Re: PuTTY failing "Server's host key did not match the signature supplied" suddenly

On 11 Mar, 22:04, p...@xxxxxxxxxxxx (Per Hedeland) wrote:
In article
<fd9048c1-a1be-4bec-85dd-a432293b1...@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>





Raymond <rpa...@xxxxxxxxx> writes:
On Mar 11, 11:51 am, comph...@xxxxxxxxx (Todd H.) wrote:
On Mar 11, 9:44 am, comph...@xxxxxxxxx (Todd H.) wrote:
Raymond <rpa...@xxxxxxxxx> writes:
debug1: Found key in /home/xxxx/.ssh/known_hosts:2
RSA_public_decrypt failed: error:0407006A:rsa
routines:RSA_padding_check_PKCS1_type_1:block type is not 01
debug1: ssh_rsa_verify: signature incorrect
key_verify failed for server_host_key

Same deal here... lop out the localhost entry and try again.  

If this doesnt' fix it,  I'd look up the docs to generate new RSA and DSA
keys on the server end and regenerate those and see if it can be
brought to happiness.  

Perhaps others with more admin experience could lend other insight.
Normally I'd sit these questions out, but hopefully I get ya pointed
in the right direction.

It seems that the server's public and private keys don't match up -
i.e. it sends the public key, and then the signature it produces by
using its private key can not be verified with that public key, because
they're not a "pair". In which case your suggestion to re-generate the
keys should take care of it (though some investigation into how this
situation arose might be appropriate for someone with even minimal
paranoia...).

Regenerating new RSA and DSA keys for the server didn't help.
Removing .ssh/known_hosts and re-adding the server keys again didn't
help either.

Which would seem to refute that theory - except... - if you aren't
actually looking for (and generating) the keys in the same place that
the server is looking for them. Are you 100% sure that the server you
are currently running (which may or may not be using
/etc/ssh/sshd_config) looks for /etc/ssh/ssh_host_[rd]sa_key*? A quick
first check: Did the public key fingerprint, as reported by the client,
change when you had re-generated the keys?

Any other suggestions will be greatly appreciated.

Well, maybe a long shot, but I tried...:-)

--Per Hedeland
p...@xxxxxxxxxxxxx Hide quoted text -

- Show quoted text -

Hmmmm. I wonder if our faithful poster has a root-kitted box with
someone else's SSH server installed on it? Or has a network setup that
is passing along the SSH connection to an unexpected server, such as a
NAT setup?
.

Relevant Pages

  • RE: SBS SHared Printer Problem
    ... Does this issue happen for all the client workstations? ... If you try printing on the SBS server, ... Clear the registry keys and the driver on both the server and the client ... Microsoft Shared Fax Monitor ...
    (microsoft.public.windows.server.sbs)
  • Re: SBS SHared Printer Problem
    ... They are shared from the server. ... please right click following registry keys and click ... Microsoft Shared Fax Monitor ... Install the latest driver for the printer and check if the issue ...
    (microsoft.public.windows.server.sbs)
  • Re: SSH as root
    ... Subject: SSH as root ... >> compromised that allows someone to ssh into another server without any ... > exposed, however if you used keys, private key would not be. ... >> into Server B and compromise it as well. ...
    (SSH)
  • RE: sshd / ssh setup
    ... USA server and his windows/xp notebook to use SSH. ... followed sshd instruction and built ... and require users to submit keys. ...
    (freebsd-questions)
  • Keys server, private
    ... I have the need to have a private key server (Not serving private ... especially when posting keys from client to the server. ... as I cannot enforce the client to use! ...
    (comp.security.pgp.discuss)