From owner-freebsd-stable@FreeBSD.ORG Wed Mar 24 18:32:56 2004 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 56AE016A4D0 for ; Wed, 24 Mar 2004 18:32:56 -0800 (PST) Received: from probity.mcc.ac.uk (probity.mcc.ac.uk [130.88.200.94]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7B82343D31 for ; Wed, 24 Mar 2004 18:32:55 -0800 (PST) (envelope-from jcm@FreeBSD-uk.eu.org) Received: from dogma.freebsd-uk.eu.org ([130.88.200.97]) by probity.mcc.ac.uk with esmtp (Exim 4.20) id 1B6Kft-000Bep-8s; Thu, 25 Mar 2004 02:32:53 +0000 Received: from dogma.freebsd-uk.eu.org (localhost [127.0.0.1]) i2P2WqVi065316; Thu, 25 Mar 2004 02:32:52 GMT (envelope-from jcm@dogma.freebsd-uk.eu.org) Received: (from jcm@localhost) by dogma.freebsd-uk.eu.org (8.12.10/8.12.6/Submit) id i2P2Wpl6065315; Thu, 25 Mar 2004 02:32:52 GMT Date: Thu, 25 Mar 2004 02:32:51 +0000 From: Jonathon McKitrick To: "Christian W. Sung" Message-ID: <20040325023251.GA61864@dogma.freebsd-uk.eu.org> References: <20040221202305.GA78752@dogma.freebsd-uk.eu.org> <000e01c3f8bc$9ee42dc0$efe8fea9@unixsmith.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <000e01c3f8bc$9ee42dc0$efe8fea9@unixsmith.com> User-Agent: Mutt/1.4i X-Spam-Score: -4.9 (----) X-Scanner: exiscan for exim4 (http://duncanthrax.net/exiscan/) *1B6Kft-000Bep-8s*YavYQDXYIlE* cc: freebsd-stable@freebsd.org Subject: Re: ssh no longer connecting automatically X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 25 Mar 2004 02:32:56 -0000 On Sat, Feb 21, 2004 at 03:52:27PM -0500, Christian W. Sung wrote: : : If you have the time and patience, let's try this step by step (we run a : bunch of BSD boxen and do keep them mostly kind-of up-to-date with the : new releases, so we go through this nuissance every now and then as : well... (here's the mandatory commercial plug: : http://www.UNIXsmith.com). So, let's do the following: : : As *yourself*, not as root, do: : : 1. ssh-keygen -t rsa, and don't use a password to protect the key. neptune:~> ssh-keygen -t rsa Generating public/private rsa key pair. Enter file in which to save the key (/home/jcm/.ssh/id_rsa): /home/jcm/.ssh/id_rsa already exists. Overwrite (y/n)? y Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/jcm/.ssh/id_rsa. Your public key has been saved in /home/jcm/.ssh/id_rsa.pub. The key fingerprint is: ee:25:a2:a1:dc:97:91:19:45:4c:e6:69:12:9b:4d:5b jcm@neptune neptune:~> : 2. Copy the resulting id_rsa.pub to ~/.ssh/authorized_keys2 on the : remote machine you're trying to access, and if there's an : authorized_keys (without the ending 2), copy the key there as well. neptune:~> scp .ssh/id_rsa.pub jcm@dogma.freebsd-uk.eu.org:keys2 key_verify failed for server_host_key lost connection neptune:~> scp -1 .ssh/id_rsa.pub jcm@dogma.freebsd-uk.eu.org:keys2 Password: Response: id_rsa.pub 100% 221 0.2KB/s 00:00 neptune:~> ssh -1 jcm@dogma.freebsd-uk.eu.org Password: Response: Last login: Thu Mar 25 01:38:48 2004 from gnapsny2-ppp78. Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994 The Regents of the University of California. All rights reserved. FreeBSD 4.9-STABLE (DOGMA) #1: Sat Nov 29 22:39:46 GMT 2003 +---------------------------------------------------------------+ | FreeBSD UKUG Server - Dogma.freebsd-uk.eu.org | +---------------------------------------------------------------+ | | | 08/02/02 IMPORTANT ANNOUCEMENT (Migration Notice) | | ---------------------------------------- | | Due to the increasing popularity of the UKUG the | | ukug.uk.FreeBSD.org website has been migrated to a | | different server. | | | | The new name of the web server running on Dogma is | | users.uk.FreeBSD.org. Please note that users | | web-pages should now be advertised as: | | http://users.uk.FreeBSD.org/~username/ | | | +---------------------------------------------------------------+ | Acceptable Use Policy can be viewed by typing 'aup' | +---------------------------------------------------------------+ Mollison's Bureaucracy Hypothesis: If an idea can survive a bureaucratic review and be implemented it wasn't worth doing. dogma:~> dogma:~/.ssh> grep neptune * zsh: no matches found: * dogma:~/.ssh> cd .. dogma:~> ls 500.portsupdate dminit.txt lib/ accounts-318.tar dmsg mail/ accounts.bz2 dmsg.out mytest.sh* anon@ filez.tar openbackup/ bin/ freebackup/ postponed cfgfiles.tar.bzip2 jy.tar public_html/ data/ keys2 toarch/ dogma:~> mv keys2 .ssh/authorized_keys2 dogma:~> ls .ssh authorized_keys2 dogma:~> : 3. Remove all references to dogma.freebsd-uk.eu.org from your : known-hosts file, and on the remote machine, remove all references to : 'neptune' or whatever your hostname happens to be. This will ensure all : keys are regenerated the first time you attempt to communicate with the : remote. neptune:~> cd .ssh neptune:~/.ssh> ls id_rsa id_rsa.pub neptune:~/.ssh> : 4. This should have taken care of the problem altogether. If not, let : me now and we'll work together until it goes away and you are once again : a happy camper.... I am still neither camping nor happy. :-( neptune:~> ssh jcm@dogma.freebsd-uk.eu.org The authenticity of host 'dogma.freebsd-uk.eu.org (130.88.200.97)' can't be established. DSA key fingerprint is c4:81:d6:8d:48:0e:39:ba:b3:40:e2:52:62:18:d4:f5. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added 'dogma.freebsd-uk.eu.org,130.88.200.97' (DSA) to the list of known hosts. key_verify failed for server_host_key neptune:~> jm -- My other computer is your Windows box.