Date: Sat, 10 Jul 2010 23:04:57 -0400 From: Dan Langille <dan@langille.org> To: FreeBSD Stable <freebsd-stable@freebsd.org> Subject: Authentication tried for XXX with correct key but not from a permitted host Message-ID: <4C3934D9.3030501@langille.org>
next in thread | raw e-mail | index | archive | help
This is more for the record than asking a specific question. Today I upgraded a system to FreeBSD 8.1-PRERELEASE. Then I started seeing these messages when I ssh to said box with an ssh-agent enabled connection: Jul 11 03:43:06 ngaio sshd[30290]: Authentication tried for dan with correct key but not from a permitted host (host=laptop.example.org, ip=10.0.0.100). Jul 11 03:43:07 ngaio sshd[30290]: Authentication tried for dan with correct key but not from a permitted host (host=laptop.example.org, ip=10.0.0.100). Jul 11 03:43:07 ngaio sshd[30290]: Accepted publickey for dan from 10.0.0.100 port 53525 ssh2 My questions were: 1 - how do I set a permitted host? 2 - why is the message logged twice? That asked, I know if I move the key to the top of the ~/.ssh/authorized_keys file, the message is no longer logged. Further investigation reveals that if a line of the form: from="10..etc" appears before the key being used to log in, the message will appear. Solution: move the from= line to the bottom of the file. Ugly, but it works. -- Dan Langille - http://langille.org/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4C3934D9.3030501>