SSH issues on 10.1

theed

Registered
My install has shown a couple of signs of being flaky on this box, so I just want to know if this affects anyone else...

I can't ssh out. It gives me some whacked out crazy crap about version mismatch. I need tu update ssh on my server anyway, I'll probably fix it by hand, but Just wanted to know.
 
Use "slogin" it works for me.

Also, is it just me or does Terminal take like 15 seconds to load. My gosh, its a terminal window for pete's sake.

Admin
 
[chimera:~] theed% slogin theed@liquidbinary.com
OpenSSL version mismatch. Built against 90581f, you have 90602f
[chimera:~] theed%

same error I get with ssh. guess it's just me then. Thanks. ...
now I feel all alone. :-(
 
Did you install a non-Apple build of ssh at some time? If so, could you be running that one instead, as I would hope Apple would install the right OpenSSL with the right OpenSSH?
 
Hi,

Originally posted by Admin
Use "slogin" it works for me.

have a closer look at slogin.

ls -al on /usr/bin gives me:
<pre>
lrwxr-xr-x 1 root wheel 3 Sep 25 12:20 /usr/bin/slogin -> ssh
</pre>

So, slogin is nothing, but a link to ssh. I can't make a difference wether you use slogin or ssh.
It would be inetersting to which version of ssh you are using on your boxes.

<pre>
[localhost:~] thomas% ssh -V
OpenSSH_2.9p2, SSH protocols 1.5/2.0, OpenSSL 0x0090602f
</pre>

This is what i get. If the versions differ you can try to connect via

</pre>
/usr/bin/ssh -1
</pre>
or
</pre>
/usr/bin/ssh -2
</pre>

I installed the 2.9p2 from source in 10.0.4. I'm not sure which version 10.1 is installing.

HTH

cu:Stray
 
OpenSSH_2.9p2, SSH protocols 1.5/2.0, OpenSSL 0x0090602f

that's what Apple seems to be using these days. I'm rebuilding my machine around a new clean install. SSH is functional again. Trying to upgrade from my old system didn't work. I don't think I had another ssh installed. Who knows.
 
is this <b>Built against 90581f</b>

the 0.96b version is apparently what apple has installed.

<e>in this case the b does not stand for beta
</e>

OpenSSH_2.9p2, SSH protocols 1.5/2.0, OpenSSL 0x0090602f

from a 10.1 update clean install on a new partition.

also, the ssh_config in /etc is different.
 
I'm also getting an error when trying to SSH after installing the 10.1 update. It reads:

OpenSSL version mismatch. Built against 90581f, you have 90602f

Not sure what to do to fix it. Yes, I installed a version different than what Apple had because on X's first iteration, there was no ssh support and I needed it. Anybody have an idea as to what I should do to fix it besides installing fresh? (I can't really afford to do that.)

Thanks,
Ali
 
After quite a bit of searching, i found the answer on Apple's own discussion boards--not a bad resource! Somebody had already figured out what was going on. He wrote:

"Following up:

My problem was caused by having two different ssh versions installed simultaneously... one in /usr/local/bin [where the Stepwise package installed it] and one in /usr/bin [the newer Apple-supplied ssh].

"which ssh" found the _older_ version because /usr/local/bin was searched before /usr/bin owing to the "path" variable in my .cshrc file.

Removing the outdated /usr/local/bin/ssh* files (and /usr/local/bin/slogin too, I guess) fixed the problem. "

As an addendum, if you had been using scp, you should also delete that in /usr/local/bin/ since it's also in /usr/bin/ and the older one breaks once you remove ssh.

Cheers,
Ali
 
Originally posted by avalenz


"Following up:

My problem was caused by having two different ssh versions installed simultaneously... one in /usr/local/bin [where the Stepwise package installed it] and one in /usr/bin [the newer Apple-supplied ssh].

"which ssh" found the _older_ version because /usr/local/bin was searched before /usr/bin owing to the "path" variable in my .cshrc file.

Removing the outdated /usr/local/bin/ssh* files (and /usr/local/bin/slogin too, I guess) fixed the problem. "

As an addendum, if you had been using scp, you should also delete that in /usr/local/bin/ since it's also in /usr/bin/ and the older one breaks once you remove ssh.

Cheers,
Ali


a good reason to get familiar with <b>cli tools</b> like "which"....

"locate" is pretty good too...
There is a GUI version of locate called Xlocate which you can find on Versiontracker.
<hr><b>
you should always run these tools when you do some non-standard install else your "new feature" will turn into "new nightmares"</b>
 
hindsight is 20/20

It's easy to talk about answers to the problem when answers have been found. I didn't recall installing ssh, so it wasn't a possibility I was looking into. ... and there were a handful of other quirks on my system that I just didn't feel like leaving quirky, so I just reinstalled. Now I just have to reinstate my .tcshrc stuff and I should be back to normal.

Thanks for playing along everyone.
 
I removed the older ssh files in /usr/local/bin but it still does not work.

"which ssh" gives "/usr/bin/ssh"

and

"ssh" still gives "OpenSSL version mismatch. Built against 90581f, you have 90602f"
 
FredrikI, did you install OpenSSL separately?

Do a 'which openssl'. You may have installed OpenSSL prior to the 10.1 upgrade. I don't have my OSX system handy, so I can't confirm where Apple installs OpenSSL, but if you get two paths back, that might be your problem. Either delete the older one (0.9.6b is the latest) or change your PATH so that the latest comes up first.
 
This is the openssl I have:

[qwe:~] fredrik% openssl version
OpenSSL 0.9.6b 9 Jul 2001

and this is the location of openssl

[qwe:~] fredrik% which openssl
/usr/bin/openssl

but I still get

[qwe:~] fredrik% ssh
OpenSSL version mismatch. Built against 90581f, you have 90602f

Is it possible to reinstall the files which are required for SSH? (I'm a UNIX-newbie)
 
FredrickI,
You should have 0x0090602f. Is it possible your version of ssh is the one from before 10.1? Do a 'which ssh' and then a 'ssh -V'. There should only be one ssh (usr/bin/ssh) and the version should be 2.9p2 built with the version of OpenSSL listed above. My suspicion is that you are calling an older version of OpenSSH when you invoke ssh.

Actually, I've just reread all the posts below and someone has already told you to do this. There aren't any libraries that go along with OpenSSH and the config file would have nothing to do with this. Did you delete *all* the ssh related files from /usr/local/bin? BTW, did you clean out the old versions of scp and sshd? Maybe delete ~/.ssh/.prng_seed.

Also, remove any /usr/local/* from your PATH and then open a new terminal and then try it. Something is obviously lingering around from the previous install.
 
Ok, so I have SSH installed with my standard 10.1 package on my PB G3 (Pismo) and G4 tower (digital audio). I was able to successfully log in to the G4 from the PB using SSH, but I got a message telling me something about registering with RSA or something (sorry, I don't have the machines handy).

Anyhow, from what I understand about the public key encryption scheme, I need to register or create my public key via a 3rd party, correct? but in all the web searching I've done regarding SSH (I also want to use it with my Linux web server), I can't find a link to the specifics of registering the key.

Plus, should each machine have it's own key pair, as well as me personally?

Thanks!
 
If the error you see is something to the effect of,


The authenticity of host 'somehost (so.m.e.ip)' can't be established.
RSA key fingerprint is ab:cd:ef:01:23:45:67:89:ab:cd:ef:01:23:45:67:89.
Are you sure you want to continue connecting (yes/no)?


then it is merely warning you it doesn't have the host key of the machine to which you are connecting. ssh stores host keys in ~/.ssh/known_hosts and ~/.ssh/known_hosts2 so it can be sure that when it connects to 'somehost' it can be sure that it is really 'somehost'. This leads to the problem that the first time you connect to a machine, you probably don't yet have the host key, hence this message. If you know it's the right machine, you can just answer 'yes' to the question, and it will store the key.

If you're really paranoid, you would copy over the host key when you setup the machine...

And note, these host keys are setup automatically if they don't yet exist on the machine (see, /System/Library/StartupItems/SSH/SSH if you're curious).
 
After a super clean install of 10.1 on a newly formatted drive (installed 10.0 then 10.1) my ssh wasn't working. i couldn't create ssh tunnels.

so for some reason, don't ask me why, i installed the <a href="http://www.versiontracker.com/moreinfo.fcgi?id=10255">openssh build from version tracker.com</a> which was for osx10.0.1 silly me.

i started getting the version mismatch error - no mystery there, but no idea how to fix without a fresh reinsall.

then on <a href="http://www.macslash.com/article.pl?sid=01/10/09/0748249">macslash</a> there is a thread about a fix for ssh on 10.1 so i downloaded <a href="http://prdownloads.sourceforge.net/gnu-darwin/OpenSSH-2.9.9gd_2.tgz">that package</a> and untar it over the top of the old ssh files.

it overwrote my/etc/ssh_config file with factory defaults.

i welcome any assistance.

dave
 
Dave,
No ssh after the upgrade? Perhaps it wasn't in your PATH? I went from 10.0 to 10.1 in my recent install and ssh was there from 10.1.
 
i ended up reinstalling osx10.1 and that fixed th eversion conflict. then ran the updater to openssh off the macslash link above, now can ssh tunnel okay and can cvs from the command line. jcvs is broken though and am tempted to ingnore it. wish the finder could incorporate cvs, that would rule.
 
Back
Top