SSH v2 known-hosts problem.
Berend De Schouwer
bds at jhb.ucs.co.za
Fri May 19 06:21:56 EST 2000
On 18 May, Markus Friedl wrote:
> could you please send me the public key? (and the private key if
> you want to generate a new host key)
Okay, here they are. The server's key was regenerated, and the
machines are not reachable over the Internet anyway. I hope people
will forgive the attachments: they are tiny.
I'd like to point out that it works fine with the new public/private
key. The file looks identical in format and size - but of course a
different key.
> On Thu, May 18, 2000 at 05:04:34PM +0200, Berend De Schouwer wrote:
>> When I connect from machine A to machine B, using ssh protocol 2, both
>> running openssh2.1.0, there is a problem with comparing server DSA
>> public keys to ~/.ssh/known_hosts2.
>>
>> The first time, it says
>> The authenticity of host 'B' can't be established.
>> DSA key fingerprint is blah-blah-blah
>> Are you sure you want to continue connecting (yes/no)?
>>
>> If I type 'yes', it gets added to ~/.ssh/known_hosts2.
>> (as it should). An entry gets added like:
>> B,1.2.3.4 ssh-dss blah-blah-blah
>>
>> However, if I disconnect and connect again, it still says:
>> The authenticity of host 'B' can't be established.
>> DSA key fingerprint is blah-blah-blah
>> Are you sure you want to continue connecting (yes/no)?
>>
>> If I say yes, it creates an identical second line to
>> ~/.ssh/known_hosts2. Somewhere a comparison isn't working.
>>
>> An strace indicates that the ssh client indeed reads
>> ~/.ssh/known-hosts2. The entry looks like the system B
>> ssh_host_dsa_key.pub, so I assume the server is sending its DSA key.
>>
>>
>> --
>> Kind regards,
>> Berend
>>
>> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
>> Berend De Schouwer, +27-11-712-1435, UCS
>>
>>
--
Kind regards,
Berend
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Berend De Schouwer, +27-11-712-1435, UCS
-------------- next part --------------
-----BEGIN DSA PRIVATE KEY-----
MIIBvAIBAAKBgQDJiDcknrjQeAz5/S8oN3QLeUhieas9Bdgr2nQSzSsgIOs4PeKb
mk74yC67v7JE9SgO+8ZjEnOoTUpmUTWgxPmTSMfdFZW5s/ct5cHNk1xGZrDx/yQo
2OvhUcFkQNqgEaUu72Ie2A+y+LTWxmhJjpop10BI3UW+T0mHQkHJKDSUzQIVAODP
IYSWVZat4+SmN8iRpnWPUSzjAoGBAKL+1z0Hrlzlo9wB1f0uRJNPg64QLiXlLTG0
zBNhnFPeKGmTfdt8s2//c1IpngFyG7R5k846F3lppcGtzSpBl+27ewjb6cHsmgAr
c2gfY8UMSBP2ID9crmIBVqiPugJ0RUUNAl1ADZDcP9EDVq9kVOyx6i6OpOTeMNcs
gMrja/p9AoGBAIvFevrxHnKULU4H5UilolEqbusP1rEsKW+M+bSqqm9I88Hc2cMp
JlaP5b/5zLd8s9FmmnWJv4NR9DTa1cySeKlzmmSjwhxgQEzRLGVp5i2B3D2NMq+G
onk+LKFp4IdL6ODefLTBkRGIiiP8BXWs42TJbTcWiHhL3u1240f0bHB/AhQc8anw
VPZRIhdCVNglSGHy8RHz2A==
-----END DSA PRIVATE KEY-----
-------------- next part --------------
ssh-dss AAAAB3NzaC1kc3MAAACBAMmINySeuNB4DPn9Lyg3dAt5SGJ5qz0F2CvadBLNKyAg6zg94puaTvjILru/skT1KA77xmMSc6hNSmZRNaDE+ZNIx90Vlbmz9y3lwc2TXEZmsPH/JCjY6+FRwWRA2qARpS7vYh7YD7L4tNbGaEmOminXQEjdRb5PSYdCQckoNJTNAAAAFQDgzyGEllWWrePkpjfIkaZ1j1Es4wAAAIEAov7XPQeuXOWj3AHV/S5Ek0+DrhAuJeUtMbTME2GcU94oaZN923yzb/9zUimeAXIbtHmTzjoXeWmlwa3NKkGX7bt7CNvpweyaACtzaB9jxQxIE/YgP1yuYgFWqI+6AnRFRQ0CXUANkNw/0QNWr2RU7LHqLo6k5N4w1yyAyuNr+n0AAACBAIvFevrxHnKULU4H5UilolEqbusP1rEsKW+M+bSqqm9I88Hc2cMpJlaP5b/5zLd8s9FmmnWJv4NR9DTa1cySeKlzmmSjwhxgQEzRLGVp5i2B3D2NMq+Gonk+LKFp4IdL6ODefLTBkRGIiiP8BXWs42TJbTcWiHhL3u1240f0bHB/ root at javasrv.ucs.co.za
-------------- next part --------------
javasrv.ucs.co.za,172.31.1.217 ssh-dss AAAAB3NzaC1kc3MAAACBAMmINySeuNB4DPn9Lyg3dAt5SGJ5qz0F2CvadBLNKyAg6zg94puaTvjILru/skT1KA77xmMSc6hNSmZRNaDE+ZNIx90Vlbmz9y3lwc2TXEZmsPH/JCjY6+FRwWRA2qARpS7vYh7YD7L4tNbGaEmOminXQEjdRb5PSYdCQckoNJTNAAAAFQDgzyGEllWWrePkpjfIkaZ1j1Es4wAAAIEAov7XPQeuXOWj3AHV/S5Ek0+DrhAuJeUtMbTME2GcU94oaZN923yzb/9zUimeAXIbtHmTzjoXeWmlwa3NKkGX7bt7CNvpweyaACtzaB9jxQxIE/YgP1yuYgFWqI+6AnRFRQ0CXUANkNw/0QNWr2RU7LHqLo6k5N4w1yyAyuNr+n0AAACBAIvFevrxHnKULU4H5UilolEqbusP1rEsKW+M+bSqqm9I88Hc2cMpJlaP5b/5zLd8s9FmmnWJv4NR9DTa1cySeKlzmmSjwhxgQEzRLGVp5i2B3D2NMq+Gonk+LKFp4IdL6ODefLTBkRGIiiP8BXWs42TJbTcWiHhL3u1240f0bHB/
javasrv.ucs.co.za,172.31.1.217 ssh-dss AAAAB3NzaC1kc3MAAACBAMmINySeuNB4DPn9Lyg3dAt5SGJ5qz0F2CvadBLNKyAg6zg94puaTvjILru/skT1KA77xmMSc6hNSmZRNaDE+ZNIx90Vlbmz9y3lwc2TXEZmsPH/JCjY6+FRwWRA2qARpS7vYh7YD7L4tNbGaEmOminXQEjdRb5PSYdCQckoNJTNAAAAFQDgzyGEllWWrePkpjfIkaZ1j1Es4wAAAIEAov7XPQeuXOWj3AHV/S5Ek0+DrhAuJeUtMbTME2GcU94oaZN923yzb/9zUimeAXIbtHmTzjoXeWmlwa3NKkGX7bt7CNvpweyaACtzaB9jxQxIE/YgP1yuYgFWqI+6AnRFRQ0CXUANkNw/0QNWr2RU7LHqLo6k5N4w1yyAyuNr+n0AAACBAIvFevrxHnKULU4H5UilolEqbusP1rEsKW+M+bSqqm9I88Hc2cMpJlaP5b/5zLd8s9FmmnWJv4NR9DTa1cySeKlzmmSjwhxgQEzRLGVp5i2B3D2NMq+Gonk+LKFp4IdL6ODefLTBkRGIiiP8BXWs42TJbTcWiHhL3u1240f0bHB/
More information about the openssh-unix-dev
mailing list