SHARE
TWEET

Untitled

a guest Aug 24th, 2019 177 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. MacBook-Pro-Vladimir:~ vladimir$ pkcs11-tool -lO
  2. Using slot 0 with a present token (0x0)
  3. Logging in to "Beshelmek".
  4. Please enter User PIN:
  5. Public Key Object; RSA 2048 bits
  6.   label:
  7.   ID:         45
  8.   Usage:      encrypt, verify, wrap
  9. Private Key Object; RSA
  10.   label:
  11.   ID:         45
  12.   Usage:      decrypt, sign, unwrap
  13.  
  14.  
  15.  
  16.  
  17. MacBook-Pro-Vladimir:~ vladimir$ cat .ssh/config
  18. Host *
  19.  
  20. PKCS11Provider /usr/local/lib/librtpkcs11ecp.dylib
  21.  
  22.  
  23.  
  24.  
  25. MacBook-Pro-Vladimir:~ vladimir$ pkcs11-tool -lL
  26. Available slots:
  27. Slot 0 (0x0): Aktiv Rutoken ECP
  28.   token label        : Beshelmek
  29.   token manufacturer : Aktiv Co.
  30.   token model        : Rutoken ECP
  31.   token flags        : login required, rng, token initialized, PIN initialized
  32.   hardware version   : 20.5
  33.   firmware version   : 23.2
  34.   serial num         : 3ace6881
  35.   pin min/max        : 6/32
  36. Slot 1 (0x1):
  37.   (empty)
  38. Slot 2 (0x2):
  39.   (empty)
  40. Slot 3 (0x3):
  41.   (empty)
  42. Slot 4 (0x4):
  43.   (empty)
  44. Slot 5 (0x5):
  45.   (empty)
  46. Slot 6 (0x6):
  47.   (empty)
  48. Slot 7 (0x7):
  49.   (empty)
  50. Slot 8 (0x8):
  51.   (empty)
  52. Slot 9 (0x9):
  53.   (empty)
  54. Slot 10 (0xa):
  55.   (empty)
  56. Slot 11 (0xb):
  57.   (empty)
  58. Slot 12 (0xc):
  59.   (empty)
  60. Slot 13 (0xd):
  61.   (empty)
  62. Slot 14 (0xe):
  63.   (empty)
  64.  
  65.  
  66.  
  67. MacBook-Pro-Vladimir:~ vladimir$ ssh-keygen -D /usr/local/lib/librtpkcs11ecp.dylib -I 0:45
  68. ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCkBxrWUyb27RJndi3MkYJAcNurm0FJSwTszgXqs5odFxAmJs7jNH8W+b8pJHLo/nijimxnKDHs5wPPP0v9hSNhHAHXqGtf2Efflm7eVcey8YYYOSxB7ciqGe7f2zTFUPnQC9w1HJ4nxmsZf/gxEDt+DZLtdHEie5R53NL4MdzuCYSzIxQjfYUSHjI4mQLbUl0zsTLWuTpYi1yLwfjom+Ef4UNxSpsMr+6y4lWwEGi6XqFMAQZXRQASjsRRrs2gvSuY9PjmAIL1BnLHM04rqj9YPrNGyqmTRqUH0nhtX3x37Lz+7F9lpnJjOLAmHmUo3RygUuwAF12zplzTVDC+x067
  69.  
  70.  
  71.  
  72. MacBook-Pro-Vladimir:~ vladimir$ ssh -vvv root@beshelmek.org
  73. OpenSSH_7.9p1, LibreSSL 2.7.3
  74. debug1: Reading configuration data /Users/vladimir/.ssh/config
  75. debug1: /Users/vladimir/.ssh/config line 1: Applying options for *
  76. debug1: Reading configuration data /etc/ssh/ssh_config
  77. debug1: /etc/ssh/ssh_config line 48: Applying options for *
  78. debug2: resolving "beshelmek.org" port 22
  79. debug2: ssh_connect_direct
  80. debug1: Connecting to beshelmek.org [172.17.0.1] port 22.
  81. debug1: Connection established.
