Welcome to the VanDyke Software Forums

Join the discussion today!


Go Back   VanDyke Software Forums > General

Reply
 
Thread Tools Display Modes
  #1  
Old 06-02-2007, 04:04 AM
Back2Future's Avatar
Back2Future Back2Future is offline
Registered User
 
Join Date: Sep 2005
Location: Vigevano
Posts: 11
puTTY works and SecureCRT not!

Hi!

I'm working with many SUN Solaris & HP-UX systems with SecureCRT using SSH2 connections.

Yesterday one Sun Solaris system doesn't connect with SSH2 protocol started from SecureCRT with my default configuration for SSH2.

The same system works perfectly with puTTY with default configuration ..

Also SecureFX doesn't works .. but FileZilla works perfectly ..

Any suggestions?
Reply With Quote
  #2  
Old 06-02-2007, 10:17 AM
tnygren's Avatar
tnygren tnygren is offline
Registered User
 
Join Date: May 2005
Posts: 1,408
Hi Back2Future,

I just need a little more information to find out what is happening.

Do any errors appear during the connection attempts?

Could you send me the 'Trace Options' output from SecureCRT for this connection?

To enable 'Trace Options', just select 'Trace Options' from the file menu before connecting to the session. Once enabled, attempt the connection again. The information will appear in SecureCRT's window.

Please post this here or send it to me via email (support@vandyke.com).

Would you tell me more about what is happening with SecureFX (problem connecting, transferring a file, etc)?

What protocol is being used in the connection?
__________________
Thanks,

Teresa

Teresa Nygren

Last edited by jdev; 06-04-2007 at 09:06 AM.
Reply With Quote
  #3  
Old 06-05-2007, 06:05 AM
Back2Future's Avatar
Back2Future Back2Future is offline
Registered User
 
Join Date: Sep 2005
Location: Vigevano
Posts: 11
Hi, Teresa.

It's the SecureCRT trace output:

