On Fri, Nov 14, 2014 at 1:32 PM, Chandra Kumara <chandra.kumara@xxxxxxxxxxxxxx> wrote: > Hi Openssh support, > > > > I have upgraded openssh from 5.3p1 to 6.2p2 in a RHEL 6.6 - 64 bit server > and now i can't login to server remotely using same root password. It always > prompting the password saying "Permission denied, please try again." I just tried the 6.7p1 tarball with this procedure. Seems to work fine. The .spec file is missing the BuildRequires dependency of "/usr/bin/xmkmf" in the dependencies for the openssh-x11-aspass module, but othewise seems to work fine. > Please help me to resolve the issue. > > > > Following are the steps i have followd. > > > > ---------------------------------------------------------------- > > [root@test ~]# ssh -V > > OpenSSH_5.3p1, OpenSSL 1.0.1e-fips 11 Feb 2013 > > > > [root@test ~]# cat /etc/redhat-release > > Red Hat Enterprise Linux Server release 6.6 (Santiago) > > > > [root@test ~]# rpm -qa |grep openssh > > openssh-server-5.3p1-104.el6.x86_64 > > openssh-clients-5.3p1-104.el6.x86_64 > > openssh-5.3p1-104.el6.x86_64 > > > > yum install rpm-build > > yum install gcc glibc-devel pam-devel libX11-devel krb5-devel zlib-devel > > yum install openssh-devel openssl-devel tcp_wrappers-devel libXt-devel imake > gtk2-devel > > > > wget http://ftp.spline.de/pub/OpenBSD/OpenSSH/portable/openssh-6.2p2.tar.gz > > wget > http://pkgs.fedoraproject.org/repo/pkgs/openssh/x11-ssh-askpass-1.2.4.1.tar. > gz/8f2e41f3f7eaa8543a2440454637f3c3/x11-ssh-askpass-1.2.4.1.tar.gz > > > > tar zxvf openssh-6.2p2.tar.gz > > cp openssh-6.2p2/contrib/redhat/openssh.spec . > > rpmbuild -bb openssh.spec > > > > cp x11-ssh-askpass-1.2.4.1.tar.gz /root/rpmbuild/SOURCES/ > > cp openssh-6.2p2.tar.gz /root/rpmbuild/SOURCES/ > > cp openssh.spec /root/rpmbuild/SOURCES/ > > > > rpmbuild -bb openssh.spec > > > > cd /root/rpmbuild/RPMS/x86_64/ > > rpm -Uvh * > > /etc/init.d/sshd restart > > > > [root@test ~]# rpm -qa |grep openss > > openssl-devel-1.0.1e-30.el6_6.4.x86_64 > > openssh-server-6.2p2-1.x86_64 > > openssl-1.0.1e-30.el6_6.4.x86_64 > > openssh-askpass-gnome-6.2p2-1.x86_64 > > openssh-debuginfo-6.2p2-1.x86_64 > > openssh-6.2p2-1.x86_64 > > openssh-clients-6.2p2-1.x86_64 > > > > > > [root@plutotest .ssh]# ssh -v root@192.168.0.38 > > OpenSSH_5.3p1, OpenSSL 1.0.0-fips 29 Mar 2010 > > debug1: Reading configuration data /etc/ssh/ssh_config > > debug1: Applying options for * > > debug1: Connecting to 192.168.0.38 [192.168.0.38] port 22. > > debug1: Connection established. > > debug1: permanently_set_uid: 0/0 > > debug1: identity file /root/.ssh/identity type -1 > > debug1: identity file /root/.ssh/identity-cert type -1 > > debug1: identity file /root/.ssh/id_rsa type -1 > > debug1: identity file /root/.ssh/id_rsa-cert type -1 > > debug1: identity file /root/.ssh/id_dsa type -1 > > debug1: identity file /root/.ssh/id_dsa-cert type -1 > > debug1: Remote protocol version 2.0, remote software version OpenSSH_6.2 > > debug1: match: OpenSSH_6.2 pat OpenSSH* > > debug1: Enabling compatibility mode for protocol 2.0 > > debug1: Local version string SSH-2.0-OpenSSH_5.3 > > debug1: SSH2_MSG_KEXINIT sent > > debug1: SSH2_MSG_KEXINIT received > > debug1: kex: server->client aes128-ctr hmac-md5 none > > debug1: kex: client->server aes128-ctr hmac-md5 none > > debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent > > debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP > > debug1: SSH2_MSG_KEX_DH_GEX_INIT sent > > debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY > > debug1: Host '192.168.0.38' is known and matches the RSA host key. > > debug1: Found key in /root/.ssh/known_hosts:9 > > debug1: ssh_rsa_verify: signature correct > > debug1: SSH2_MSG_NEWKEYS sent > > debug1: expecting SSH2_MSG_NEWKEYS > > debug1: SSH2_MSG_NEWKEYS received > > debug1: SSH2_MSG_SERVICE_REQUEST sent > > debug1: SSH2_MSG_SERVICE_ACCEPT received > > debug1: Authentications that can continue: > publickey,gssapi-with-mic,password > > debug1: Next authentication method: gssapi-with-mic > > debug1: Unspecified GSS failure. Minor code may provide more information > > Cannot determine realm for numeric host address > > > > debug1: Unspecified GSS failure. Minor code may provide more information > > Cannot determine realm for numeric host address > > > > debug1: Unspecified GSS failure. Minor code may provide more information > > > > > > debug1: Unspecified GSS failure. Minor code may provide more information > > Cannot determine realm for numeric host address > > > > debug1: Next authentication method: publickey > > debug1: Trying private key: /root/.ssh/identity > > debug1: Trying private key: /root/.ssh/id_rsa > > debug1: Trying private key: /root/.ssh/id_dsa > > debug1: Next authentication method: password > > root@192.168.0.38's password: > > debug1: Authentications that can continue: > publickey,gssapi-with-mic,password > > Permission denied, please try again. > > root@192.168.0.38's password: > > ---------------------------------------------------------------- > > Regards, > > Chandra Kumara, SSA > > ShipXpress. > > 2315 Beach Blvd - Suite 104 || Jacksonville Beach, FL 32250 > > phone: +94 11 2826814/15 || website: <http://www.shipxpress.com/> > http://www.shipxpress.com > > > > _______________________________________________ > openssh-unix-dev mailing list > openssh-unix-dev@xxxxxxxxxxx > https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev