Re: F-Secure client with OpenSSH server

• Previous message: Bill Unruh: "Re: SSH doesn't work without a user logged in?"
• In reply to: Mark Moorcroft: "Re: F-Secure client with OpenSSH server"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: unruh@physics.ubc.ca (Bill Unruh)
Date: 31 Dec 2001 06:49:46 GMT

In <66581382.0112301627.442366f0@posting.google.com> list@valleyofspeed.com (Mark Moorcroft) writes:

]slade@shore.net (Richard E. Silverman) wrote in message news:<m1lsn9usbx8.fsf@syrinx.oankali.net>...
]> OpenSSH and SSH2 use different key formats; you have to convert it by:
]>
]> % ssh-keygen -i -f <SSH2 public key file>
]>
]> This will output a single line, which is what you add to the OpenSSH
]> authorized_keys(2) file.

]I would like to join this discussion, as I have been attempting to
]connect my MacOSX box to my he.net account. It seems the folks at
]Hurricane can't get their OSX box connected either, nor do they even
]the same versions of SSH/SSL on their various servers, but I
]digress...

]My OSX box reports ...

]"OpenSSH_2.9p2, SSH protocols 1.5/2.0, OpenSSL 0x0090602f"

]and the he.net box says...

]"ssh: SSH Secure Shell 2.4.0 (non-commercial version) on
]i686-pc-linux-gnu"

]The trouble is that even after using the tools on my OSX box to
]convert the public keys generated by both systems (the he.net
]ssh-keygen does not even have the ability to convert keys), and
]placing them where the appear to need to be, the fingerprints never
]match. This is the debug from he.net back to my home OSX box...

]debug: hostname is 'xxx.xxx.xxx.xxx'.
]debug: Unable to open /home/user/.ssh2/ssh2_config

Well, perhaps you should find out why it is unable to optn
/home/user/.ssh2/ssh2_config.

]@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
]@ WARNING: HOST IDENTIFICATION HAS CHANGED! @
]@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
]IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!

Remove the key for the remote machine from the known_hosts or
known_hosts2 file (for openssh) or as below remove the hostkeys/key*pub
file.
.

]debug3: No RSA1 key file /Users/mark/.ssh/id_dsa.

?? Sounds like you have your sshd_config (in /etc/ssh) wrongly set up as
to where to find the type 2 rsa keys.

• Next message: Joonas Saarinen: "Re: SSH doesn't work without a user logged in?"
• Previous message: Bill Unruh: "Re: SSH doesn't work without a user logged in?"
• In reply to: Mark Moorcroft: "Re: F-Secure client with OpenSSH server"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages RE: [USN-612-2] OpenSSH vulnerability ... The update for Ubuntu 8.04 was as ... (part of the ssh-server install was a blacklist of keys not to use). ... particularly affects the use of encryption keys in OpenSSH. ... amd64 architecture: ... (Ubuntu) [Full-disclosure] [USN-612-2] OpenSSH vulnerability ... particularly affects the use of encryption keys in OpenSSH. ... Ubuntu) are based on Debian. ... amd64 architecture: ... (Full-Disclosure) [USN-612-2] OpenSSH vulnerability ... particularly affects the use of encryption keys in OpenSSH. ... Ubuntu) are based on Debian. ... amd64 architecture: ... (Bugtraq) Institutional OpenSSH Key Deployment -- How? ... and various SSH FAQs for, and haven't come up with very much, so I -do- ... we're trying to encourage people to use public keys and passphrases ... OpenSSH is that there aren't any particularly obvious ways to distribute ... We have an institutional LDAP user directory, ... (comp.security.ssh) Re: question regarding SSH and interoperability with PKI ... OpenSSH read user identity and server host keys from files in PEM format. ... After this is good to create OpenSSH public key - command is: ... (SSH)