Yeah, we deleted the old keys out of the /root/.ssh/known_hosts file on the client side. Did that several times, actually.
On Thu, Oct 3, 2013 at 9:20 AM, Csaba Toth <csaba.toth...@gmail.com> wrote: > The SSH keys on the _client_ side got deleted properly? > You know when you first connect to a host you accept it's public key, and > it is stored on client side. This is to avoid such fraud that someone swaps > out a machine with another one. The two machines won't have the same > keypair. I have a feeling that this prevention mechanism kicks in? > What's the exact error message? > > Csaba > > > On Wed, Oct 2, 2013 at 11:15 PM, Tilghman Lesher <tilgh...@meg.abyt.es>wrote: > >> I would suggest adding "-vvv" to your ssh command. The debugging >> information will generally show you where the error lies. If that >> doesn't get it, you can also change the LogLevel in >> /etc/ssh/sshd_config from INFO (default) to DEBUG, restart sshd, and >> look at your system logs. >> >> On Wed, Oct 2, 2013 at 5:05 PM, Curt Lundgren <verif...@gmail.com> wrote: >> > I regenerated the server SSH keys, which are separate from the root >> user SSH >> > keys: >> > >> > ssh_host_dsa_key >> > ssh_host_key >> > ssh_host_rsa_key >> > >> > >> > >> > On Wed, Oct 2, 2013 at 5:02 PM, Chris McQuistion < >> cmcquist...@watkins.edu> >> > wrote: >> >> >> >> Curt, did you run "ssh-keygen -t rsa" to generate the RSA key on this >> new >> >> server? Did you include a passphrase when it ran? >> >> >> >> >> >> On Wed, Oct 2, 2013 at 4:48 PM, Curt Lundgren <verif...@gmail.com> >> wrote: >> >>> >> >>> Thanks, Dave. I can reboot one of the clients in the morning, perhaps >> >>> that will clear up the issue. >> >>> >> >>> Curt >> >>> >> >>> >> >>> On Wed, Oct 2, 2013 at 4:45 PM, Dave Manginelli >> >>> <dave.mangine...@gmail.com> wrote: >> >>>> >> >>>> I'm at a client's site so I can't test this or be more specific but >> this >> >>>> sounds to me like the host key of the "old" machine is cached in the >> client >> >>>> and it does not match the host key of the machine now residing at >> that IP. >> >>>> You can test this by using the HostKeyAlias parameter when you >> connect from >> >>>> the client and setting it to any arbitrary name NOT in actual use on >> your >> >>>> network. It should ask you if you accept the new host key and then >> connect >> >>>> automatically after that as long as the same HostKeyAlias is >> supplied. You >> >>>> can fix it by clearing the key for that IP address on the client but >> I don't >> >>>> remember where it's located and am not able to pursue it right now. >> >>>> >> >>>> Maybe this will point you in the right direction... >> >>>> >> >>>> >> >>>> >> >>>> On Wed, Oct 2, 2013 at 4:22 PM, Curt Lundgren <verif...@gmail.com> >> >>>> wrote: >> >>>>> >> >>>>> I've just built a couple of CentOS 6.4 machines, and need to use a >> >>>>> no-password RSA key login to root. No flames please about logging >> in as >> >>>>> root. >> >>>>> >> >>>>> Had it working on both machines, but when I changed the "main" IP >> >>>>> address so the new machine could take over for an ailing one, the >> login >> >>>>> capability was lost. I can do a password login, but not with the >> RSA key. >> >>>>> >> >>>>> Thought it might be the server SSH keys, as though they're somehow >> tied >> >>>>> to IP addresses, so I regenerated them. No joy. I've tried >> logging in from >> >>>>> a couple of different boxes (Linux and Mac), still no joy. >> >>>>> >> >>>>> The other server got built, got its "main" IP address changed, and >> is >> >>>>> working just fine. I did a diff between sshd_config on both >> machines; the >> >>>>> files are identical. >> >>>>> >> >>>>> I'm scratching my head and it's starting to hurt. Any ideas? (I >> know, >> >>>>> stop scratching.) >> >>>>> >> >>>>> Curt >> >>>>> >> >>>>> -- >> >>>>> -- >> >>>>> You received this message because you are subscribed to the Google >> >>>>> Groups "NLUG" group. >> >>>>> To post to this group, send email to nlug-talk@googlegroups.com >> >>>>> To unsubscribe from this group, send email to >> >>>>> nlug-talk+unsubscr...@googlegroups.com >> >>>>> For more options, visit this group at >> >>>>> http://groups.google.com/group/nlug-talk?hl=en >> >>>>> >> >>>>> --- >> >>>>> You received this message because you are subscribed to the Google >> >>>>> Groups "NLUG" group. >> >>>>> To unsubscribe from this group and stop receiving emails from it, >> send >> >>>>> an email to nlug-talk+unsubscr...