Maybe that's not the only place for storing known hosts keys. Is there any place in /etc/ or something?
What's the actual error message? On Thu, Oct 3, 2013 at 7:52 AM, Chris McQuistion <[email protected]>wrote: > Yeah, we deleted the old keys out of the /root/.ssh/known_hosts file on > the client side. Did that several times, actually. > > > On Thu, Oct 3, 2013 at 9:20 AM, Csaba Toth <[email protected]>wrote: > >> The SSH keys on the _client_ side got deleted properly? >> You know when you first connect to a host you accept it's public key, >> and it is stored on client side. This is to avoid such fraud that someone >> swaps out a machine with another one. The two machines won't have the same >> keypair. I have a feeling that this prevention mechanism kicks in? >> What's the exact error message? >> >> Csaba >> >> >> On Wed, Oct 2, 2013 at 11:15 PM, Tilghman Lesher <[email protected]>wrote: >> >>> I would suggest adding "-vvv" to your ssh command. The debugging >>> information will generally show you where the error lies. If that >>> doesn't get it, you can also change the LogLevel in >>> /etc/ssh/sshd_config from INFO (default) to DEBUG, restart sshd, and >>> look at your system logs. >>> >>> On Wed, Oct 2, 2013 at 5:05 PM, Curt Lundgren <[email protected]> >>> wrote: >>> > I regenerated the server SSH keys, which are separate from the root >>> user SSH >>> > keys: >>> > >>> > ssh_host_dsa_key >>> > ssh_host_key >>> > ssh_host_rsa_key >>> > >>> > >>> > >>> > On Wed, Oct 2, 2013 at 5:02 PM, Chris McQuistion < >>> [email protected]> >>> > wrote: >>> >> >>> >> Curt, did you run "ssh-keygen -t rsa" to generate the RSA key on this >>> new >>> >> server? Did you include a passphrase when it ran? >>> >> >>> >> >>> >> On Wed, Oct 2, 2013 at 4:48 PM, Curt Lundgren <[email protected]> >>> wrote: >>> >>> >>> >>> Thanks, Dave. I can reboot one of the clients in the morning, >>> perhaps >>> >>> that will clear up the issue. >>> >>> >>> >>> Curt >>> >>> >>> >>> >>> >>> On Wed, Oct 2, 2013 at 4:45 PM, Dave Manginelli >>> >>> <[email protected]> wrote: >>> >>>> >>> >>>> I'm at a client's site so I can't test this or be more specific but >>> this >>> >>>> sounds to me like the host key of the "old" machine is cached in >>> the client >>> >>>> and it does not match the host key of the machine now residing at >>> that IP. >>> >>>> You can test this by using the HostKeyAlias parameter when you >>> connect from >>> >>>> the client and setting it to any arbitrary name NOT in actual use >>> on your >>> >>>> network. It should ask you if you accept the new host key and then >>> connect >>> >>>> automatically after that as long as the same HostKeyAlias is >>> supplied. You >>> >>>> can fix it by clearing the key for that IP address on the client >>> but I don't >>> >>>> remember where it's located and am not able to pursue it right now. >>> >>>> >>> >>>> Maybe this will point you in the right direction... >>> >>>> >>> >>>> >>> >>>> >>> >>>> On Wed, Oct 2, 2013 at 4:22 PM, Curt Lundgren <[email protected]> >>> >>>> wrote: >>> >>>>> >>> >>>>> I've just built a couple of CentOS 6.4 machines, and need to use a >>> >>>>> no-password RSA key login to root. No flames please about logging >>> in as >>> >>>>> root. >>> >>>>> >>> >>>>> Had it working on both machines, but when I changed the "main" IP >>> >>>>> address so the new machine could take over for an ailing one, the >>> login >>> >>>>> capability was lost. I can do a password login, but not with the >>> RSA key. >>> >>>>> >>> >>>>> Thought it might be the server SSH keys, as though they're somehow >>> tied >>> >>>>> to IP addresses, so I regenerated them. No joy. I've tried >>> logging in from >>> >>>>> a couple of different boxes (Linux and Mac), still no joy. >>> >>>>> >>> >>>>> The other server got built, got its "main" IP address changed, and >>> is >>> >>>>> working just fine. I did a diff between sshd_config on both >>> machines; the >>> >>>>> files are identical. >>> >>>>> >>> >>>>> I'm scratching my head and it's starting to hurt. Any ideas? (I >>> know, >>> >>>>> stop scratching.) >>> >>>>> >>> >>>>> Curt >>> >>>>> >>> >>>>> -- >>> >>>>> -- >>> >>>>> You received this message because you are subscribed to the Google >>> >>>>> Groups "NLUG" group. >>> >>>>> To post to this group, send email to [email protected] >>> >>>>> To unsubscribe from this group, send email to >>> >>>>> [email protected] >>> >>>>> For more options, visit this group at >>> >>>>> http://groups.google.com/group/nlug-talk?hl=en >>> >>>>> >>> >>>>> --- >>> >>>>> You received this message because you are subscribed to the Google >>> >>>>> Groups "NLUG" group. >>> >>>>> To unsubscribe from this group and stop receiving emails from it, >>> send >>> >>>>> an email to [email protected]. >>> >>>>> For more options, visit