  82. debug1: provider /usr/local/lib/librtpkcs11ecp.dylib: manufacturerID <Aktiv Co.> cryptokiVersion 2.20 libraryDescription <Rutoken ECP PKCS #11 library> libraryVersion 1.9
  83. debug1: provider /usr/local/lib/librtpkcs11ecp.dylib slot 0: label <Beshelmek> manufacturerID <Aktiv Co.> model <Rutoken ECP> serial <3ace6881> flags 0x40d
  84. debug1: have 1 keys
  85. debug1: identity file /Users/vladimir/.ssh/id_rsa type -1
  86. debug1: identity file /Users/vladimir/.ssh/id_rsa-cert type -1
  87. debug1: identity file /Users/vladimir/.ssh/id_dsa type -1
  88. debug1: identity file /Users/vladimir/.ssh/id_dsa-cert type -1
  89. debug1: identity file /Users/vladimir/.ssh/id_ecdsa type -1
  90. debug1: identity file /Users/vladimir/.ssh/id_ecdsa-cert type -1
  91. debug1: identity file /Users/vladimir/.ssh/id_ed25519 type -1
  92. debug1: identity file /Users/vladimir/.ssh/id_ed25519-cert type -1
  93. debug1: identity file /Users/vladimir/.ssh/id_xmss type -1
  94. debug1: identity file /Users/vladimir/.ssh/id_xmss-cert type -1
  95. debug1: Local version string SSH-2.0-OpenSSH_7.9
  96. debug1: Remote protocol version 2.0, remote software version OpenSSH_7.4p1 Debian-10+deb9u5
  97. debug1: match: OpenSSH_7.4p1 Debian-10+deb9u5 pat OpenSSH_7.0*,OpenSSH_7.1*,OpenSSH_7.2*,OpenSSH_7.3*,OpenSSH_7.4*,OpenSSH_7.5*,OpenSSH_7.6*,OpenSSH_7.7* compat 0x04000002
  98. debug2: fd 5 setting O_NONBLOCK
  99. debug1: Authenticating to beshelmek.org:22 as 'root'
  100. debug3: hostkeys_foreach: reading file "/Users/vladimir/.ssh/known_hosts"
  101. debug3: record_hostkey: found key type ECDSA in file /Users/vladimir/.ssh/known_hosts:4
  102. debug3: load_hostkeys: loaded 1 keys from beshelmek.org
  103. debug3: hostkeys_foreach: reading file "/Users/vladimir/.ssh/known_hosts2"
  104. debug3: record_hostkey: found key type ECDSA in file /Users/vladimir/.ssh/known_hosts2:4
  105. debug3: record_hostkey: found key type ECDSA in file /Users/vladimir/.ssh/known_hosts2:53
  106. debug3: record_hostkey: found key type ECDSA in file /Users/vladimir/.ssh/known_hosts2:91
  107. debug3: record_hostkey: found key type ECDSA in file /Users/vladimir/.ssh/known_hosts2:119
  108. debug3: record_hostkey: found key type ECDSA in file /Users/vladimir/.ssh/known_hosts2:142
  109. debug3: record_hostkey: found key type ECDSA in file /Users/vladimir/.ssh/known_hosts2:159
  110. debug3: record_hostkey: found key type ECDSA in file /Users/vladimir/.ssh/known_hosts2:174
  111. debug3: load_hostkeys: loaded 7 keys from beshelmek.org
  112. debug3: order_hostkeyalgs: prefer hostkeyalgs: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521
  113. debug3: send packet: type 20
  114. debug1: SSH2_MSG_KEXINIT sent
  115. debug3: receive packet: type 20
  116. debug1: SSH2_MSG_KEXINIT received
  117. debug2: local client KEXINIT proposal
  118. debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1,ext-info-c
  119. debug2: host key algorithms: ecdsa-sha2-nistp256-cert-v01@openssh.com,ecdsa-sha2-nistp384-cert-v01@openssh.com,ecdsa-sha2-nistp521-cert-v01@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-ed25519-cert-v01@openssh.com,rsa-sha2-512-cert-v01@openssh.com,rsa-sha2-256-cert-v01@openssh.com,ssh-rsa-cert-v01@openssh.com,ssh-ed25519,rsa-sha2-512,rsa-sha2-256,ssh-rsa
  120. debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
  121. debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
  122. debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
  123. debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
  124. debug2: compression ctos: none,zlib@openssh.com,zlib
  125. debug2: compression stoc: none,zlib@openssh.com,zlib
  126. debug2: languages ctos:
  127. debug2: languages stoc:
