Re: ssh issue after security upgrade


I completely removed the known_hosts files to make sure it wasn't. After reinstalling the openssh_client
and about 3 reboots though it started working.



Hari Sekhon wrote:
Robert L. Harris wrote:




I just upgraded SSH on two hosts due to the security vulnerability. The
remote machine is Debian Woody running openssh-client 4.3p2-9, server is
the same level. One of the two local machines is ubuntu gutsy running
1:4.6p1-5ubuntu0.5 for both client and server. The other local machine
is debian sarge running: 3.8.1p1-8.sarg.


When i ssh from the remote machine to local I get:

debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug3: check_host_in_hostfile: filename /home/robert/.ssh/known_hosts
debug3: check_host_in_hostfile: filename /etc/ssh/ssh_known_hosts
debug3: check_host_in_hostfile: filename /home/robert/.ssh/known_hosts
debug3: check_host_in_hostfile: filename /etc/ssh/ssh_known_hosts
debug3: check_host_in_hostfile: filename /home/robert/.ssh/known_hosts
debug3: check_host_in_hostfile: filename /etc/ssh/ssh_known_hosts
debug2: no key of type 0 for host harvard
debug3: check_host_in_hostfile: filename /home/robert/.ssh/known_hosts2
debug3: check_host_in_hostfile: filename /etc/ssh/ssh_known_hosts2
debug3: check_host_in_hostfile: filename /home/robert/.ssh/known_hosts
debug3: check_host_in_hostfile: filename /etc/ssh/ssh_known_hosts
debug2: no key of type 2 for host harvard
Host key verification failed.


~ I get the same message no matter which local machine I'm sshing to. I
have a debian lenny box with which can connect successfully to both
local hosts. I have removed /home/robert/.ssh/known_hosts on the
remote machine and I still get that entry.

~ Anyone have any ideas?


Read around the upgrade. Due to a potential vulnerability in the generated keys they are re-created new when you upgrade ssh. Check the new key is the right one and then accept it.

-h


--
:wq
-----------------------------------------------------------------------------
Robert L. Harris
Manager, Application Systems
Corona Solutions
(720) 685-9550
http://www.coronasolutions.com

Relevant Pages

  • ssh issue after security upgrade
    ... is debian sarge running: 3.8.1p1-8.sarg. ... When i ssh from the remote machine to local I get: ... no key of type 0 for host harvard ... ~ I get the same message no matter which local machine I'm sshing to. ...
    (SSH)
  • Re: ASP.NET, C#, Process.GetProcesses
    ... getprocess call should be running on the LOCAL machine not a remote machine. ... you will need to setup proper access rights. ...
    (microsoft.public.dotnet.languages.csharp)
  • Re: EFS Questions
    ... I know it sounds confusing, but when the files exist on a remote machine, ... > certificate and keys are on my local machine. ... could I decrypt by just mapping a drive from my local machine ... > to my own local computer instead of using back-up and restore (yes, ...
    (microsoft.public.win2000.security)
  • Re: ASP.NET, C#, Process.GetProcesses
    ... >> This command purpose is to find some proccess on local machine and do ... because it seems to grab the proccesses from ... >> the remote machine (what is totally wrong, ...
    (microsoft.public.dotnet.languages.csharp)
  • Re: Permission for simple file sharing folders blocked on Workgrou
    ... > Guest account - it must be enabled for it to work. ... any network user can access the share. ... > Under Regular File Sharing, the local machine must have an account ... > on the remote machine with which it can log in. ...
    (microsoft.public.windowsxp.general)