[Bug 666] 'BatchMode yes' makes ssh(1) look for /usr/local/etc/ssh_known_hosts

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Thu Sep 18 05:32:37 EST 2003


http://bugzilla.mindrot.org/show_bug.cgi?id=666

           Summary: 'BatchMode yes' makes ssh(1) look for
                    /usr/local/etc/ssh_known_hosts
           Product: Portable OpenSSH
           Version: 3.7.1p1
          Platform: Alpha
        OS/Version: OSF/1
            Status: NEW
          Severity: critical
          Priority: P2
         Component: sshd
        AssignedTo: openssh-bugs at mindrot.org
        ReportedBy: mmokrejs at natur.cuni.cz


When there's no /usr/local/etc/ssh_known_hosts and ssh_config says: "BatchMode
yes", the clients get:

$ ssh bontebok
Host key verification failed.
$


When the file is present with the public key of target machine, user receives:

debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug3: check_host_in_hostfile: filename /home/users/mokrejs/.ssh/known_hosts
debug3: check_host_in_hostfile: filename /usr/local/etc/ssh_known_hosts
debug3: check_host_in_hostfile: match line 1
debug3: check_host_in_hostfile: filename /home/users/mokrejs/.ssh/known_hosts
debug3: check_host_in_hostfile: filename /usr/local/etc/ssh_known_hosts
debug3: check_host_in_hostfile: match line 1
debug1: Host 'bontebok' is known and matches the RSA host key.
debug1: Found key in /usr/local/etc/ssh_known_hosts:1
debug2: bits set: 1627/3191
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /home/users/mokrejs/.ssh/identity (0)
debug2: key: /home/users/mokrejs/.ssh/id_rsa (0)
debug2: key: /home/users/mokrejs/.ssh/id_dsa (0)
debug1: Authentications that can continue: publickey,password,keyboard-interactive
debug3: start over, passed a different list publickey,password,keyboard-interactive
debug3: preferred gssapi,publickey
debug3: authmethod_lookup publickey
debug3: remaining preferred: ,publickey
debug3: authmethod_is_enabled publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /home/users/mokrejs/.ssh/identity
debug3: no such identity: /home/users/mokrejs/.ssh/identity
debug1: Trying private key: /home/users/mokrejs/.ssh/id_rsa
debug3: no such identity: /home/users/mokrejs/.ssh/id_rsa
debug1: Trying private key: /home/users/mokrejs/.ssh/id_dsa
debug3: no such identity: /home/users/mokrejs/.ssh/id_dsa
debug2: we did not send a packet, disable method
debug1: No more authentication methods to try.
Permission denied (publickey,password,keyboard-interactive).
debug1: Calling cleanup 0x1200708e0(0x0)



If the key in /usr/local/etc/ssh_known_hosts is wrong, it ssh(1) should say so.



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.




More information about the openssh-bugs mailing list