start page | rating of books | rating of authors | reviews | copyrights
Book HomeSSH, The Secure ShellSearch this book
PreviousNext

15.6. Troubleshooting

SecureCRT, like any other SSH client, can run into unexpected difficulties interacting with an SSH server. In this section we cover problems specific to SecureCRT. For more general problems, see also Chapter 12, "Troubleshooting and FAQ".

15.6.1. Authentication

When I use an RSA key, SecureCRT says "Internal error loading private key."
SecureCRT accepts only DSA keys for SSH2 (in conformance with the current draft SSH-2 standard). Some other SSH-2 implementations also support RSA keys; these don't work with SecureCRT at present. [Section 3.9.1, "Public-Key Algorithms"]

I tried loading a key generated by another SSH-2 implementation, but SecureCRT says "The private key is corrupt."
While SSH protocol draft standard specifies how keys are represented within an SSH session, it doesn't cover formats for storing those keys in files. As a result, implementors are free to make up different, incompatible formats, making your life difficult. This is true of both SSH1 and SSH2, although there is less difference among SSH1 implementations than among SSH2. Since this may change, we will just say: "contact the vendor."

After typing my passphrase, I get a dialog box, "SSH_SMSG_FAILURE: invalid SSH state," and the session disconnects without logging me in.
No pseudo-tty is being allocated. Possibly your remote account has the no-pty option set in its authorized_keys file. [Section 8.2.9, "Disabling TTY Allocation"]

SSH-2 authentication fails with the message "SecureCRT is disconnecting from the SSH server for the following reason: reason code 2."
At press time, some SSH-2 clients and servers from different vendors don't work together due to different interpretations of the SSH-2 draft standard. We hope such problems will have settled down by the time you read this. In the meantime, make sure you select the correct SSH Server in SecureCRT's Properties window, under Connection. To determine the type of server to which you are connecting, telnet to the server machine's SSH port (usually 22) and read the version string that appears. Using MS-DOS telnet, type:

telnet server.example.com 22
and a window opens with a response like:

SSH-1.99-2.0.13 F-SECURE SSH
indicating (in this case) F-Secure SSH Server Version 2.0.13.

15.6.2. Forwarding

I can't do port forwarding. I get a message that the port is already in use.
Do you have another SecureCRT window open and connected with the same port forwarding setup? You can't have two connections forwarding the same local port. As a workaround, create a second session that duplicates the first, but with a different local port number. Now you can use both sessions simultaneously.

PreviousHomeNext
15.5. ForwardingBook Index15.7. Summary
Library Navigation Links

Copyright © 2002 O'Reilly & Associates. All rights reserved.