5---> G4
iMac-G5:~ dhinton$ ssh -v blgrace@G4.local
OpenSSH_3.6.1p1+CAN-2004-0175, SSH protocols 1.5/2.0, OpenSSL 0x0090702f
debug1: Reading configuration data /etc/ssh_config
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: Connecting to G4.local [fe80:4::203:93ff:fe81:c180] port 22.
debug1: Connection established.
debug1: identity file /Users/dhinton/.ssh/identity type -1
debug1: identity file /Users/dhinton/.ssh/id_rsa type -1
debug1: identity file /Users/dhinton/.ssh/id_dsa type 2
debug1: Remote protocol version 2.0, remote software version OpenSSH_3.6.1p1+CAN-2004-0175
debug1: match: OpenSSH_3.6.1p1+CAN-2004-0175 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_3.6.1p1+CAN-2004-0175
debug1: An invalid name was supplied
Hostname cannot be canonicalized
debug1: An invalid name was supplied
A parameter was malformed
Validation error
debug1: An invalid name was supplied
Hostname cannot be canonicalized
debug1: An invalid name was supplied
A parameter was malformed
Validation error
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'g4.local' is known and matches the RSA host key.
debug1: Found key in /Users/dhinton/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: gssapi,publickey,password,keyboard-interactive
debug1: Next authentication method: gssapi
debug1: Server GSSAPI Error:
An invalid name was supplied
Hostname cannot be canonicalized
debug1: Authentications that can continue: gssapi,publickey,password,keyboard-interactive
debug1: Authentications that can continue: gssapi,publickey,password,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Trying private key: /Users/dhinton/.ssh/identity
debug1: Trying private key: /Users/dhinton/.ssh/id_rsa
debug1: Offering public key: /Users/dhinton/.ssh/id_dsa
debug1: Authentications that can continue: gssapi,publickey,password,keyboard-interactive
debug1: Next authentication method: keyboard-interactive
debug1: Authentications that can continue: gssapi,publickey,password,keyboard-interactive
debug1: Next authentication method: password
Thanks for your time.
I've also posted on OSXHints.COM - sorry if that is annoying
I'm having a few problems with SSH on my local network since upgrading to ADL.
I'm using a SpeedStream 4200 and connecting via Ethernet.
I have the SpeedStream connected to a 5 port Ethernet switch and two macs also connected to the switch.
Everything works fine - internet, mail, afp etc etc.... I'm just having problems with:
1. getting password-less SSH logins
2. SSH from G4 ---> G5 works quickly - just won't use my keys and always ends up requiring password. However, SSH from G5---> G4 is sooooooo slow - but exhibits exactly the same errors during the connection attempt.
I believe it has something to do with DNS lookup - because I couldn't get SSH to work at all prior to going into the ADSL modem set-up and putting in my ISP's primary and secondary DNS info within the DHCP page.
I've tried using GUI SSH assistant utilities (SSH Helper) to set up both computers and copy across keys.
I've tried Apple's solution for local DNS using a script that writes to /etc/resolve/local.1 here
And I've also tried manually generating SSH2 keys and cat them to the authorized_keys2 file on each computer. Nothing seems to solve these issues.
I'm pretty clueless as to how DNS effects my local LAN and why I have NO problems with mounting file share volumes... both ways, either using direct IP address in format 10.x.x.x or using ComputerName.local with no problems - but SSH throws up all these Host Name errors.
Here's a copy of what happens when I try to SSH from G5---> G4
iMac-G5:~ dhinton$ ssh -v blgrace@G4.local
OpenSSH_3.6.1p1+CAN-2004-0175, SSH protocols 1.5/2.0, OpenSSL 0x0090702f
debug1: Reading configuration data /etc/ssh_config
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: Connecting to G4.local [fe80:4::203:93ff:fe81:c180] port 22.
debug1: Connection established.
debug1: identity file /Users/dhinton/.ssh/identity type -1
debug1: identity file /Users/dhinton/.ssh/id_rsa type -1
debug1: identity file /Users/dhinton/.ssh/id_dsa type 2
debug1: Remote protocol version 2.0, remote software version OpenSSH_3.6.1p1+CAN-2004-0175
debug1: match: OpenSSH_3.6.1p1+CAN-2004-0175 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_3.6.1p1+CAN-2004-0175
debug1: An invalid name was supplied
Hostname cannot be canonicalized
debug1: An invalid name was supplied
A parameter was malformed
Validation error
debug1: An invalid name was supplied
Hostname cannot be canonicalized
debug1: An invalid name was supplied
A parameter was malformed
Validation error
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'g4.local' is known and matches the RSA host key.
debug1: Found key in /Users/dhinton/.ssh/known_hosts:1
debug1: ssh_rsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: gssapi,publickey,password,keyboard-interactive
debug1: Next authentication method: gssapi
debug1: Server GSSAPI Error:
An invalid name was supplied
Hostname cannot be canonicalized
debug1: Authentications that can continue: gssapi,publickey,password,keyboard-interactive
debug1: Authentications that can continue: gssapi,publickey,password,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Trying private key: /Users/dhinton/.ssh/identity
debug1: Trying private key: /Users/dhinton/.ssh/id_rsa
debug1: Offering public key: /Users/dhinton/.ssh/id_dsa
debug1: Authentications that can continue: gssapi,publickey,password,keyboard-interactive
debug1: Next authentication method: keyboard-interactive
debug1: Authentications that can continue: gssapi,publickey,password,keyboard-interactive
debug1: Next authentication method: password
Thanks for your time.
I've also posted on OSXHints.COM - sorry if that is annoying
