Date: Tue, 30 Aug 2005 15:52:56 -0400 (EDT) From: "Dan Mahoney, System Admin" <danm@prime.gushi.org> To: questions@freebsd.org Subject: ssh behavior changes after upgrade to 4.1-portable Message-ID: <20050830154305.Y71390@prime.gushi.org>
next in thread | raw e-mail | index | archive | help
Hey all, I just upgraded to the latest 4.1-portable openssh, and now when trying to log into my system I get the following: danm@box:/etc/ssh$ ssh danm@prime.gushi.org WARNING: DSA key found for host prime.gushi.org in /home/danm/.ssh/known_hosts:1 DSA key fingerprint d9:07:d0:eb:89:3d:04:73:33:e8:05:1c:6d:06:af:6b. The authenticity of host 'prime.gushi.org (65.125.228.130)' can't be established but keys of different type are already known for this host. RSA key fingerprint is ed:53:bd:52:65:9d:9d:9f:e8:bf:71:2a:82:03:1b:38. Are you sure you want to continue connecting (yes/no)? I have *always* had DSA *and* RSA keys available. Does the upgrade cause the server to offer the keys in a different order of some sort? According to a post on googlegroups (search for ssh patchset), this is because the SSH built into the OS prefers DSA to RSA, but openSSH prefers RSA to DSA Why neither the builtin nor openssh-portable has this as a config file variable is beyond me -- nor why the security/openssh-portable doesn't make the same patch. Is there any way I can force the thing to go back to its old behavior? -Dan Mahoney -- "You're a nomad billygoat!" -Juston, July 18th, 2002 --------Dan Mahoney-------- Techie, Sysadmin, WebGeek Gushi on efnet/undernet IRC ICQ: 13735144 AIM: LarpGM Site: http://www.gushi.org ---------------------------
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050830154305.Y71390>