[Bug 3615] Host Based Authentication is failing
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Thu Sep 21 19:20:05 AEST 2023
https://bugzilla.mindrot.org/show_bug.cgi?id=3615
--- Comment #9 from Darren Tucker <dtucker at dtucker.net> ---
(In reply to Richard Kreutzer from comment #6)
> As you can see from the attachment, the system wide server
> "ssh_known_hosts" file "/etc/ssh/ssh_known_hosts" contains:
[...]
> I.e., with "root at basement-gentoo.krautclan.com" instead of just
> "root at basement-gentoo"?
No, the hostname is at the start of the line and yours are missing, so:
basement-gentoo.krautclan.com ssh-rsa
AAAAB3NzaC1yc2EAAAADAQABAAABgQCfedQjNbC4......yxew4wj8afDkuQHS8AtZ8=
root at basement-gentoo.krautclan.com
from sshd(8): SSH_KNOWN_HOSTS FILE FORMAT section:
Each line in these files contains the following fields: marker
(optional), hostnames, key‐
type, base64-encoded key, comment. The fields are separated by
spaces.
> I always thought that these were just comments
The parts at the end are comments.
> Attached is the new server side debug output, and it contains the
> same "Failed" message. I must be misunderstanding something about
> what you are saying. Would it be safe to post here my public keys
> from the client (e.g., /etc/ssh/ssh_host_ed25519_key.pub) and my
> /etc/ssh/ssh_known_hosts file from the server?
It should be safe since they're public keys, I wouldn't unless you need
to and you don't need to.
> Those are the files involved, right?
Yes. You would need to add the hostname before the contents of the
.pub file then put it in known_hosts.
--
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.
More information about the openssh-bugs
mailing list