I'm glad that you resolved the /etc/ssh host key files. It is common to stop sshd, remove the files and start sshd again to generate new set of host files. It is normally done when you create a host from disk image either locally or in the cloud. Otherwise you would have multiple hosts with identical key files, unless of course your deleted the key files in the image.
If you want the public key ssh to work the same way in the other direction (remote to local) you have two basic options: a) have same authorized_keys, id_ed25519 and id_ed25519.pub in your accounts on all hosts (remote and local). b) add public keys (id_ed25519.pub) from all remote machines to your local authorized_keys file. Chose the one option you like the most for your use case. Option b) has higher entropy, so it should be safer in theory - if you are good and fast at housekeeping all those public keys. Option a) is simpler to manage, but you need to update (change) all keys in all hosts in case you are compromised at any one host. I hope it helps, Tomas On Mon, 2016-11-07 at 13:10 -0800, Rich Shepard wrote: > On Mon, 7 Nov 2016, Rich Shepard wrote: > > > Sure enough, that does make a difference. Still denied access to > > the > > remote portable from the local desktop and will work on that. > > Almost there. > > On the portable/remote there are server ssh_host keys. I can now > ssh from > the desktop/local to the portable/remote, but not the other way. > > After removing an apparently stale known_hosts on the > portable/remote I > tried to ssh to the desktop. After questioning whether I wanted to > establish > the connection ssh added the desktop to known_hosts on the portable, > and > then immediately denied connection because of a public key issue. > > I had copied the desktop's public key to the portable's > authorized_keys > file, and vice-versa thinking this would resolve the publickey issue. > Apparently not. > > Rich > _______________________________________________ > PLUG mailing list > [email protected] > http://lists.pdxlinux.org/mailman/listinfo/plug _______________________________________________ PLUG mailing list [email protected] http://lists.pdxlinux.org/mailman/listinfo/plug
