I upgraded to 4.9 stable from 4.9 release and now have difficulty connecting via ssh to hosts. The error I get is: key_verify failed for server_host_key If I modify the sshd_config for the server I am connecting to and change to the following, it works: Protocol 2 # HostKey for protocol version 1 #HostKey /etc/ssh/ssh_host_key # HostKeys for protocol version 2 HostKey /etc/ssh/ssh_host_rsa_key HostKey /etc/ssh/ssh_host_dsa_key ssh verbose dump: [EMAIL PROTECTED] daren]$ssh -v puff OpenSSH_3.8p1, SSH protocols 1.5/2.0, OpenSSL 0.9.7c-p1 30 Sep 2003 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Connecting to puff [x.x.x.x] port 22. debug1: Connection established. debug1: identity file /home/daren/.ssh/identity type -1 debug1: identity file /home/daren/.ssh/id_rsa type 1 debug1: identity file /home/daren/.ssh/id_dsa type -1 debug1: Remote protocol version 1.99, remote software version OpenSSH_3.5p1 Free BSD-20030924 debug1: match: OpenSSH_3.5p1 FreeBSD-20030924 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_3.8p1 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server->client aes128-cbc hmac-md5 none debug1: kex: client->server aes128-cbc hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug1: Host 'puff' is known and matches the DSA host key. debug1: Found key in /home/daren/.ssh/known_hosts:8 debug1: ssh_dss_verify: signature incorrect key_verify failed for server_host_key [EMAIL PROTECTED] daren]$
I did try removing the known_hosts entry, but it had no effect: [EMAIL PROTECTED] .ssh]$mv known_hosts known_hosts.bak [EMAIL PROTECTED] .ssh]$ssh -v puff OpenSSH_3.8p1, SSH protocols 1.5/2.0, OpenSSL 0.9.7c-p1 30 Sep 2003 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Connecting to puff [x.x.x.x] port 22. debug1: Connection established. debug1: identity file /home/daren/.ssh/identity type -1 debug1: identity file /home/daren/.ssh/id_rsa type 1 debug1: identity file /home/daren/.ssh/id_dsa type -1 debug1: Remote protocol version 1.99, remote software version OpenSSH_3.5p1 Free BSD-20030924 debug1: match: OpenSSH_3.5p1 FreeBSD-20030924 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_3.8p1 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server->client aes128-cbc hmac-md5 none debug1: kex: client->server aes128-cbc hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY The authenticity of host 'puff (x.x.x.x)' can't be established. DSA key fingerprint is f0:b5:90:fd:92:0d:4a:b6:87:13:45:63:72:a1:49:aa. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added 'puff,x.x.x.x' (DSA) to the list of known hosts. debug1: ssh_dss_verify: signature incorrect key_verify failed for server_host_key [EMAIL PROTECTED] .ssh]$ _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-stable To unsubscribe, send any mail to "[EMAIL PROTECTED]"