SecureCRT - Version 5.5.0 (build 371)
[LOCAL] : SSH2Core version 4.3.0.371
[LOCAL] : Connecting to esxha040.es:22 ...
[LOCAL] : Changing state from STATE_NOT_CONNECTED to STATE_EXPECT_KEX_INIT
[LOCAL] : Using protocol SSH2
[LOCAL] : RECV : Remote Identifier = "SSH-2.0-OpenSSH_3.8"
[LOCAL] : CAP : Remote can re-key
[LOCAL] : CAP : Remote sends language in password change requests
[LOCAL] : CAP : Remote sends algorithm name in PK_OK packets
[LOCAL] : CAP : Remote sends algorithm name in public key packets
[LOCAL] : CAP : Remote sends algorithm name in signatures
[LOCAL] : CAP : Remote sends error text in open failure packets
[LOCAL] : CAP : Remote sends name in service accept packets
[LOCAL] : CAP : Remote includes port number in x11 open packets
[LOCAL] : CAP : Remote uses 160 bit keys for SHA1 MAC
[LOCAL] : CAP : Remote supports new diffie-hellman group exchange messages
[LOCAL] : CAP : Remote correctly handles unknown SFTP extensions
[LOCAL] : CAP : Remote correctly encodes OID for gssapi
[LOCAL] : CAP : Remote correctly uses connected addresses in forwarded-tcpip requests
[LOCAL] : CAP : Remote can do SFTP version 4
[LOCAL] : CAP : Remote x.509v3 uses ASN.1 encoding for DSA signatures
[LOCAL] : SEND : KEXINIT
[LOCAL] : RECV : Read kexinit
[LOCAL] : Available Remote Kex Methods = diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
[LOCAL] : Selected Kex Method = diffie-hellman-group-exchange-sha1
[LOCAL] : Available Remote Host Key Algos = ssh-rsa,ssh-dss
[LOCAL] : Selected Host Key Algo = ssh-dss
[LOCAL] : Available Remote Send Ciphers = aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
[LOCAL] : Selected Send Cipher = aes256-cbc
[LOCAL] : Available Remote Recv Ciphers = aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
[LOCAL] : Selected Recv Cipher = aes256-cbc
[LOCAL] : Available Remote Send Macs = hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
[LOCAL] : Selected Send Mac = hmac-sha1
[LOCAL] : Available Remote Recv Macs = hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
[LOCAL] : Selected Recv Mac = hmac-sha1
[LOCAL] : Available Remote Compressors = none,zlib
[LOCAL] : Selected Compressor = none
[LOCAL] : Available Remote Decompressors = none,zlib
[LOCAL] : Selected Decompressor = none
[LOCAL] : Changing state from STATE_EXPECT_KEX_INIT to STATE_KEY_EXCHANGE
[LOCAL] : SEND : KEXDH_GEX_REQUEST
[LOCAL] : RECV : KEXDH_GEX_GROUP
[LOCAL] : SEND : KEXDH_INIT
[LOCAL] : RECV : KEXDH_REPLY
[LOCAL] : SEND : NEWKEYS
[LOCAL] : Changing state from STATE_KEY_EXCHANGE to STATE_EXPECT_NEWKEYS
[LOCAL] : RECV : NEWKEYS
[LOCAL] : Changing state from STATE_EXPECT_NEWKEYS to STATE_CONNECTION
[LOCAL] : SEND: SERVICE_REQUEST[ssh-userauth]
[LOCAL] : RECV: SERVICE_ACCEPT[ssh-userauth] -- OK
[LOCAL] : SENT : USERAUTH_REQUEST [none]
[LOCAL] : RECV : USERAUTH_FAILURE, continuations [publickey,password,keyboard-interactive]
[LOCAL] : SENT : USERAUTH_REQUEST [password]
[LOCAL] : RECV : USERAUTH_FAILURE, continuations [publickey,password,keyboard-interactive]
[LOCAL] : SENT : USERAUTH_REQUEST [password]
[LOCAL] : RECV : USERAUTH_FAILURE, continuations [publickey,password,keyboard-interactive]
[LOCAL] : SEND: Disconnect packet: The user canceled authentication.
[LOCAL] : Changing state from STATE_CONNECTION to STATE_SEND_DISCONNECT
[LOCAL] : Changing state from STATE_SEND_DISCONNECT to STATE_CLOSED
[LOCAL] : Connected for 8 seconds, 1203 bytes sent, 1868 bytes received
Reply With Quote
  #4  
Old 06-05-2007, 07:14 AM
tnygren's Avatar
tnygren tnygren is offline
Registered User
 
Join Date: May 2005
Posts: 1,408
Hi Back2Future,

I looking at the trace, the server is failing the attempt to log on using the Password authentication method.

Is the password saved in the session?

If so, is it the same password that is being used with Putty?

By default, Putty uses the Keyboard Interactive authentication method which should be using the same username and password.

SecureCRT can also be configured to attempt this method first. This can be done by highlighting 'Keyboard Interactive' in the authentication list in the 'SSH2 ' sub-category of the 'Session Options' and then using the arrow buttons on the right to move this method to the top of the list.

Does the authentication succeed if 'Keyboard Interactive' is used as the authentication method?
__________________
Thanks,

Teresa

Teresa Nygren
Reply With Quote
  #5  
Old 06-05-2007, 10:23 AM
Back2Future's Avatar
Back2Future Back2Future is offline
Registered User
 
Join Date: Sep 2005
Location: Vigevano
Posts: 11
Hi, Teresa.

It doesn't works ...

It's the log:

