Re: OSX (OpenSSH) to GNU (SSH2) server authentication problemsFrom: Richard E. Silverman (firstname.lastname@example.org)
- Next message: Joonas Saarinen: "Re: SSH doesn't work without a user logged in?"
- Previous message: chris: "Re: ssh without password"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: email@example.com (Richard E. Silverman) Date: 31 Dec 2001 20:53:42 -0500
>>>>> "MM" == Mark Moorcroft <firstname.lastname@example.org> writes:
MM> It's not clear to me why OSX keygen creates the public and private
MM> keys in different formats?
I don't know whether you're referring to the fact that the corresponding
public and private key files for a single key are different, or that the
formats used for both by OpenSSH and SSH2 are different. However, in any
case there are no SSH-specific standards for any of this, so implementors
are free to do whatever they like.
>> This simply means that you have no hostkey entry at all on your OSX
>> box for the he.net server -- get its public hostkeys and place
>> entries for them in your personal or global known-hosts lists
>> (~/.ssh/known_hosts or /etc/ssh_known_hosts).
MM> Would that be known_hosts2 ?? I had already done that many times
OpenSSH versions 2.9.9 have dispensed with the "2"-suffixed files, looking
for all keys in a single file (though for now OpenSSH still reads the "2"
files as well).
>> This indicates that you already have a hostkey for your OSX box on the
>> client host, and it is incorrect; you need to replace it (in the file
>> indicated) with the current one.
MM> I have done so many, many times with the same result. Both by file
MM> transfer and copy/paste methods.
Are you sure you are using the host key, and not some key you generated
yourself for user authentication? Since you glossed over that distinction
in your first post, and again slipped into talking about public-key *user*
authentication at the end of this post, I am suspicious. To be specific:
you would need to convert the OpenSSH host key on the OSX box thus:
% ssh-keygen -e -f /etc/ssh_host_dsa_key.pub
and place the result in the indicated file on the SSH2 box.
-- Richard Silverman email@example.com