Login or Register to Ask a Question and Join Our Community


HP-UX

SSH2 - signature didn't match with host key

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Operating Systems HP-UX SSH2 - signature didn't match with host key
# 1  
Old 08-09-2013
Question SSH2 - signature didn't match with host key
I am trying to complete ssh2 connection between HP-UX and CoreFTP. The host key authentication fails with signature didn't match. See below output. I can connect to this CoreFTP from my Windows desktop, and connect to a multitude of other servers from the HP-UX system as well, but have encountered this error on this particular connection.
Code:
debug: Remote version: SSH-2.0-CoreFTP-0.3.2
debug: Ssh2Transport/trcommon.c:1397: lang s to c: `', lang c to s: `'
debug: Ssh2Transport/trcommon.c:1462: c_to_s: cipher aes128-cbc, mac hmac-sha1, 
compression none
debug: Ssh2Transport/trcommon.c:1465: s_to_c: cipher aes128-cbc, mac hmac-sha1, 
compression none
debug: SshKeyFile/sshkeyfile.c:362: file /xxxx/xxxx/.ssh2/hostkeys/key_22_70
.109.223.36.pub does not exist.
debug: SshKeyFile/sshkeyfile.c:362: file /etc/ssh2/hostkeys/key_22_11.222.333.44
.pub does not exist.
Host key not found from database.
Key fingerprint:
xonjjj-beaas-cccel-vrrab-cyhyr-fdlab-tbtez-pjkiz-fsryn-licwl-hjxax
You can get a public key's fingerprint by running
% ssh-keygen -F publickey.pub
on the keyfile.
Are you sure you want to continue connecting (yes/no)? yes
Host key saved to /xxxx/xxxx/.ssh2/hostkeys/key_22_11.222.333.44.pub
host key for 11.222.333.44, accepted by xxxx Mon Jul 29 2013 14:05:53 -0500
debug: SshProtoTrKex/trkex.c:569: Signature didn't match.
debug: Ssh2Common/sshcommon.c:169: DISCONNECT received: Key exchange failed.
debug: SshReadLine/sshreadline.c:2245: Uninitializing ReadLine...
debug: Ssh2/ssh2.c:685: Returning user input stream to original values.
warning: Authentication failed.
Disconnected; key exchange or algorithm negotiation failed (Key exchange failed.
).
Sftp2/sftp2.c:3965: buffer: 'AUTHENTICATED NO

Has anyone encountered this and have a resolution. Thx.
Last edited by Scott; 08-10-2013 at 02:29 AM.. Reason: Code tags
# 2  
Old 08-09-2013
The problem is in the ./ssh/known_hosts file for the user running the process (the one initiating)

Whenever you contact a host for the first time. ssh protocol asks for verification, then stores the remote key in the above file.

Code:
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
a7:a8:f2:97:94:33:58:b7:9d:bc:e0:a6:6b:f7:0a:29.
Please contact your system administrator.
Add correct host key in /home/your name goes here/.ssh/known_hosts to get rid of this message.
Offending key in /home/[yourname goes here]/.ssh/known_hosts: 6
Permission denied (publickey,password).

You have to remove the key to proceed further. Use the following command to remove the offending key:

Code:
# sed  '6d' ~/.ssh/known_hosts > tmp
   mv tmp ~/.ssh/known_hosts
   chmod 600 ~/.ssh/known_hosts

6d is the line number shown in message you get. 6d means delete line 6. The examples are bash/ksh.
# 3  
Old 08-12-2013
Thank you for your reply.
The host key downloads to the hostkeys directory. I can remove it and have it download again upon next connection, but the same "Signature didn't match" issue occurs.
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. Solaris

Change from weak ssh host key to strong one

Hi, I got instructions from Security audit team for Solaris-10 server. They mentioned - "The sshd configuration on the host supported weak host keys and allowed password authentication on Solaris server. Enable stronger keys (2048 or 4096 bit)". I am not clear enough, what they mean by weak... (7 Replies)
Discussion started by: solaris_1977
7 Replies

2. UNIX for Beginners Questions & Answers

Host key verification failed error

HI i am getting host key verification failed error. # cat id_rsa.pub | ssh root@10.110.51.245 'cat >> .ssh/authorized_keys;exit;' cat: id_rsa.pub: No such file or directory @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! ... (3 Replies)
Discussion started by: scriptor
3 Replies

3. UNIX for Advanced & Expert Users

Ssh2 key has been overwritten, need a way to restore

I had generated a ssh2 key on my AIX box, to receive files from other AIX and Linux systems. Key Name: id_ssh2_server.pub However this ssh2 key (both public and private keys) has been overwritten, while I was generating another ssh2 key. Now the earlier configured target systems are not able... (3 Replies)
Discussion started by: freakygs
3 Replies

4. Solaris

Ssh between servers - No DSA host key is known

It seems I can do ssh <IP> but not ssh <hostname> If I try to ssh to hostname I get the error - No DSA host key is known for host1 and you have requested strict checking. Host key verification failed. Where do I set up the DSA keys? Is it ssh_known_hosts? Assume afterwards I can... (3 Replies)
Discussion started by: psychocandy
3 Replies

5. Shell Programming and Scripting

Script to check if host key authentication is setup

Hey all, I have a script that I use for some automated installs. Unfortunately for the script to work the server that it's running from needs to have host-key authentication setup to the target server. If it isn't setup beforehand and the script is executed the install partially completes and... (1 Reply)
Discussion started by: Rike255
1 Replies

6. Cybersecurity

Request for SSH2 public key

Hey all, I have a request from a third party that will be setting my firm up for an account so we can sftp files to their server in a Production environment. I know where the public keys are located on our Red Hat Linux envronment. I was going to ftp the keys from the Linux environment over to my... (2 Replies)
Discussion started by: dfb500
2 Replies

7. UNIX for Dummies Questions & Answers

Host key verification failed in openssh

Experts, We are trying to make a key-based authentication from Server A to Server B. Server A is installed with openshh. Server B runs "Sun_SSH_1.1". Server A's rsa2 public key has been added into the server B's authorized_keys. We are sure that permission settings of the files and folders in... (1 Reply)
Discussion started by: rprajendran
1 Replies

8. UNIX for Dummies Questions & Answers

host key issue via java

Hi, I am encountering below mentioned exception when I execute my Java program that is supposed to SFTP the file from one server over to another. Can you please tell me some pointers to resolve this issue? Exception HostName- 10.1.1.1 ; userName- bmsftp log4j:WARN No appenders could be... (0 Replies)
Discussion started by: prashant.ladha
0 Replies

9. Shell Programming and Scripting

Host Key verification failed

Hi, I am running a script to scp a file from one server to another. I have created the public/private key and copied the public key to the other server and appended it to authorized_key file. But i am getting the error message saying "Host Key verification failed" Connection lost. It works well... (3 Replies)
Discussion started by: ahamed
3 Replies

10. UNIX for Advanced & Expert Users

RSA host key addition

Guys How do i add RSA key for a host ? I was able to connect to a host some time back but now its not connectable ,via SSH. Message i get is : abhi@myHost:~/.ssh> ssh eatcid@yourHost @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: REMOTE HOST IDENTIFICATION... (3 Replies)
Discussion started by: ak835
3 Replies
Login or Register to Ask a Question