host_key and fingerprint problem with protocol 2
Stephan Hendl
Stephan.Hendl at lds.brandenburg.de
Fri Sep 20 23:11:30 EST 2002
Hi all,
I just want to upgrade from protocol 1.5 to 1.99 and 2.0, respectively and run into the following problems:
The situation is the following:
I have a client ("c") inside the firewall and two servers outside ("a" and "b"). The firewall accepts connections on two ports (22136 and 22137) and directs the connections directly to port 22 of the two servers "a" und "b". The command I have to type in is
ssh -p 22136 root at firewall
as well as
ssh -p 22137 root at firewall
and the first one connects me to the server "a" where the second one connects me to servber "b". The two servers have identical host-keys fpr rsa1, rsa und dsa cases. With protocal 1.5 the client learned the host_key and everything worked fine that means I can connect with "a" and "b" and the client doesn't tell me something from "man in the middle..."
With the lines
ssh -2 -p 22136 root at firewall
as well as
ssh -2 -p 22137 root at firewall
the client doesn't recognise that the host_keys are identical and says everytime that there can be a "man in the middle..."
Does have anybody a solution?
Regards
Stephan
--
LDS Brandenburg
Dr. Stephan Hendl
fon: +49-(0)331-39 471
fax: +49-(0)331-27548 1187
EMail: stephan.hendl at lds.brandenburg.de
More information about the openssh-unix-dev
mailing list