Manual Page for ssh_config
Roumen Petrov
openssh at roumenpetrov.info
Wed May 7 23:27:11 EST 2003
Hi Dirk,
Please find answers in quoted text.
Dirk Gouders wrote:
>Hello,
>
>I am using OpenSSH on a FreeBSD box
>(OpenSSH_3.5p1 FreeBSD-20030201, SSH protocols 1.5/2.0, OpenSSL 0x0090701f)
>and I noticed that the manual page for ssh_config probably needs to be
>fixed. The manual page says that the default value for the parameter
>HostKeyAlgorithms is "ssh-rsa,ssh-dss" but that seems to be wrong,
>
definitely NO
>because ssh only uses RSA-Keys in my .ssh/known_hosts if I
>explicitly set the parameter with "ssh-rsa,ssh-dss". If the
>
Please check closely:
1. command-line options
2. user's configuration file ($HOME/.ssh/config)
3. system-wide configuration file (usually /etc/ssh/ssh_config)
>parameter remains commented out, ssh doesn't use the already known
>RSA key:
>
Are you sure ?
>WARNING: RSA key found for host somehost.myorg
>in /home/somebody/.ssh/known_hosts:1
>RSA key fingerprint d9:ea:ea:c6:10:ab:59:92:87:c9:f0:40:d4:b7:9b:77.
>The authenticity of host 'somehost.myorg (192.168.0.22)' can't be established,
>but keys of different type are already known for this host.
>DSA key fingerprint is 14:cc:25:36:17:77:a9:e2:40:84:5a:03:b7:b1:08:5f.
>Are you sure you want to continue connecting (yes/no)? no
>
Just write "yes" and see what happen at next session.
>Host key verification failed
>
>[SNIP]
>
I think that your server was started only (!) with DSS key, after this a
RSA key is added and restarted or at first session to "somehost.myorg"
HostKeyAlgorithms was "ssh-dss,ssh-rsa".
--
Get X.509 certificate support in OpenSSH:
http://roumenpetrov.info/openssh
More information about the openssh-unix-dev
mailing list