search for: ssh_host_ed25519

.../usr/local/libexec/ssh-keysign* > > ls -al /usr/local/etc/ssh/ssh.client.ed25519* > -rw-------+ 1 root root 517 May 9 2014 /usr/local/etc/ssh/ssh.client.ed25519 > -rw-r--r--+ 1 root root 107 May 9 2014 /usr/local/etc/ssh/ssh.client.ed25519.pub > Err, those _should_ be ssh_host_ed25519 and ssh_host_ed25519.pub. > > server > > ls -al /usr/local/libexec/ssh-keysign > -rwsr-xr-x+ 1 root root 455K Oct 11 06:51 /usr/local/libexec/ssh-keysign* > > ls -al /usr/local/etc/ssh/ssh.server.ed25519* > -rw-------+ 1 root root 464 May 10 2014 /usr/local/et...

...ssh-keysign executable and grep for ssh_host ed25519 to confirm the expected location for the host key. Make sure that the key can be found in the expected location, and that the public key is world-readable, but that the private key is readable only by root. Note, if you do not see a reference to ssh_host_ed25519 in the above strings output, the ssh-keysign executable is from an older distribution that does not support ED25519. Given that possibility, you might try adding the ECDSA key for the client to the ssh_known_hosts file on the server. -- Iain Morgan

I run OpenSSH on linux @ client which ssh /usr/local/bin/ssh ssh -v OpenSSH_6.7p1, OpenSSL 1.0.1j 15 Oct 2014 @ server which sshd /usr/local/bin/sshd sshd -v unknown option -- V OpenSSH_6.7p1, OpenSSL 1.0.1j 15 Oct 2014 usage: sshd [-46DdeiqTt] [-b bits] [-C connection_spec] [-c host_cert_file] [-E log_file] [-f config_file] [-g login_grace_time]

Hi, On Fri, Jan 9, 2015, at 10:48 AM, Tim Rice wrote: > My ssh_config has > Host * > HostbasedAuthentication yes > EnableSSHKeysign yes > NoHostAuthenticationForLocalhost yes > > NoHostAuthenticationForLocalhost is not necessary. > The one you are missing is EnableSSHKeysign. > > Additionally, you made no mention of your ssh_known_hosts files. Make > sure