On Sat, Jun 20, 2015 at 09:12:45PM +0200, Igor Bukanov wrote:
Hello, I tried to use HostKeyAgent with sshd 6.7 under Linux. That worked for Linux clients. However, when I tried to connect from OpenSSH 6.2 under Mac OS X, the server disconnects: debug2: bits set: 1026/2048 debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY Connection closed by 84.22.97.209 When I disabled HostKeyAgent and switched HostKey back to the private keys, then I could connect from the Mac client again.This implies that HostKeyAgent somehow affects the bytes that are sent to the client. Why is it so? I.e. shouldn't HostKeyAgent just be an implementation detail that should not affect the client in any way?
Apologies if this is overly obvious, but are you certain you added a key of a type supported by the client to the hostkey agent? The Apple-supplied, nominally-6.2 ssh client on my OSX machine doesn't seem to support anything but RSA and DSS, so with that client I get the same behavior you note above with only ECDSA & ED25519 hostkeys added to the server's agent, but after also adding an RSA key it works fine. (A 6.7 client I have from MacPorts does support ECDSA and ED25519 though, for what it's worth.)
Zev _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev