<html><body><div style="color:#000; background-color:#fff; font-family:HelveticaNeue, Helvetica Neue, Helvetica, Arial, Lucida Grande, Sans-Serif;font-size:12pt"><div><span style="background-color: transparent;">I received complaints from OpenSSH users that there's a similar issue with CISCO 6506.</span><br></div><div><br></div><div class="yahoo_quoted" style="display: block;"> <br> <br> <div style="font-family: HelveticaNeue, 'Helvetica Neue', Helvetica, Arial, 'Lucida Grande', sans-serif; font-size: 12pt;"> <div style="font-family: HelveticaNeue, 'Helvetica Neue', Helvetica, Arial, 'Lucida Grande', sans-serif; font-size: 12pt;"> <div dir="ltr"> <font size="2" face="Arial"> On Friday, 10 January 2014, 13:55, Daniel Shaw <daniel.shaw@point-oh.net> wrote:<br> </font> </div> <div class="y_msg_container"><div id="yiv4872354292"><div><div dir="ltr"><br clear="none"><div class="yiv4872354292gmail_extra"><div class="yiv4872354292gmail_quote">On 10
January 2014 10:38, Loganaden Velvindron <span dir="ltr"><<a rel="nofollow" shape="rect" ymailto="mailto:gnukid1@yahoo.co.uk" target="_blank" href="mailto:gnukid1@yahoo.co.uk">gnukid1@yahoo.co.uk</a>></span> wrote:<br clear="none">
<blockquote class="yiv4872354292gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex;"><div><div style="font-size: 12pt; font-family: HelveticaNeue, 'Helvetica Neue', Helvetica, Arial, 'Lucida Grande', sans-serif;">
<div><div class="yiv4872354292h5"><div style="font-size:12pt;">The issue is present on the CISCO 1841 model line when using password authentication scheme:</div><div style="font-size:12pt;"><br clear="none"></div><div style="font-size:12pt;">
Here's the stock ssh client on MAC OS X.</div></div></div></div></div></blockquote><div> </div><blockquote class="yiv4872354292gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex;">
<div>
<div style="font-size: 12pt; font-family: HelveticaNeue, 'Helvetica Neue', Helvetica, Arial, 'Lucida Grande', sans-serif;"><div><div class="yiv4872354292h5"></div></div><div style="font-size:12pt;">Here's the openssh client from <a rel="nofollow" shape="rect" target="_blank" href="http://www.openssh.com/">www.openssh.com</a> &&
compiled with default options.</div><div><div class="yiv4872354292h5"><div style="font-size:12pt;"><br clear="none"></div><div>./ssh -V</div><div>OpenSSH_6.4p1<br clear="none"></div><div><br clear="none"></div><div><span></span></div><div><div>OpenSSH_6.4, OpenSSL 0.9.8r 8 Feb 2011</div>
<div>debug1: Reading configuration data /opt2/etc/ssh_config </div></div></div></div></div></div></blockquote><div><br clear="none"></div><div>Further correction:<br clear="none"></div><div>The issue is present using openssh 6.4, compiled with OSX compiler X (fill in what you used), on OSX version 10.x.x (whatever version you have), against OpenSSL 0.9.8r, connecting to an 1841 router (using default compile options and ssh_config as per source download).<br clear="none">
</div></div><br clear="none"></div><div class="yiv4872354292gmail_extra">Here is the same version of OpenSSH, but compiled on a Red Hat / CentOS / other similar derivative, using the packager's choice of compile options and gcc, running on a different CentOS install (6.x), with the ssh_config from the previous openssh version as packaged by CentOS, linked against OpenSSL 1.0.0...<br clear="none">
<br clear="none">$ ssh -V<br clear="none">OpenSSH_6.4p1, OpenSSL 1.0.0-fips 29 Mar 2010<br clear="none"><br clear="none">$ ssh -v hostname.domain<br clear="none">OpenSSH_6.4, OpenSSL 1.0.0-fips 29 Mar 2010<br clear="none">debug1: Reading configuration data /etc/ssh/ssh_config<br clear="none">debug1: /etc/ssh/ssh_config line 49: Applying options for *<br clear="none">
debug1: Connecting to hostname.domain [ip.ip.ip.ip] port 22.<br clear="none">debug1: Connection established.<br clear="none">debug1: identity file /home/daniel/.ssh/id_rsa type -1<br clear="none">debug1: identity file /home/daniel/.ssh/id_rsa-cert type -1<br clear="none">
debug1: identity file /home/daniel/.ssh/id_dsa type -1<br clear="none">
debug1: identity file /home/daniel/.ssh/id_dsa-cert type -1<br clear="none">debug1: Enabling compatibility mode for protocol 2.0<br clear="none">debug1: Local version string SSH-2.0-OpenSSH_6.4<br clear="none">debug1: Remote protocol version 2.0, remote software version Cisco-1.25<br clear="none">
debug1: no match: Cisco-1.25<br clear="none">debug1: SSH2_MSG_KEXINIT sent<br clear="none">debug1: SSH2_MSG_KEXINIT received<br clear="none">debug1: kex: server->client aes128-cbc hmac-md5 none<br clear="none">debug1: kex: client->server aes128-cbc hmac-md5 none<br clear="none">
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent<br clear="none">
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP<br clear="none">debug1: SSH2_MSG_KEX_DH_GEX_INIT sent<br clear="none">debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY<br clear="none">debug1: Server host key: RSA bf:ec:34:55:8b:05:0a:6d:1e:7b:43:04:5d:03:b3:c7<br clear="none">debug1: Host 'hostname.domain' is known and matches the RSA host key.<br clear="none">
debug1: Found key in ~/.ssh/known_hosts:61<br clear="none">debug1: ssh_rsa_verify: signature correct<br clear="none">debug1: SSH2_MSG_NEWKEYS sent<br clear="none">debug1: expecting SSH2_MSG_NEWKEYS<br clear="none">debug1: SSH2_MSG_NEWKEYS received<br clear="none">debug1: Roaming not allowed by server<br clear="none">
debug1: SSH2_MSG_SERVICE_REQUEST sent<br clear="none">debug1: SSH2_MSG_SERVICE_ACCEPT received<br clear="none"><br clear="none">*************************************************************<br clear="none">* This is a restricted area. Unauthorised access prohibited *<br clear="none">*************************************************************<br clear="none">
debug1: Authentications that can continue: publickey,keyboard-interactive,password<br clear="none">debug1: Next authentication method: publickey<br clear="none">debug1: Trying private key: /home/daniel/.ssh/id_rsa<br clear="none">debug1: Trying private key: /home/daniel/.ssh/id_dsa<br clear="none">
debug1: Next authentication method: keyboard-interactive<br clear="none">Password:<div class="yiv4872354292yqt9885943160" id="yiv4872354292yqtfd39533"><br clear="none">debug1: Authentications that can continue: publickey,keyboard-interactive,password</div><br clear="none">Password:<br clear="none">debug1: Authentication succeeded (keyboard-interactive).<br clear="none">
Authenticated to hostname.domain ([ip.ip.ip.ip:22).<br clear="none">debug1: channel 0: new [client-session]<br clear="none">debug1: Entering interactive session.<br clear="none">debug1: Sending environment.<br clear="none">debug1: Sending env LC_ALL = en_US<br clear="none">debug1: Sending env LANG = en_US.UTF-8<br clear="none">
debug1: Sending env LANGUAGE = en_US.UTF-8<br clear="none"><br clear="none">hostname.domain><br clear="none"></div><div class="yiv4872354292gmail_extra"><br clear="none"></div><div class="yiv4872354292gmail_extra">And...<br clear="none"><br clear="none">hostname.domain#sh ver<br clear="none">Cisco IOS Software, 1841 Software (C1841-ADVIPSERVICESK9-M), Version 15.0(1)M7, RELEASE SOFTWARE (fc2)<br clear="none">
Technical Support: <a rel="nofollow" shape="rect" target="_blank" href="http://www.cisco.com/techsupport">http://www.cisco.com/techsupport</a><br clear="none">Copyright (c) 1986-2011 by Cisco Systems, Inc.<br clear="none">Compiled Thu 04-Aug-11 19:42 by prod_rel_team<br clear="none"><br clear="none">ROM: System Bootstrap, Version 12.3(8r)T9, RELEASE SOFTWARE (fc1)<div class="yiv4872354292yqt9885943160" id="yiv4872354292yqtfd91010"><br clear="none">
<br clear="none"><br clear="none"></div></div></div></div></div><br><br></div> </div> </div> </div> </div></body></html>