Date: Wed, 31 Mar 2004 14:50:34 -0500 From: Daren Desjardins <desjardins@canada.com> To: freebsd-stable@freebsd.org Subject: Re: SSH issues with 4.9 stable (key_verify failed for server_host_key) Message-ID: <1080762634.43045.26.camel@lithium.stabilia.com> In-Reply-To: <1080746795.43045.1.camel@lithium.stabilia.com> References: <1080674620.72899.3.camel@lithium.stabilia.com> <1080746795.43045.1.camel@lithium.stabilia.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Sigh... Thought I had it figured out but it wasnt. A friend also did an 4.9 release to 4.9stable upgrade and ran into the exact same problem. I spent time comparing the ssh -v output for the ssh(3.5) that is in the base, with the openssh(3.6) in the packages, and the newest ssh from openssh (3.8). The main thing I noticed is that the openssh in the base is the only one not working. Further, the OpenSSL version reported differs and that the base system seems to force a DSA host key authentication, whereas the port and openssh release use RSA (As seen in the included dumps). The machine is using a default(empty) ssh_config and sshd_config. I went through pretty much every google(web/groups) article I could find with no success. Even the ones that suggested turning off compiler optimizations... (Base ssh) OpenSSH_3.5p1 FreeBSD-20030924, SSH protocols 1.5/2.0, OpenSSL 0x0090703f debug1: Host 'x.x' is known and matches the DSA host key. debug1: Found key in /root/.ssh/known_hosts:8 debug1: bits set: 1602/3191 debug1: ssh_dss_verify: signature incorrect (Notice dss here) key_verify failed for server_host_key debug1: Calling cleanup 0x804c158(0x0) (Openssh release 3.8p1) OpenSSH_3.8p1, SSH protocols 1.5/2.0, OpenSSL 0.9.7c-p1 30 Sep 2003 debug1: Host 'daren.ca' is known and matches the RSA host key. debug1: Found key in /root/.ssh/known_hosts:9 debug1: ssh_rsa_verify: signature correct (Notice rsa here) debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: SSH2_MSG_SERVICE_REQUEST sent debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey,password,keyboard-interactive debug1: Next authentication method: keyboard-interactive Password:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1080762634.43045.26.camel>