From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from pigeon.gentoo.org ([208.92.234.80] helo=lists.gentoo.org) by finch.gentoo.org with esmtp (Exim 4.60) (envelope-from ) id 1PsfwL-0005nZ-I7 for garchives@archives.gentoo.org; Thu, 24 Feb 2011 18:29:25 +0000 Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id A8D091C07C for ; Thu, 24 Feb 2011 18:29:24 +0000 (UTC) Received: from mta4.srv.hcvlny.cv.net (mta4.srv.hcvlny.cv.net [167.206.4.199]) by pigeon.gentoo.org (Postfix) with ESMTP id 9D23BE079C for ; Thu, 24 Feb 2011 18:09:34 +0000 (UTC) Received: from [192.168.0.4] (ool-43505ef2.dyn.optonline.net [67.80.94.242]) by mta4.srv.hcvlny.cv.net (Sun Java System Messaging Server 6.2-8.04 (built Feb 28 2007)) with ESMTP id <0LH4005LKVRWRC90@mta4.srv.hcvlny.cv.net> for gentoo-user@lists.gentoo.org; Thu, 24 Feb 2011 13:09:33 -0500 (EST) Date: Thu, 24 Feb 2011 13:09:22 -0500 From: dhk Subject: Re: [gentoo-user] ssh problem In-reply-to: To: gentoo-user@lists.gentoo.org Message-id: <4D669ED2.2060108@optonline.net> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-version: 1.0 Content-type: text/plain; charset=ISO-8859-1 Content-transfer-encoding: 7BIT X-Enigmail-Version: 1.1.2 References: <4D63A165.4000007@optonline.net> <20110223084613.833972569@data.antarean.org> <4D665A51.7050304@optonline.net> User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.13) Gecko/20110105 Lightning/1.0b3pre Thunderbird/3.1.7 X-Archives-Salt: X-Archives-Hash: 59005c6233c839c5a5d30b274d8977d1 On 02/24/2011 08:53 AM, Mick wrote: > On 24 February 2011 13:17, dhk wrote: >> On 02/23/2011 03:42 AM, Joost Roeleveld wrote: >>> On Tuesday 22 February 2011 14:51:31 Mick wrote: >>>> On 22 February 2011 14:19, wrote: >>>>> ----- Original Message ----- >>>>> From: Mick >>>>> >>>>>> There was a change in the default ssh encryption algorithm. You may >>>>>> want to check if that is causing the problem. >>>>> >>>>> How would I do that? >>>> >>>> By examining your config files? Previously your keys would be in >>>> ~/.ssh/id_dsa[rsa].pub, but now with ECDSA being the default they >>>> would be in ~/.ssh/id_ecdsa.pub >>>> >>>> I recall something being mentioned in the elog asking to regenerate >>>> the key-pair. >>>> >>>> HTH. >>> >>> If this is the case, you could try speciying your key on the command-line >>> using the "-i" flag: >>> >>> # ssh -i .ssh/id_dsa.pub >>> >>> Replace the file with the one on your machine. >>> >>> HTH, >>> >>> Joost >>> >>> >> >> I still haven't gotten this to work. Am I the only one using this? The >> "ssh -i .ssh/id_dsa.pub host" didn't work. I get a message "Read from >> socket failed: Connection reset by peer" with or without the -i option. >> >> When I re-emerged openssh the following output is displayed. >> >> # emerge openssh >> Calculating dependencies... done! >>>>> Verifying ebuild manifests >>>>> Emerging (1 of 1) net-misc/openssh-5.8_p1-r1 >>>>> Installing (1 of 1) net-misc/openssh-5.8_p1-r1 >>>>> Jobs: 1 of 1 complete Load avg: 2.80, >> 1.95, 1.43 >> >> * Messages for package net-misc/openssh-5.8_p1-r1: >> >> * Starting with openssh-5.8p1, the server will default to a newer key >> * algorithm (ECDSA). You are encouraged to manually update your stored >> * keys list as servers update theirs. See ssh-keyscan(1) for more info. >> * Remember to merge your config files in /etc/ssh/ and then >> * reload sshd: '/etc/init.d/sshd reload'. >> * Please be aware users need a valid shell in /etc/passwd >> * in order to be allowed to login. >>>>> Auto-cleaning packages... >> >>>>> No outdated packages were found on your system. >> >> * GNU info directory index is up-to-date. >> >> The ssh-keyscan man page hasn't helped. >> >> As of now I can only log in from older systems. > > This would imply that your older (rsa/dsa) server keys still work. > > What have you changed on your Gentoo client? > > Have you tried using ssh user@host to login with? At first all I did was an update: emerge -uDN world . They when it didn't work I removed all public and private keys and restarted sshd. That didn't work then I tried the ssh-keygen and ssh-keyscan. That didn't work so I removed all keys again and restarted sshd. Are there ssh_config or sshd_config options that should be set? Thanks, dhk