SecureCRT - Version 5.5.0 (build 371)
[LOCAL] : SSH2Core version 4.3.0.371
[LOCAL] : Connecting to esxha040.es:22 ...
[LOCAL] : Changing state from STATE_NOT_CONNECTED to STATE_EXPECT_KEX_INIT
[LOCAL] : Using protocol SSH2
[LOCAL] : RECV : Remote Identifier = "SSH-2.0-OpenSSH_3.8"
[LOCAL] : CAP : Remote can re-key
[LOCAL] : CAP : Remote sends language in password change requests
[LOCAL] : CAP : Remote sends algorithm name in PK_OK packets
[LOCAL] : CAP : Remote sends algorithm name in public key packets
[LOCAL] : CAP : Remote sends algorithm name in signatures
[LOCAL] : CAP : Remote sends error text in open failure packets
[LOCAL] : CAP : Remote sends name in service accept packets
[LOCAL] : CAP : Remote includes port number in x11 open packets
[LOCAL] : CAP : Remote uses 160 bit keys for SHA1 MAC
[LOCAL] : CAP : Remote supports new diffie-hellman group exchange messages
[LOCAL] : CAP : Remote correctly handles unknown SFTP extensions
[LOCAL] : CAP : Remote correctly encodes OID for gssapi
[LOCAL] : CAP : Remote correctly uses connected addresses in forwarded-tcpip requests
[LOCAL] : CAP : Remote can do SFTP version 4
[LOCAL] : CAP : Remote x.509v3 uses ASN.1 encoding for DSA signatures
[LOCAL] : SEND : KEXINIT
[LOCAL] : RECV : Read kexinit
[LOCAL] : Available Remote Kex Methods = diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
[LOCAL] : Selected Kex Method = diffie-hellman-group-exchange-sha1
[LOCAL] : Available Remote Host Key Algos = ssh-rsa,ssh-dss
[LOCAL] : Selected Host Key Algo = ssh-dss
[LOCAL] : Available Remote Send Ciphers = aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
[LOCAL] : Selected Send Cipher = aes256-cbc
[LOCAL] : Available Remote Recv Ciphers = aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
[LOCAL] : Selected Recv Cipher = aes256-cbc
[LOCAL] : Available Remote Send Macs = hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
[LOCAL] : Selected Send Mac = hmac-sha1
[LOCAL] : Available Remote Recv Macs = hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
[LOCAL] : Selected Recv Mac = hmac-sha1
[LOCAL] : Available Remote Compressors = none,zlib
[LOCAL] : Selected Compressor = none
[LOCAL] : Available Remote Decompressors = none,zlib
[LOCAL] : Selected Decompressor = none
[LOCAL] : Changing state from STATE_EXPECT_KEX_INIT to STATE_KEY_EXCHANGE
[LOCAL] : SEND : KEXDH_GEX_REQUEST
[LOCAL] : RECV : KEXDH_GEX_GROUP
[LOCAL] : SEND : KEXDH_INIT
[LOCAL] : RECV : KEXDH_REPLY
[LOCAL] : SEND : NEWKEYS
[LOCAL] : Changing state from STATE_KEY_EXCHANGE to STATE_EXPECT_NEWKEYS
[LOCAL] : RECV : NEWKEYS
[LOCAL] : Changing state from STATE_EXPECT_NEWKEYS to STATE_CONNECTION
[LOCAL] : SEND: SERVICE_REQUEST[ssh-userauth]
[LOCAL] : RECV: SERVICE_ACCEPT[ssh-userauth] -- OK
[LOCAL] : SENT : USERAUTH_REQUEST [none]
[LOCAL] : RECV : USERAUTH_FAILURE, continuations [publickey,password,keyboard-interactive]
[LOCAL] : SENT : USERAUTH_REQUEST [password]
[LOCAL] : RECV : USERAUTH_FAILURE, continuations [publickey,password,keyboard-interactive]
[LOCAL] : SEND: Disconnect packet: The user canceled authentication.
[LOCAL] : Changing state from STATE_CONNECTION to STATE_SEND_DISCONNECT
[LOCAL] : Changing state from STATE_SEND_DISCONNECT to STATE_CLOSED
[LOCAL] : Connected for 11 seconds, 1087 bytes sent, 1784 bytes received
Reply With Quote
  #6  
Old 06-05-2007, 10:28 AM
Back2Future's Avatar
Back2Future Back2Future is offline
Registered User
 
Join Date: Sep 2005
Location: Vigevano
Posts: 11
Excuse me ... it works with Keyboard Interactive!

SecureCRT doesn' save session changes if I don't exit and re-launch ...

Thank You, Teresa ..
Reply With Quote
  #7  
Old 06-05-2007, 10:29 AM
tnygren's Avatar
tnygren tnygren is offline
Registered User
 
Join Date: May 2005
Posts: 1,408
Hi Back2Future,

I'm glad to hear that Keyboard Interactive is working!
__________________
Thanks,

Teresa

Teresa Nygren

Last edited by tnygren; 06-05-2007 at 10:33 AM.
Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -6. The time now is 12:27 PM.