  128. debug2: first_kex_follows 0
  129. debug2: reserved 0
  130. debug2: peer server KEXINIT proposal
  131. debug2: KEX algorithms: curve25519-sha256,curve25519-sha256@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group14-sha256,diffie-hellman-group14-sha1
  132. debug2: host key algorithms: ssh-rsa,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp256,ssh-ed25519
  133. debug2: ciphers ctos: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
  134. debug2: ciphers stoc: chacha20-poly1305@openssh.com,aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com
  135. debug2: MACs ctos: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
  136. debug2: MACs stoc: umac-64-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2-256-etm@openssh.com,hmac-sha2-512-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,umac-128@openssh.com,hmac-sha2-256,hmac-sha2-512,hmac-sha1
  137. debug2: compression ctos: none,zlib@openssh.com
  138. debug2: compression stoc: none,zlib@openssh.com
  139. debug2: languages ctos:
  140. debug2: languages stoc:
  141. debug2: first_kex_follows 0
  142. debug2: reserved 0
  143. debug1: kex: algorithm: curve25519-sha256
  144. debug1: kex: host key algorithm: ecdsa-sha2-nistp256
  145. debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
  146. debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
  147. debug3: send packet: type 30
  148. debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
  149. debug3: receive packet: type 31
  150. debug1: Server host key: ecdsa-sha2-nistp256 SHA256:AwLHKbATV9hpEv71Xb09BHH1m6RKDRCoEFtiZpexXKg
  151. debug3: hostkeys_foreach: reading file "/Users/vladimir/.ssh/known_hosts"
  152. debug3: record_hostkey: found key type ECDSA in file /Users/vladimir/.ssh/known_hosts:4
  153. debug3: load_hostkeys: loaded 1 keys from beshelmek.org
  154. debug3: hostkeys_foreach: reading file "/Users/vladimir/.ssh/known_hosts2"
  155. debug3: record_hostkey: found key type ECDSA in file /Users/vladimir/.ssh/known_hosts2:4
  156. debug3: record_hostkey: found key type ECDSA in file /Users/vladimir/.ssh/known_hosts2:53
  157. debug3: record_hostkey: found key type ECDSA in file /Users/vladimir/.ssh/known_hosts2:91
  158. debug3: record_hostkey: found key type ECDSA in file /Users/vladimir/.ssh/known_hosts2:119
  159. debug3: record_hostkey: found key type ECDSA in file /Users/vladimir/.ssh/known_hosts2:142
  160. debug3: record_hostkey: found key type ECDSA in file /Users/vladimir/.ssh/known_hosts2:159
  161. debug3: record_hostkey: found key type ECDSA in file /Users/vladimir/.ssh/known_hosts2:174
  162. debug3: load_hostkeys: loaded 7 keys from beshelmek.org
  163. debug3: hostkeys_foreach: reading file "/Users/vladimir/.ssh/known_hosts"
  164. debug3: record_hostkey: found key type ECDSA in file /Users/vladimir/.ssh/known_hosts:14
  165. debug3: load_hostkeys: loaded 1 keys from 172.17.0.1
  166. debug3: hostkeys_foreach: reading file "/Users/vladimir/.ssh/known_hosts2"
  167. debug3: record_hostkey: found key type ECDSA in file /Users/vladimir/.ssh/known_hosts2:14
  168. debug3: record_hostkey: found key type ECDSA in file /Users/vladimir/.ssh/known_hosts2:63
  169. debug3: record_hostkey: found key type ECDSA in file /Users/vladimir/.ssh/known_hosts2:102
  170. debug3: record_hostkey: found key type ECDSA in file /Users/vladimir/.ssh/known_hosts2:130
  171. debug3: record_hostkey: found key type ECDSA in file /Users/vladimir/.ssh/known_hosts2:153
  172. debug3: record_hostkey: found key type ECDSA in file /Users/vladimir/.ssh/known_hosts2:170
  173. debug3: load_hostkeys: loaded 6 keys from 172.17.0.1
  174. debug1: Host 'beshelmek.org' is known and matches the ECDSA host key.
