host_key and fingerprint problem with protocol 2

Stephan Hendl Stephan.Hendl at lds.brandenburg.de
Fri Sep 20 23:11:30 EST 2002


Hi all,

I just want to upgrade from protocol 1.5 to 1.99 and 2.0, respectively and run into the following problems:

The situation is the following:

I have a client ("c") inside the firewall and two servers outside ("a" and "b"). The firewall accepts connections on two ports (22136 and 22137) and directs the connections directly to port 22 of the two servers "a" und "b". The command I have to type in is

ssh -p 22136 root at firewall

as well as

ssh -p 22137 root at firewall

and the first one connects me to the server "a" where the second one connects me to servber "b". The two servers have identical host-keys fpr rsa1, rsa und dsa cases. With protocal 1.5 the client learned the host_key and everything worked fine that means I can connect with "a" and "b" and the client doesn't tell me something from "man in the middle..."

With the lines

ssh -2 -p 22136 root at firewall

as well as

ssh -2 -p 22137 root at firewall

the client doesn't recognise that the host_keys are identical and says everytime that there can be a "man in the middle..."

Does have anybody a solution?

Regards
Stephan



--
LDS Brandenburg
Dr. Stephan Hendl
fon: +49-(0)331-39 471
fax: +49-(0)331-27548 1187
EMail: stephan.hendl at lds.brandenburg.de





More information about the openssh-unix-dev mailing list