From owner-freebsd-stable@FreeBSD.ORG Wed Mar 31 14:03:48 2004 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 203C216A4CE for ; Wed, 31 Mar 2004 14:03:48 -0800 (PST) Received: from fep04-mail.bloor.is.net.cable.rogers.com (fep04-mail.bloor.is.net.cable.rogers.com [66.185.86.74]) by mx1.FreeBSD.org (Postfix) with ESMTP id 86B7F43D1F for ; Wed, 31 Mar 2004 14:03:47 -0800 (PST) (envelope-from desjardins@canada.com) Received: from gateway.lan.daren.ca ([65.49.123.132]) by fep04-mail.bloor.is.net.cable.rogers.comESMTP <20040331220255.DKTH163224.fep04-mail.bloor.is.net.cable.rogers.com@gateway.lan.daren.ca>; Wed, 31 Mar 2004 17:02:55 -0500 Received: from [216.130.212.41] (account daren@daren.ca HELO [216.130.212.41]) by gateway.lan.daren.ca (CommuniGate Pro SMTP 4.1.8) with ESMTP id 220809; Wed, 31 Mar 2004 17:03:46 -0500 From: Daren Desjardins To: David.E.Tweten@nasa.gov In-Reply-To: <3458.1080769751@gilmore.nas.nasa.gov> References: <3458.1080769751@gilmore.nas.nasa.gov> Content-Type: text/plain Message-Id: <1080770631.43045.36.camel@lithium.stabilia.com> Mime-Version: 1.0 X-Mailer: Ximian Evolution 1.4.6 Date: Wed, 31 Mar 2004 17:03:51 -0500 Content-Transfer-Encoding: 7bit X-Authentication-Info: Submitted using SMTP AUTH LOGIN at fep04-mail.bloor.is.net.cable.rogers.com from [65.49.123.132] using ID at Wed, 31 Mar 2004 17:02:55 -0500 cc: freebsd-stable@freebsd.org Subject: Re: SSH issues with 4.9 stable (key_verify failed for server_host_key) X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 31 Mar 2004 22:03:48 -0000 Ive tried removing the known_hosts file already unfortunately. I did not include the ssh command I was running, but I am not trying to log in as root. I was using 'ssh -v user@host.com' Just to ensure there is no misunderstanding, the output when I the known_host entry is removed is included below. [root@lithium .ssh]#/usr/obj/usr/src/secure/usr.bin/ssh/ssh daren@daren.ca The authenticity of host 'daren.ca (65.49.123.132)' can't be established. DSA key fingerprint is 31:b1:cf:32:4f:86:9f:fe:e2:39:4a:63:e6:4f:ee:fb. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added 'daren.ca,65.49.123.132' (DSA) to the list of known hosts. key_verify failed for server_host_key [root@lithium .ssh] On Wed, 2004-03-31 at 16:49, Dave Tweten wrote: > desjardins@canada.com said: > >debug1: ssh_dss_verify: signature incorrect > >key_verify failed for server_host_key > > You may be suffering from the confusion I mentioned in my prevoious > message -- if daren.ca's public key has changed since you began trying to > make SSH work. > > Get rid of /root/.ssh/known_hosts. If it's valuable, rename it. > Otherwise just delete it. Now when you use the option I suggested in my > previous message, SSH will ask you the question. After you answer yes, it > will store daren.ca's current public machine key in /root/.ssh/known_hosts. > > Incidently, if you use my sshd_config file, you won't be able to log in > interactively as root.