@googlegroups.com. >> >>>>> For more options, visit https://groups.google.com/groups/opt_out. >> >>>> >> >>>> >> >>>> -- >> >>>> -- >> >>>> You received this message because you are subscribed to the Google >> >>>> Groups "NLUG" group. >> >>>> To post to this group, send email to nlug-talk@googlegroups.com >> >>>> To unsubscribe from this group, send email to >> >>>> nlug-talk+unsubscr...@googlegroups.com >> >>>> For more options, visit this group at >> >>>> http://groups.google.com/group/nlug-talk?hl=en >> >>>> >> >>>> --- >> >>>> You received this message because you are subscribed to the Google >> >>>> Groups "NLUG" group. >> >>>> To unsubscribe from this group and stop receiving emails from it, >> send >> >>>> an email to nlug-talk+unsubscr...@googlegroups.com. >> >>>> For more options, visit https://groups.google.com/groups/opt_out. >> >>> >> >>> >> >>> -- >> >>> -- >> >>> You received this message because you are subscribed to the Google >> Groups >> >>> "NLUG" group. >> >>> To post to this group, send email to nlug-talk@googlegroups.com >> >>> To unsubscribe from this group, send email to >> >>> nlug-talk+unsubscr...@googlegroups.com >> >>> For more options, visit this group at >> >>> http://groups.google.com/group/nlug-talk?hl=en >> >>> >> >>> --- >> >>> You received this message because you are subscribed to the Google >> Groups >> >>> "NLUG" group. >> >>> To unsubscribe from this group and stop receiving emails from it, >> send an >> >>> email to nlug-talk+unsubscr...@googlegroups.com. >> >>> For more options, visit https://groups.google.com/groups/opt_out. >> >> >> >> >> >> -- >> >> -- >> >> You received this message because you are subscribed to the Google >> Groups >> >> "NLUG" group. >> >> To post to this group, send email to nlug-talk@googlegroups.com >> >> To unsubscribe from this group, send email to >> >> nlug-talk+unsubscr...@googlegroups.com >> >> For more options, visit this group at >> >> http://groups.google.com/group/nlug-talk?hl=en >> >> >> >> --- >> >> You received this message because you are subscribed to the Google >> Groups >> >> "NLUG" group. >> >> To unsubscribe from this group and stop receiving emails from it, send >> an >> >> email to nlug-talk+unsubscr...@googlegroups.com. >> >> For more options, visit https://groups.google.com/groups/opt_out. >> > >> > >> > -- >> > -- >> > You received this message because you are subscribed to the Google >> Groups >> > "NLUG" group. >> > To post to this group, send email to nlug-talk@googlegroups.com >> > To unsubscribe from this group, send email to >> > nlug-talk+unsubscr...@googlegroups.com >> > For more options, visit this group at >> > http://groups.google.com/group/nlug-talk?hl=en >> > >> > --- >> > You received this message because you are subscribed to the Google >> Groups >> > "NLUG" group. >> > To unsubscribe from this group and stop receiving emails from it, send >> an >> > email to nlug-talk+unsubscr...@googlegroups.com. >> > For more options, visit https://groups.google.com/groups/opt_out. >> >> -- >> -- >> You received this message because you are subscribed to the Google Groups >> "NLUG" group. >> To post to this group, send email to nlug-talk@googlegroups.com >> To unsubscribe from this group, send email to >> nlug-talk+unsubscr...@googlegroups.com >> For more options, visit this group at >> http://groups.google.com/group/nlug-talk?hl=en >> >> --- >> You received this message because you are subscribed to the Google Groups >> "NLUG" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to nlug-talk+unsubscr...@googlegroups.com. >> For more options, visit https://groups.google.com/groups/opt_out. >> > > -- > -- > You received this message because you are subscribed to the Google Groups > "NLUG" group. > To post to this group, send email to nlug-talk@googlegroups.com > To unsubscribe from this group, send email to > nlug-talk+unsubscr...@googlegroups.com > For more options, visit this group at > http://groups.google.com/group/nlug-talk?hl=en > > --- > You received this message because you are subscribed to the Google Groups > "NLUG" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to nlug-talk+unsubscr...@googlegroups.com. > For more options, visit https://groups.google.com/groups/opt_out. > -- -- You received this message because you are subscribed to the Google Groups "NLUG" group. To post to this group, send email to nlug-talk@googlegroups.com To unsubscribe from this group, send email to nlug-talk+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/nlug-talk?hl=en --- You received this message because you are subscribed to the Google Groups "NLUG" group. To unsubscribe from this group and stop receiving emails from it, send an email to nlug-talk+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.