On 02/24/2011 08:53 AM, Mick wrote: > On 24 February 2011 13:17, dhk <dhk...@optonline.net> wrote: >> On 02/23/2011 03:42 AM, Joost Roeleveld wrote: >>> On Tuesday 22 February 2011 14:51:31 Mick wrote: >>>> On 22 February 2011 14:19, <dhk...@optonline.net> wrote: >>>>> ----- Original Message ----- >>>>> From: Mick >>>>> >>>>>> There was a change in the default ssh encryption algorithm. You may >>>>>> want to check if that is causing the problem. >>>>> >>>>> How would I do that? >>>> >>>> By examining your config files? Previously your keys would be in >>>> ~/.ssh/id_dsa[rsa].pub, but now with ECDSA being the default they >>>> would be in ~/.ssh/id_ecdsa.pub >>>> >>>> I recall something being mentioned in the elog asking to regenerate >>>> the key-pair. >>>> >>>> HTH. >>> >>> If this is the case, you could try speciying your key on the command-line >>> using the "-i" flag: >>> >>> # ssh -i .ssh/id_dsa.pub <host....> >>> >>> Replace the file with the one on your machine. >>> >>> HTH, >>> >>> Joost >>> >>> >> >> I still haven't gotten this to work. Am I the only one using this? The >> "ssh -i .ssh/id_dsa.pub host" didn't work. I get a message "Read from >> socket failed: Connection reset by peer" with or without the -i option. >> >> When I re-emerged openssh the following output is displayed. >> >> # emerge openssh >> Calculating dependencies... done! >>>>> Verifying ebuild manifests >>>>> Emerging (1 of 1) net-misc/openssh-5.8_p1-r1 >>>>> Installing (1 of 1) net-misc/openssh-5.8_p1-r1 >>>>> Jobs: 1 of 1 complete Load avg: 2.80, >> 1.95, 1.43 >> >> * Messages for package net-misc/openssh-5.8_p1-r1: >> >> * Starting with openssh-5.8p1, the server will default to a newer key >> * algorithm (ECDSA). You are encouraged to manually update your stored >> * keys list as servers update theirs. See ssh-keyscan(1) for more info. >> * Remember to merge your config files in /etc/ssh/ and then >> * reload sshd: '/etc/init.d/sshd reload'. >> * Please be aware users need a valid shell in /etc/passwd >> * in order to be allowed to login. >>>>> Auto-cleaning packages... >> >>>>> No outdated packages were found on your system. >> >> * GNU info directory index is up-to-date. >> >> The ssh-keyscan man page hasn't helped. >> >> As of now I can only log in from older systems. > > This would imply that your older (rsa/dsa) server keys still work. > > What have you changed on your Gentoo client? > > Have you tried using ssh user@host to login with?
At first all I did was an update: emerge -uDN world . They when it didn't work I removed all public and private keys and restarted sshd. That didn't work then I tried the ssh-keygen and ssh-keyscan. That didn't work so I removed all keys again and restarted sshd. Are there ssh_config or sshd_config options that should be set? Thanks, dhk
