openssh unix dev - May 2000 - SSH v2 known-hosts problem.

When I connect from machine A to machine B, using ssh protocol 2, both
running openssh2.1.0, there is a problem with comparing server DSA
public keys to ~/.ssh/known_hosts2.

The first time, it says
The authenticity of host 'B' can't be established.
DSA key fingerprint is blah-blah-blah
Are you sure you want to continue connecting (yes/no)?

If I type 'yes', it gets added to ~/.ssh/known_hosts2.
(as it should).  An entry gets added like:
B,1.2.3.4 ssh-dss blah-blah-blah

However, if I disconnect and connect again, it still says:
The authenticity of host 'B' can't be established.
DSA key fingerprint is blah-blah-blah
Are you sure you want to continue connecting (yes/no)?

If I say yes, it creates an identical second line to
~/.ssh/known_hosts2.  Somewhere a comparison isn't working.

An strace indicates that the ssh client indeed reads
~/.ssh/known-hosts2.  The entry looks like the system B
ssh_host_dsa_key.pub, so I assume the server is sending its DSA key.


-- 
Kind regards,				  
Berend                                  
                                        
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-Berend De Schouwer, +27-11-712-1435, UCS

could you please send me the public key?  (and the private key if
you want to generate a new host key)

On Thu, May 18, 2000 at 05:04:34PM +0200, Berend De Schouwer
wrote:
> When I connect from machine A to machine B, using ssh protocol 2, both
> running openssh2.1.0, there is a problem with comparing server DSA
> public keys to ~/.ssh/known_hosts2.
> 
> The first time, it says
> The authenticity of host 'B' can't be established.
> DSA key fingerprint is blah-blah-blah
> Are you sure you want to continue connecting (yes/no)?
> 
> If I type 'yes', it gets added to ~/.ssh/known_hosts2.
> (as it should).  An entry gets added like:
> B,1.2.3.4 ssh-dss blah-blah-blah
> 
> However, if I disconnect and connect again, it still says:
> The authenticity of host 'B' can't be established.
> DSA key fingerprint is blah-blah-blah
> Are you sure you want to continue connecting (yes/no)?
> 
> If I say yes, it creates an identical second line to
> ~/.ssh/known_hosts2.  Somewhere a comparison isn't working.
> 
> An strace indicates that the ssh client indeed reads
> ~/.ssh/known-hosts2.  The entry looks like the system B
> ssh_host_dsa_key.pub, so I assume the server is sending its DSA key.
> 
> 
> -- 
> Kind regards,				  
> Berend                                  
>                                         
> -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-> Berend De Schouwer,
+27-11-712-1435, UCS
> 
>

Berend De Schouwer wrote:
> 
> However, if I disconnect and connect again, it still says:
> The authenticity of host 'B' can't be established.
> DSA key fingerprint is blah-blah-blah
> Are you sure you want to continue connecting (yes/no)?
	I have the same problem, with the same openssh-2.1.0 on multiple Red Hat 6.2
machines, installed from RPMs.

-- 
Florin Andrei
mailto:florin at linuxstart.com	http://members.linuxstart.com/~florin/
tel: +40-93-261162