  175. debug1: Found key in /Users/vladimir/.ssh/known_hosts:4
  176. debug3: send packet: type 21
  177. debug2: set_newkeys: mode 1
  178. debug1: rekey after 134217728 blocks
  179. debug1: SSH2_MSG_NEWKEYS sent
  180. debug1: expecting SSH2_MSG_NEWKEYS
  181. debug3: receive packet: type 21
  182. debug1: SSH2_MSG_NEWKEYS received
  183. debug2: set_newkeys: mode 0
  184. debug1: rekey after 134217728 blocks
  185. debug1: Will attempt key: /usr/local/lib/librtpkcs11ecp.dylib RSA SHA256:5HRoCccbOqdC+QqToOqIM8LTgdaG93Hy7UavOgcPoSg token
  186. debug1: Will attempt key: /Users/vladimir/.ssh/id_rsa
  187. debug1: Will attempt key: /Users/vladimir/.ssh/id_dsa
  188. debug1: Will attempt key: /Users/vladimir/.ssh/id_ecdsa
  189. debug1: Will attempt key: /Users/vladimir/.ssh/id_ed25519
  190. debug1: Will attempt key: /Users/vladimir/.ssh/id_xmss
  191. debug2: pubkey_prepare: done
  192. debug3: send packet: type 5
  193. debug3: receive packet: type 7
  194. debug1: SSH2_MSG_EXT_INFO received
  195. debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ssh-rsa,ssh-dss,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521>
  196. debug3: receive packet: type 6
  197. debug2: service_accept: ssh-userauth
  198. debug1: SSH2_MSG_SERVICE_ACCEPT received
  199. debug3: send packet: type 50
  200. debug3: receive packet: type 51
  201. debug1: Authentications that can continue: publickey,password
  202. debug3: start over, passed a different list publickey,password
  203. debug3: preferred publickey,keyboard-interactive,password
  204. debug3: authmethod_lookup publickey
  205. debug3: remaining preferred: keyboard-interactive,password
  206. debug3: authmethod_is_enabled publickey
  207. debug1: Next authentication method: publickey
  208. debug1: Offering public key: /usr/local/lib/librtpkcs11ecp.dylib RSA SHA256:5HRoCccbOqdC+QqToOqIM8LTgdaG93Hy7UavOgcPoSg token
  209. debug3: send packet: type 50
  210. debug2: we sent a publickey packet, wait for reply
  211. debug3: receive packet: type 51
  212. debug1: Authentications that can continue: publickey,password
  213. debug1: Trying private key: /Users/vladimir/.ssh/id_rsa
  214. debug3: no such identity: /Users/vladimir/.ssh/id_rsa: No such file or directory
  215. debug1: Trying private key: /Users/vladimir/.ssh/id_dsa
  216. debug3: no such identity: /Users/vladimir/.ssh/id_dsa: No such file or directory
  217. debug1: Trying private key: /Users/vladimir/.ssh/id_ecdsa
  218. debug3: no such identity: /Users/vladimir/.ssh/id_ecdsa: No such file or directory
  219. debug1: Trying private key: /Users/vladimir/.ssh/id_ed25519
  220. debug3: no such identity: /Users/vladimir/.ssh/id_ed25519: No such file or directory
  221. debug1: Trying private key: /Users/vladimir/.ssh/id_xmss
  222. debug3: no such identity: /Users/vladimir/.ssh/id_xmss: No such file or directory
  223. debug2: we did not send a packet, disable method
  224. debug3: authmethod_lookup password
  225. debug3: remaining preferred: ,password
  226. debug3: authmethod_is_enabled password
  227. debug1: Next authentication method: password
  228. root@beshelmek.org's password:
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
Top