HPE Community
Operating System - HP-UX
1752292 Members
4621 Online
108786 Solutions
New Discussion юеВ

Re: Host key verification failed.

 
SOLVED
Go to solution
Bob Manocchia
Regular Advisor

тАО02-09-2010 07:07 AM

тАО02-09-2010 07:07 AM

Re: Host key verification failed.

I renamed the /root/.ssh/known_hosts file on server2. There is no known_hosts file on server1. I then did ssh bmanocc@server2 and I get the same error.
0 Kudos
Steven Schweda
Honored Contributor

тАО02-09-2010 07:07 AM

тАО02-09-2010 07:07 AM

Re: Host key verification failed.

> HP-UX Secure Shell-A.04.00.000, HP-UX Secure Shell version

Not the latest version available, by the way.

http://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=T1471AA

> debug2: no key of type 0 for host server2

> debug2: no key of type 2 for host server2

Apparently, you don't have host key data for
server2 in any of the expected host key data
files.

> Try removing [...]

If it's there.

Normally, the SSH client is configured to
import a missing host key the first time a
user tries to connect to a server. Looks
like this:

[...]
Host key not found from the list of known hosts.
Are you sure you want to continue connecting (yes/no)?
[...]

There's an option in the SSH client
configuration file(s) ("~/.ssh/config",
"/opt/ssh/etc/ssh_config", ... ?) which will
disable this sort of automatic host key
handling. "man ssh_config", look for
"StrictHostKeyChecking", then look at your
SSH client configuration file(s) to see if
that's set to "yes". Enabling sloppy host
key checking ("ask" is probably a little
safer than "no") might be good. Otherwise,
someone needs to add the new host key(s)
manually to a known-keys file for every new
server.

> I can run sftp from server2 to server1 ok
> but not from server1 to server2.

And did you compare the "-v[vv]" transcripts
for the two directions? (I see only one.)
0 Kudos
Steven Schweda
Honored Contributor

тАО02-09-2010 07:31 AM

тАО02-09-2010 07:31 AM

Re: Host key verification failed.

> One more question. Do I remove the entry
> from the know_hosts file on
> server1(originating ssh) or on server2
> (destination for the ssh command)

known_hosts data are kept on the SSH client,
and describe the servers to which that client
has connected or may connect.

You might also compare file/directory
ownership and permissions between the two
systems. I know nothing, but perhaps the SSH
client ignores known_hosts files which it
can't read, or which anyone on the planet can
write.
0 Kudos
Steven Schweda
Honored Contributor

тАО02-09-2010 07:39 AM

тАО02-09-2010 07:39 AM

Re: Host key verification failed.

> There is no known_hosts file on server1.

You do have write permission in your own
"~/.ssh" directory, right?

Can you do ssh from server1 to server1? (I
assume that server2 to server2 works.) Or
server1 to anywhere? Depending on that SSH
client configuration option, I'd expect the
SSH client to create a local known_hosts file
the first time it gets close to connecting to
any other system.
0 Kudos
Bob Manocchia
Regular Advisor

тАО02-09-2010 07:54 AM

тАО02-09-2010 07:54 AM

Re: Host key verification failed.

I installed the latest version of Secure Shell and it works fine in all directions.
I have assigned points. Thanks for all your help.
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.