Manual Page for ssh_config

Dirk GOUDERS gouders at 'et.bocholt.fh-ge.de'
Sat May 10 00:26:50 EST 2003 

 > Sorry, but I cannot understand where is problem and I cannot test with 
 > too old server version (insufficient time).

Thanks for your reply and sorry for the prior use of an out of date
version.

I did some more testing and on a GNU/Linux system, I installed a newer
OpenSSH version (the same as on my FreeBSD system) and noticed that
the two systems behave different with identical configuration files.

On both machines, I have no key for localhost in the file
~/.ssh/known_hosts.
On the GNU/Linux system, if I try to connect to localhost, the RSA key
fingerprint is printed and I get asked if I am sure that I want to
connect, but on the FreeBSD machine the DSA key fingerprint is
printed before the question.

Well, with identical OpenSSH versions and configuration files
(sshd_config as well as ssh_config), I am wondering what it is that
could cause the two systems to behave differently...

I attach the console outputs from both machines:

GNU/LINUX:
------------------------------------------------------------------------
OpenSSH_3.5p1, SSH protocols 1.5/2.0, OpenSSL 0x0090600f
debug1: Reading configuration data /usr/etc/ssh_config
debug1: Applying options for *
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: ssh_connect: needpriv 0
debug1: Connecting to localhost [127.0.0.1] port 22.
debug1: Connection established.
debug1: identity file ~/.ssh/identity type -1
debug1: identity file ~/.ssh/id_rsa type -1
debug1: identity file ~/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_3.5p1
debug1: match: OpenSSH_3.5p1 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_3.5p1
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: dh_gen_key: priv key bits set: 140/256
debug1: bits set: 1043/2049
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
The authenticity of host 'localhost (127.0.0.1)' can't be established.
RSA key fingerprint is d9:eb:e9:c6:10:cb:59:93:87:c8:f0:42:d4:b9:9b:77.
Are you sure you want to continue connecting (yes/no)? no
Host key verification failed.
debug1: Calling cleanup 0x8065650(0x0)
------------------------------------------------------------------------
FreeBSD:
------------------------------------------------------------------------
OpenSSH_3.5p1 FreeBSD-20030201, SSH protocols 1.5/2.0, OpenSSL 0x0090701f
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Rhosts Authentication disabled, originating port will not be trusted.
debug1: ssh_connect: needpriv 0
debug1: Connecting to localhost [127.0.0.1] port 22.
debug1: Connection established.
debug1: identity file ~/.ssh/identity type -1
debug1: identity file ~/.ssh/id_rsa type -1
debug1: identity file ~/.ssh/id_dsa type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_3.5p1 FreeBSD-20030201
debug1: match: OpenSSH_3.5p1 FreeBSD-20030201 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_3.5p1 FreeBSD-20030201
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: dh_gen_key: priv key bits set: 121/256
debug1: bits set: 1570/3191
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
The authenticity of host 'localhost (127.0.0.1)' can't be established.
DSA key fingerprint is 4f:a4:6a:63:0b:f0:7f:de:0b:02:9e:5a:2a:81:b0:c8.
Are you sure you want to continue connecting (yes/no)? no
Host key verification failed.
debug1: Calling cleanup 0x804c158(0x0)
------------------------------------------------------------------------

More information about the openssh-unix-dev mailing list