When I connect from machine A to machine B, using ssh protocol 2, both
running openssh2.1.0, there is a problem with comparing server DSA
public keys to ~/.ssh/known_hosts2.
The first time, it says
The authenticity of host 'B' can't be established.
DSA key fingerprint is blah-blah-blah
Are you sure you want to continue connecting (yes/no)?
If I type 'yes', it gets added to ~/.ssh/known_hosts2.
(as it should). An entry gets added like:
B,1.2.3.4 ssh-dss blah-blah-blah
However, if I disconnect and connect again, it still says:
The authenticity of host 'B' can't be established.
DSA key fingerprint is blah-blah-blah
Are you sure you want to continue connecting (yes/no)?
If I say yes, it creates an identical second line to
~/.ssh/known_hosts2. Somewhere a comparison isn't working.
An strace indicates that the ssh client indeed reads
~/.ssh/known-hosts2. The entry looks like the system B
ssh_host_dsa_key.pub, so I assume the server is sending its DSA key.
--
Kind regards,
Berend
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-Berend De Schouwer, +27-11-712-1435, UCS
could you please send me the public key? (and the private key if you want to generate a new host key) On Thu, May 18, 2000 at 05:04:34PM +0200, Berend De Schouwer wrote:> When I connect from machine A to machine B, using ssh protocol 2, both > running openssh2.1.0, there is a problem with comparing server DSA > public keys to ~/.ssh/known_hosts2. > > The first time, it says > The authenticity of host 'B' can't be established. > DSA key fingerprint is blah-blah-blah > Are you sure you want to continue connecting (yes/no)? > > If I type 'yes', it gets added to ~/.ssh/known_hosts2. > (as it should). An entry gets added like: > B,1.2.3.4 ssh-dss blah-blah-blah > > However, if I disconnect and connect again, it still says: > The authenticity of host 'B' can't be established. > DSA key fingerprint is blah-blah-blah > Are you sure you want to continue connecting (yes/no)? > > If I say yes, it creates an identical second line to > ~/.ssh/known_hosts2. Somewhere a comparison isn't working. > > An strace indicates that the ssh client indeed reads > ~/.ssh/known-hosts2. The entry looks like the system B > ssh_host_dsa_key.pub, so I assume the server is sending its DSA key. > > > -- > Kind regards, > Berend > > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-> Berend De Schouwer, +27-11-712-1435, UCS > >
Berend De Schouwer wrote:> > However, if I disconnect and connect again, it still says: > The authenticity of host 'B' can't be established. > DSA key fingerprint is blah-blah-blah > Are you sure you want to continue connecting (yes/no)?I have the same problem, with the same openssh-2.1.0 on multiple Red Hat 6.2 machines, installed from RPMs. -- Florin Andrei mailto:florin at linuxstart.com http://members.linuxstart.com/~florin/ tel: +40-93-261162