search for: ssh_host_

I. most of ssh manual and all sshd manual present server and client as one machine, called host. All files mentioned are placed on one machine. This is incorrect, and makes the explanation unclear. For example, man sshd SSH_KNOWN_HOSTS FILE FORMAT suggests to copy keys from /etc/ssh/ssh_host_key.pub into /etc/ssh/ssh_known_hosts, as if those files are on the same machine. II. a general presentation of ssh workings is missing, and makes the decryption of those manuals even more difficult. i suppose, but i am not sure that: both encrypt their messages with the encryption keys in: /et...

I have some machines that send ssh commands to a load balancer appliance that is really a pair of machines that can fail over to each other. The ssh keys are set up on both targets, but whenever the active target is changed, ssh issues a warning about a "man-in-the-middle" attack also goes to the log and the console which tends to alarm the operators. Setting the strict host check

...l tasksel/first multiselect standard + +d-i pkgsel/include string openssh-server, ntp, ntpdate + +d-i finish-install/reboot_in_progress note + + +END +#$xopts{ExtraPreseed} + + my $authkeys= authorized_keys(); + + my $hostkeyfile= "$c{OverlayLocal}/etc/ssh/ssh_host_rsa_key"; + my $host_rsa_key= get_filecontents($hostkeyfile); + chomp($host_rsa_key); $host_rsa_key.="\n"; + + preseed_hook_command($ho, ''late_command'', $sfx, <<END); +#!/bin/sh +set -ex + +r=/target/root +cd \$r + +umask 022 +mkdir .ssh +cat <<&...

...IR=/var -source ${CSIH_SCRIPT} - port_number=22 privsep_configured=no privsep_used=yes @@ -46,29 +71,48 @@ opt_force=no # Routine: create_host_keys # ====================================================================== create_host_keys() { + local ret=0 + if [ ! -f "${SYSCONFDIR}/ssh_host_key" ] then csih_inform "Generating ${SYSCONFDIR}/ssh_host_key" - ssh-keygen -t rsa1 -f ${SYSCONFDIR}/ssh_host_key -N '' > /dev/null + if ! /usr/bin/ssh-keygen -t rsa1 -f ${SYSCONFDIR}/ssh_host_key -N '' > /dev/null + then + csih_warning &quo...

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Hello, I read and find a way (well, there seems to be several equal implementations) to collect the ssh keys of machines. However they all give only the choice to choose between the key formats. But is there a way to collect both keys of a machine, the rsa _and_ the dss key (and maybe the rsa1 too)? I didn''t find a way to solve this as

ine-imac-andy:~ andy$ ssh 141.52.135.21 @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! Someone could be eavesdropping on you right now (man-in-the-middle attack)! It is also possible that a host key has just been

...3.1p1. But it is giving "Bad packet length" error when I run sshd with default config file. On further investigation I found that the error is coming only for the cipher algorithm "aes128-cbc". Also the error comes only when I don't specify any protocol file (/usr/local/etc/ssh_host_[rd]sa_key) or specify only "protocol 2" files. I tried all other cipher algorithms with the "-c" option and it works fine with them. I also changed the sshd config file (/usr/local/etc/sshd_config in my case), and it again worked fine when "aes128-cbc" was not include...