Re: SSH issues with 4.9 stable (key_verify failed for server_host_key)

From: Daren Desjardins (desjardins_at_canada.com)
Date: 03/31/04

  • Next message: Daren Desjardins: "Re: SSH issues with 4.9 stable (key_verify failed for server_host_key)" 
    To: David.E.Tweten@nasa.gov
Date: Wed, 31 Mar 2004 16:27:52 -0500

    > >... the base system seems to force a DSA host key authentication, whereas the
    > >port and openssh release use RSA ...
    >
    > Why do you care? Give your machine all three kinds of machine key
    > (protocol 1.5, protocol 2.0 RSA, and protocol 2.0 DSA). If you want to
    > use public key authentication, give yourself all three types of personal
    > key too. That way, you are prepared for whatever slight misconfiguration
    > there may be at the other end of your attempted connection.

    Its not that I care, am just trying to point out anything I can that
    could indicate the cause of the problem.

    I tried using your config files, and the result is included below.

    OpenSSH_3.5p1 FreeBSD-20030924, SSH protocols 1.5/2.0, OpenSSL
    0x0090703f
    debug1: Reading configuration data /etc/ssh/ssh_config
    debug1: Applying options for *
    debug1: ssh_connect: needpriv 1
    debug1: Connecting to daren.ca [3ffe:b80:19a3:1::1] port 22.
    debug1: Allocated local port 1016.
    debug1: connect to address 3ffe:b80:19a3:1::1 port 22: No route to host
    debug1: Connecting to daren.ca [65.49.123.132] port 22.
    debug1: Allocated local port 1015.
    debug1: Connection established.
    debug1: read PEM private key done: type DSA
    debug1: read PEM private key done: type RSA
    debug1: identity file /root/.ssh/identity type -1
    debug1: identity file /root/.ssh/id_rsa type -1
    debug1: identity file /root/.ssh/id_dsa type 2
    debug1: Remote protocol version 2.0, remote software version
    OpenSSH_3.5p1 FreeBSD-20030924
    debug1: match: OpenSSH_3.5p1 FreeBSD-20030924 pat OpenSSH*
    debug1: Enabling compatibility mode for protocol 2.0
    debug1: Local version string SSH-2.0-OpenSSH_3.5p1 ssh_config $Revision:
    1.1.1.1 $
    debug1: SSH2_MSG_KEXINIT sent
    debug1: SSH2_MSG_KEXINIT received
    debug1: kex: server->client arcfour hmac-md5 none
    debug1: kex: client->server arcfour hmac-md5 none
    debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent
    debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
    debug1: dh_gen_key: priv key bits set: 111/256
    debug1: bits set: 1605/3191
    debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
    debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
    No DSA host key is known for daren.ca and you have requested strict
    checking.
    Host key verification failed.
    debug1: Calling cleanup 0x804c158(0x0)

    _______________________________________________
    freebsd-stable@freebsd.org mailing list
    http://lists.freebsd.org/mailman/listinfo/freebsd-stable
    To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org"

  • Next message: Daren Desjardins: "Re: SSH issues with 4.9 stable (key_verify failed for server_host_key)"