[ale] ssh issue

Robert L. Harris robert.l.harris at gmail.com
Fri May 16 16:13:03 EDT 2008 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



On the remote client (the one doing the SSH) I have:

#   StrictHostKeyChecking ask

so it's commented out.


Michael H. Warfield wrote:
| On Fri, 2008-05-16 at 13:04 -0600, Robert L. Harris wrote:
|
|> I just upgraded SSH on two hosts due to the security vulnerability.  The
|> remote machine is Debian Woody running openssh-client 4.3p2-9, server is
|> the same level.  One of the two local machines is ubuntu gutsy running
|> 1:4.6p1-5ubuntu0.5 for both client and server.  The other local machine
|> is debian sarge running: 3.8.1p1-8.sarg.
|
|> When i ssh from the remote machine to local I get:
|
|> debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
|> debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
|> debug3: check_host_in_hostfile: filename /home/robert/.ssh/known_hosts
|> debug3: check_host_in_hostfile: filename /etc/ssh/ssh_known_hosts
|> debug3: check_host_in_hostfile: filename /home/robert/.ssh/known_hosts
|> debug3: check_host_in_hostfile: filename /etc/ssh/ssh_known_hosts
|> debug3: check_host_in_hostfile: filename /home/robert/.ssh/known_hosts
|> debug3: check_host_in_hostfile: filename /etc/ssh/ssh_known_hosts
|> debug2: no key of type 0 for host harvard
|> debug3: check_host_in_hostfile: filename /home/robert/.ssh/known_hosts2
|> debug3: check_host_in_hostfile: filename /etc/ssh/ssh_known_hosts2
|> debug3: check_host_in_hostfile: filename /home/robert/.ssh/known_hosts
|> debug3: check_host_in_hostfile: filename /etc/ssh/ssh_known_hosts
|> debug2: no key of type 2 for host harvard
|> Host key verification failed.
|
|> ~  I get the same message no matter which local machine I'm sshing to.  I
|> have a debian lenny box with which can connect successfully to both
|> local hosts.  I have removed /home/robert/.ssh/known_hosts on the
|> remote machine and I still get that entry.
|
|> ~  Anyone have any ideas?
|
|     Do you have StrictHostKeyChecking set to "yes" or "ask".  It's acting
| like it's set to "yes" at which time it won't ask you to add the key,
| it'll simple refuse to work if it doesn't have a host key for that host.
|
|> - --
|>
|> :wq!
|> -
|> 
---------------------------------------------------------------------------
|> Robert L. Harris                     | GPG Key ID: E344DA3B
|> ~                                         @ x-hkp://pgp.mit.edu
|> DISCLAIMER:
|> ~      These are MY OPINIONS             With Dreams To Be A King,
|> ~       ALONE.  I speak for              First One Should Be A Man
|> ~       no-one else.                       - Manowar
|
|     Mike
|
| -------------------------
|
| _______________________________________________
| Ale mailing list
| Ale at ale.org
| http://mail.ale.org/mailman/listinfo/ale

- --

:wq!
- 
---------------------------------------------------------------------------
Robert L. Harris                     | GPG Key ID: E344DA3B
~                                         @ x-hkp://pgp.mit.edu
DISCLAIMER:
~      These are MY OPINIONS             With Dreams To Be A King,
~       ALONE.  I speak for              First One Should Be A Man
~       no-one else.                       - Manowar

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (Darwin)

iD8DBQFILerP8+1vMONE2jsRAvMMAJ9GMVfipsdk4RxXotqXMLybIk9H6ACg3bIl
KRjvfY4s6EHu/F4TNo1p/Aw=
=eeZ6
-----END PGP SIGNATURE-----

More information about the Ale mailing list