https://groups.google.com/groups/opt_out. >>> >>>> >>> >>>> >>> >>>> -- >>> >>>> -- >>> >>>> You received this message because you are subscribed to the Google >>> >>>> Groups "NLUG" group. >>> >>>> To post to this group, send email to [email protected] >>> >>>> To unsubscribe from this group, send email to >>> >>>> [email protected] >>> >>>> For more options, visit this group at >>> >>>> http://groups.google.com/group/nlug-talk?hl=en >>> >>>> >>> >>>> --- >>> >>>> You received this message because you are subscribed to the Google >>> >>>> Groups "NLUG" group. >>> >>>> To unsubscribe from this group and stop receiving emails from it, >>> send >>> >>>> an email to [email protected]. >>> >>>> For more options, visit https://groups.google.com/groups/opt_out. >>> >>> >>> >>> >>> >>> -- >>> >>> -- >>> >>> You received this message because you are subscribed to the Google >>> Groups >>> >>> "NLUG" group. >>> >>> To post to this group, send email to [email protected] >>> >>> To unsubscribe from this group, send email to >>> >>> [email protected] >>> >>> For more options, visit this group at >>> >>> http://groups.google.com/group/nlug-talk?hl=en >>> >>> >>> >>> --- >>> >>> You received this message because you are subscribed to the Google >>> Groups >>> >>> "NLUG" group. >>> >>> To unsubscribe from this group and stop receiving emails from it, >>> send an >>> >>> email to [email protected]. >>> >>> For more options, visit https://groups.google.com/groups/opt_out. >>> >> >>> >> >>> >> -- >>> >> -- >>> >> You received this message because you are subscribed to the Google >>> Groups >>> >> "NLUG" group. >>> >> To post to this group, send email to [email protected] >>> >> To unsubscribe from this group, send email to >>> >> [email protected] >>> >> For more options, visit this group at >>> >> http://groups.google.com/group/nlug-talk?hl=en >>> >> >>> >> --- >>> >> You received this message because you are subscribed to the Google >>> Groups >>> >> "NLUG" group. >>> >> To unsubscribe from this group and stop receiving emails from it, >>> send an >>> >> email to [email protected]. >>> >> For more options, visit https://groups.google.com/groups/opt_out. >>> > >>> > >>> > -- >>> > -- >>> > You received this message because you are subscribed to the Google >>> Groups >>> > "NLUG" group. >>> > To post to this group, send email to [email protected] >>> > To unsubscribe from this group, send email to >>> > [email protected] >>> > For more options, visit this group at >>> > http://groups.google.com/group/nlug-talk?hl=en >>> > >>> > --- >>> > You received this message because you are subscribed to the Google >>> Groups >>> > "NLUG" group. >>> > To unsubscribe from this group and stop receiving emails from it, send >>> an >>> > email to [email protected]. >>> > For more options, visit https://groups.google.com/groups/opt_out. >>> >>> -- >>> -- >>> You received this message because you are subscribed to the Google >>> Groups "NLUG" group. >>> To post to this group, send email to [email protected] >>> To unsubscribe from this group, send email to >>> [email protected] >>> For more options, visit this group at >>> http://groups.google.com/group/nlug-talk?hl=en >>> >>> --- >>> You received this message because you are subscribed to the Google >>> Groups "NLUG" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to [email protected]. >>> For more options, visit https://groups.google.com/groups/opt_out. >>> >> >> -- >> -- >> You received this message because you are subscribed to the Google Groups >> "NLUG" group. >> To post to this group, send email to [email protected] >> To unsubscribe from this group, send email to >> [email protected] >> For more options, visit this group at >> http://groups.google.com/group/nlug-talk?hl=en >> >> --- >> You received this message because you are subscribed to the Google Groups >> "NLUG" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> For more options, visit https://groups.google.com/groups/opt_out. >> > > -- > -- > You received this message because you are subscribed to the Google Groups > "NLUG" group. > To post to this group, send email to [email protected] > To unsubscribe from this group, send email to > [email protected] > For more options, visit this group at > http://groups.google.com/group/nlug-talk?hl=en > > --- > You received this message because you are subscribed to the Google Groups > "NLUG" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > For more options, visit https://groups.google.com/groups/opt_out. > -- -- You received this message because you are subscribed to the Google Groups "NLUG" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/nlug-talk?hl=en --- You received this message because you are subscribed to the Google Groups "NLUG" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
