[ale] ssh issue

Michael H. Warfield mhw at WittsEnd.com
Fri May 16 16:04:19 EDT 2008 

On Fri, 2008-05-16 at 13:04 -0600, Robert L. Harris wrote:

> I just upgraded SSH on two hosts due to the security vulnerability.  The
> remote machine is Debian Woody running openssh-client 4.3p2-9, server is
> the same level.  One of the two local machines is ubuntu gutsy running
> 1:4.6p1-5ubuntu0.5 for both client and server.  The other local machine
> is debian sarge running: 3.8.1p1-8.sarg.

> When i ssh from the remote machine to local I get:

> debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
> debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
> debug3: check_host_in_hostfile: filename /home/robert/.ssh/known_hosts
> debug3: check_host_in_hostfile: filename /etc/ssh/ssh_known_hosts
> debug3: check_host_in_hostfile: filename /home/robert/.ssh/known_hosts
> debug3: check_host_in_hostfile: filename /etc/ssh/ssh_known_hosts
> debug3: check_host_in_hostfile: filename /home/robert/.ssh/known_hosts
> debug3: check_host_in_hostfile: filename /etc/ssh/ssh_known_hosts
> debug2: no key of type 0 for host harvard
> debug3: check_host_in_hostfile: filename /home/robert/.ssh/known_hosts2
> debug3: check_host_in_hostfile: filename /etc/ssh/ssh_known_hosts2
> debug3: check_host_in_hostfile: filename /home/robert/.ssh/known_hosts
> debug3: check_host_in_hostfile: filename /etc/ssh/ssh_known_hosts
> debug2: no key of type 2 for host harvard
> Host key verification failed.

> ~  I get the same message no matter which local machine I'm sshing to.  I
> have a debian lenny box with which can connect successfully to both
> local hosts.  I have removed /home/robert/.ssh/known_hosts on the
> remote machine and I still get that entry.

> ~  Anyone have any ideas?

	Do you have StrictHostKeyChecking set to "yes" or "ask".  It's acting
like it's set to "yes" at which time it won't ask you to add the key,
it'll simple refuse to work if it doesn't have a host key for that host.

> - --
> 
> :wq!
> - 
> ---------------------------------------------------------------------------
> Robert L. Harris                     | GPG Key ID: E344DA3B
> ~                                         @ x-hkp://pgp.mit.edu
> DISCLAIMER:
> ~      These are MY OPINIONS             With Dreams To Be A King,
> ~       ALONE.  I speak for              First One Should Be A Man
> ~       no-one else.                       - Manowar

	Mike
-- 
Michael H. Warfield (AI4NB) | (770) 985-6132 |  mhw at WittsEnd.com
   /\/\|=mhw=|\/\/          | (678) 463-0932 |  http://www.wittsend.com/mhw/
   NIC whois: MHW9          | An optimist believes we live in the best of all
 PGP Key: 0xDF1DD471        | possible worlds.  A pessimist is sure of it!

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 307 bytes
Desc: This is a digitally signed message part
Url : http://mail.ale.org/pipermail/ale/attachments/20080516/c3c27470/attachment.bin

More information about the Ale mailing list