On 24 February 2011 13:17, dhk <dhk...@optonline.net> wrote: > On 02/23/2011 03:42 AM, Joost Roeleveld wrote: >> On Tuesday 22 February 2011 14:51:31 Mick wrote: >>> On 22 February 2011 14:19, <dhk...@optonline.net> wrote: >>>> ----- Original Message ----- >>>> From: Mick >>>> >>>>> There was a change in the default ssh encryption algorithm. You may >>>>> want to check if that is causing the problem. >>>> >>>> How would I do that? >>> >>> By examining your config files? Previously your keys would be in >>> ~/.ssh/id_dsa[rsa].pub, but now with ECDSA being the default they >>> would be in ~/.ssh/id_ecdsa.pub >>> >>> I recall something being mentioned in the elog asking to regenerate >>> the key-pair. >>> >>> HTH. >> >> If this is the case, you could try speciying your key on the command-line >> using the "-i" flag: >> >> # ssh -i .ssh/id_dsa.pub <host....> >> >> Replace the file with the one on your machine. >> >> HTH, >> >> Joost >> >> > > I still haven't gotten this to work. Am I the only one using this? The > "ssh -i .ssh/id_dsa.pub host" didn't work. I get a message "Read from > socket failed: Connection reset by peer" with or without the -i option. > > When I re-emerged openssh the following output is displayed. > > # emerge openssh > Calculating dependencies... done! >>>> Verifying ebuild manifests >>>> Emerging (1 of 1) net-misc/openssh-5.8_p1-r1 >>>> Installing (1 of 1) net-misc/openssh-5.8_p1-r1 >>>> Jobs: 1 of 1 complete Load avg: 2.80, > 1.95, 1.43 > > * Messages for package net-misc/openssh-5.8_p1-r1: > > * Starting with openssh-5.8p1, the server will default to a newer key > * algorithm (ECDSA). You are encouraged to manually update your stored > * keys list as servers update theirs. See ssh-keyscan(1) for more info. > * Remember to merge your config files in /etc/ssh/ and then > * reload sshd: '/etc/init.d/sshd reload'. > * Please be aware users need a valid shell in /etc/passwd > * in order to be allowed to login. >>>> Auto-cleaning packages... > >>>> No outdated packages were found on your system. > > * GNU info directory index is up-to-date. > > The ssh-keyscan man page hasn't helped. > > As of now I can only log in from older systems.
This would imply that your older (rsa/dsa) server keys still work. What have you changed on your Gentoo client? Have you tried using ssh user@host to login with? -- Regards, Mick
