On Sun, Jan 25, 2009 at 06:50:22PM -0800, Matthew Dillon wrote: > I think YONETANI reported this a few months ago, but it just started > happening to me when I upgraded pkgbox. > > Something is ignoring the host DSA key when a host RSA key is presenting, > causing a mismatch with a pre-existing known_hosts file. > > If I were to say 'yes', then RSA host key would be recorded in my > known_hosts file. > > If I remove the RSA host key file on the server and restart sshd, then > the client properly negotiates using the DSA host key. > > Anyone have any ideas? > > -Matt
Seems like the import of openssh-5.1 reverted the order of the default hostkey algorithm proposal, which has been part of FreeBSD-local preferences for many years: diff --git a/crypto/openssh-5/myproposal.h b/crypto/openssh-5/myproposal.h index 8bdad7b..87a9e58 100644 --- a/crypto/openssh-5/myproposal.h +++ b/crypto/openssh-5/myproposal.h @@ -40,7 +40,7 @@ "diffie-hellman-group1-sha1" #endif -#define KEX_DEFAULT_PK_ALG "ssh-dss,ssh-rsa" +#define KEX_DEFAULT_PK_ALG "ssh-rsa,ssh-dss" #define KEX_DEFAULT_ENCRYPT \ "aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc," \ "arcfour128,arcfour256,arcfour," \ Note that FreeBSD also got rid of this local change about a month earlier than we did: http://docs.freebsd.org/cgi/mid.cgi?200808010253.m712raNF004286 So the quick workaround(if you still prefer DSA over RSA) is to add the following in /etc/ssh_config on ssh clients HostKeyAlgorithms ssh-dsa,ssh-rsa or to make it per-user, add the following two lines in ~/.ssh/config Host foo # or use * if you want to apply any hosts HostKeyAlgorithms ssh-dsa,ssh-rsa Cheers.