Re: [foxboro] ssh problems after upgrade
- From: "Corey R Clingo" <clingoc@xxxxxxxxxxxxx>
- To: foxboro@xxxxxxxxxxxxx
- Date: Wed, 27 Aug 2003 19:54:54 -0500
Well, for one, you need to copy the *pub file to ~/.ssh/authorized_keys (or
maybe authorized_keys2 for an ssh as old as the one you are using), not
known_hosts. The known_hosts file on the machine you are ssh-ing _to_ has
no effect.
Also, check permissions on your local key files; they have to be 600 I
believe.
Corey Clingo
BASF Corp.
|---------+---------------------------->
| | stan |
| | <stanb@xxxxxxxxx>|
| | Sent by: |
| | foxboro-bounce@fr|
| | eelists.org |
| | |
| | |
| | 08/27/2003 09:55 |
| | AM |
| | Please respond to|
| | foxboro |
| | |
|---------+---------------------------->
>------------------------------------------------------------------------------------------------------------------------------|
|
|
| To: Foxboro List
|
| cc:
|
| Subject: [foxboro] ssh problems after upgrade
|
>------------------------------------------------------------------------------------------------------------------------------|
ne of our nods got "upgraded" from 6.1.2 to 6.5 yesterday, and one of the
problems I'm having is with ssh logins bewtween machines on that node.
I've re-run ssh-keygen on both machines I'm testing with, I've blown away
~/.ssh/known_hosts and had it recreated, and I've copied the *pub filed
over into known_hosts on the machine I'm ssh'ing _to_, and still no luck.
here's the output of ssh -v FYI:
Script started on Wed Aug 27 10:56:50 2003
AW0400# ssh -v WP0400
OpenSSH_3.1p1, SSH protocols 1.5/2.0, OpenSSL 0x0090602f
debug1: Reading configuration data /usr/local/etc/ssh_config
debug1: Rhosts Authentication disabled, originating port will not be
trusted.
debug1: restore_uid
debug1: ssh_connect: getuid 0 geteuid 0 anon 1
debug1: Connecting to WP0400 [151.128.8.67] port 22.
debug1: temporarily_use_uid: 0/1 (e=0)
debug1: restore_uid
debug1: temporarily_use_uid: 0/1 (e=0)
debug1: restore_uid
debug1: Connection established.
debug1: read PEM private key done: type DSA
debug1: read PEM private key done: type RSA
debug1: identity file /.ssh/identity type 0
debug1: identity file /.ssh/id_rsa type 1
debug1: identity file /.ssh/id_dsa type 2
debug1: Remote protocol version 1.99, remote software version OpenSSH_3.1p1
debug1: match: OpenSSH_3.1p1 pat OpenSSH*
Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_3.1p1
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-cbc hmac-md5 none
debug1: kex: client->server aes128-cbc hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug1: dh_gen_key: priv key bits set: 137/256
debug1: bits set: 1580/3191
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Host 'wp0400' is known and matches the RSA host key.
debug1: Found key in /.ssh/known_hosts:1
debug1: bits set: 1607/3191
debug1: ssh_rsa_verify: signature correct
debug1: kex_derive_keys
debug1: newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: waiting for SSH2_MSG_NEWKEYS
debug1: newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: done: ssh_kex2.
debug1: send SSH2_MSG_SERVICE_REQUEST
debug1: service_accept: ssh-userauth
debug1: got SSH2_MSG_SERVICE_ACCEPT
debug1: authentications that can continue:
publickey,password,keyboard-interactive
debug1: next auth method to try is publickey
debug1: try pubkey: /.ssh/id_rsa
debug1: authentications that can continue:
publickey,password,keyboard-interactive
debug1: try pubkey: /.ssh/id_dsa
debug1: authentications that can continue:
publickey,password,keyboard-interactive
debug1: next auth method to try is keyboard-interactive
debug1: authentications that can continue:
publickey,password,keyboard-interactive
debug1: next auth method to try is password
root@wp0400's password:
AW0400#
script done on Wed Aug 27 10:57:10 2003
Can anyone see what stupid mistake I'm making?
--
"They that would give up essential liberty for temporary safety deserve
neither liberty nor safety."
-- Benjamin Franklin
_______________________________________________________________________
This mailing list is neither sponsored nor endorsed by Invensys Process
Systems (formerly The Foxboro Company). Use the info you obtain here at
your own risks. Read http://www.thecassandraproject.org/disclaimer.html
foxboro mailing list: http://www.freelists.org/list/foxboro
to subscribe: mailto:foxboro-request@xxxxxxxxxxxxx?subject=join
to unsubscribe: mailto:foxboro-request@xxxxxxxxxxxxx?subject=leave
_______________________________________________________________________
This mailing list is neither sponsored nor endorsed by Invensys Process
Systems (formerly The Foxboro Company). Use the info you obtain here at
your own risks. Read http://www.thecassandraproject.org/disclaimer.html
foxboro mailing list: http://www.freelists.org/list/foxboro
to subscribe: mailto:foxboro-request@xxxxxxxxxxxxx?subject=join
to unsubscribe: mailto:foxboro-request@xxxxxxxxxxxxx?subject=leave
- Follow-Ups:
- Re: [foxboro] ssh problems after upgrade
- From: stan
Other related posts:
- » Re: [foxboro] ssh problems after upgrade
- » Re: [foxboro] ssh problems after upgrade
- Re: [foxboro] ssh problems after upgrade
- From: stan