From owner-freebsd-questions@FreeBSD.ORG Mon Jun 9 09:58:52 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B558837B401 for ; Mon, 9 Jun 2003 09:58:52 -0700 (PDT) Received: from mx1.clickcom.com (mx2.clickcom.com [209.198.22.7]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0052943FB1 for ; Mon, 9 Jun 2003 09:58:52 -0700 (PDT) (envelope-from jsmailing@clickcom.com) Received: from aesop (calefaction.clickcom.com [209.198.22.19]) by mx1.clickcom.com (email) with ESMTP id 38922CB2FF; Mon, 9 Jun 2003 12:58:49 -0400 (EDT) From: "John Straiton" To: "'Thomas Park'" , Date: Mon, 9 Jun 2003 12:56:52 -0400 Message-ID: <000f01c32ea8$23a95830$1916c60a@win2k.clickcom.com> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.2627 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2727.1300 Importance: Normal In-Reply-To: <001001c32ea5$e95bb990$11640a0a@titanium> Subject: RE: /dev/tty keeps changing permissions..? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 09 Jun 2003 16:58:53 -0000 > I'm pretty sure the ssh problem is with /dev/tty - I've > scoured quite a > few message boards and newsgroups looking for a solution to the SSH > problem. The symptom:a user who doesn't currently own > /dev/tty attempts > to open an outbound SSH session and gets a permission denied > error with > an error message along the lines of "Host key verification > failed." SCP > likewise doesn't work. That error message is usually because you're ssh'ing to boxen whos public key has changed. The quick and easy fix? (which will reset all keys and break any possible passwordless-ssh stuff you have setup) root@yourmachine# find / -name "known_hosts" -exec rm {} \; The correct fix? Open up your known_hosts file for every user that has this problem and remove the entry for the machine you're trying to ssh to, then save it. This of course could be scripted. By changing the permissions on the /dev/tty device, you might be causing the ssh client to poll another user's (perhaps root?) known_hosts which may have a correct entry in it instead of an old public key. One thing you can try to verify this might be to ssh to the machine's ip if you're used to doing it to the name. If it's never been ssh'ed to before (as the IP), it should ask you to confirm the new key and then let you in. John Straiton jks@clickcom.com Clickcom, Inc 704-365-9970x101