[Bug 3615] Host Based Authentication is failing

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Thu Sep 21 17:56:50 AEST 2023


https://bugzilla.mindrot.org/show_bug.cgi?id=3615

--- Comment #6 from Richard Kreutzer <tunerooster at gmail.com> ---
As you can see from the attachment, the system wide server
"ssh_known_hosts" file "/etc/ssh/ssh_known_hosts" contains:

ecdsa-sha2-nistp256
AAAAE2VjZHNhLXNoYTItbmlzdHAy......XS3md3R0NHMLQWw31fNw4w+yrp9QnZ9Q=
root at basement-gentoo
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKFcXDLipuVO......aWlJ6xQJhC
root at basement-gentoo
ssh-rsa
AAAAB3NzaC1yc2EAAAADAQABAAABgQCfedQjNbC4......yxew4wj8afDkuQHS8AtZ8=
root at basement-gentoo

Are you saying it should be:

ecdsa-sha2-nistp256
AAAAE2VjZHNhLXNoYTItbmlzdHAy......XS3md3R0NHMLQWw31fNw4w+yrp9QnZ9Q=
root at basement-gentoo.krautclan.com
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIKFcXDLipuVO......aWlJ6xQJhC
root at basement-gentoo.krautclan.com
ssh-rsa
AAAAB3NzaC1yc2EAAAADAQABAAABgQCfedQjNbC4......yxew4wj8afDkuQHS8AtZ8=
root at basement-gentoo.krautclan.com

I.e., with "root at basement-gentoo.krautclan.com" instead of just
"root at basement-gentoo"?

I always thought that these were just comments so one would know where
they came from.  In any case I changed ssh_know_hosts on the server
with the added domain name.  Now when I run: "ssh -vvv -o
PreferredAuthentications=hostbased gemini pwd" I just get: "rwk at gemini:
Permission denied (publickey,password,hostbased)."

Attached is the new server side debug output, and it contains the same
"Failed" message.  I must be misunderstanding something about what you
are saying.  Would it be safe to post here my public keys from the
client (e.g., /etc/ssh/ssh_host_ed25519_key.pub) and my
/etc/ssh/ssh_known_hosts file from the server?  Those are the files
involved, right?

-- 
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list