Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Host key verification failed in openssh
Top Forums UNIX for Dummies Questions & Answers Host key verification failed in openssh Post 302457527 by rprajendran on Tuesday 28th of September 2010 08:15:14 AM
Old 09-28-2010
Host key verification failed in openssh
Experts,

We are trying to make a key-based authentication from Server A to Server B.
Server A is installed with openshh. Server B runs "Sun_SSH_1.1".
Server A's rsa2 public key has been added into the server B's authorized_keys.
We are sure that permission settings of the files and folders in server A and Server B are correct.
But when we try to establish SFTP connection from Server B to Server A, we are getting the below error (snippet from -vvv mode logs)

debug3: check_host_in_hostfile: filename /home/serverb/.ssh/known_hosts
debug3: check_host_in_hostfile: filename /etc/ssh/ssh_known_hosts
debug3: check_host_in_hostfile: filename /home/serverb/.ssh/known_hosts
debug3: check_host_in_hostfile: filename /etc/ssh/ssh_known_hosts
debug3: check_host_in_hostfile: filename /home/serverb/.ssh/known_hosts
debug3: check_host_in_hostfile: filename /etc/ssh/ssh_known_hosts
debug2: no key of type 0 for host servera.test.com
debug3: check_host_in_hostfile: filename /home/serverb/.ssh/known_hosts2
debug3: check_host_in_hostfile: filename /etc/ssh/ssh_known_hosts2
debug3: check_host_in_hostfile: filename /home/serverb/.ssh/known_hosts
debug3: check_host_in_hostfile: filename /etc/ssh/ssh_known_hosts
debug2: no key of type 2 for host servera.test.com
Host key verification failed.

When connecting ServerB is not prompting for the adding the key of ServerA in known_hosts file of serverB. We are not sure why this happens.
We deleted the known_hosts file from ServerB and tried connecting, but no help Smilie

Can you please help on this?
Last edited by rprajendran; 09-28-2010 at 09:32 AM..
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Signiture verification failed

Hello, I am new to Solaris. I've installed Solaris 10.0 and trying to apply all patches. On Java Desktop, I've applied almost all patches but some of patches should be applied manually on the command line. The patches -should be applied manually on terminal- are downloaded by Sun Update... (1 Reply)
Discussion started by: XNOR
1 Replies

2. AIX

installp -C error: 'bosboot verification failed'

Hi, I'm a noob with AIX, can anybody help me solve this issue I'm stuck with on an 5.3 box. bash# installp -C 0503-409 installp: bosboot verification starting... 0503-497 installp: An error occurred during bosboot verification processing. Thanks. (4 Replies)
Discussion started by: thebytegrill
4 Replies

3. Solaris

Please help me.. connection failed between OpenSSH-3.8.1 to Sun SSH-1.1

hi All, We tried to establish a connection from OpenSSH3.8.1 running on Windows Box to SunSSH-1.1 running on Solaris 10. Please see the debug statements. C:\Documents and Settings\sadmin\.ssh>ssh sadmin@10.4.3.8 -v -v -v OpenSSH_3.8.1p1, OpenSSL 0.9.7d 17 Mar 2004 debug1: Reading... (2 Replies)
Discussion started by: venusunil
2 Replies

4. Shell Programming and Scripting

Host Key verification failed

Hi, I am running a script to scp a file from one server to another. I have created the public/private key and copied the public key to the other server and appended it to authorized_key file. But i am getting the error message saying "Host Key verification failed" Connection lost. It works well... (3 Replies)
Discussion started by: ahamed
3 Replies

5. Solaris

Need to recover/move diskgroup from failed host to another host

Hi All I am having VxVm on two Solaris hosts. host1 is using disk group dgHR. right now this server went down due to hardware fault. Not I need to import this dgHR into host2 server. Please let me know the procedure for the same. (1 Reply)
Discussion started by: amity
1 Replies

6. Red Hat

Converting SUN_SSH public key to openssh format

Hi Can someone please suggest how to convert this SUN_SSH public key to openssh key. I have converted few ssh2 public keys to openssh key, for passwordless authentication. I am not sure which version of sun_ssh is, here is the o/p $ ssh -V Sun_SSH_1.1.2, SSH protocols 1.5/2.0, OpenSSL... (1 Reply)
Discussion started by: bobby320
1 Replies

7. Red Hat

Installing OPENSSH 6.2P2 on RHEL 4, 64B failed

make: Leaving directory `/u01/openssh-6.2p2/openbsd-compat' gcc -g -O2 -Wall -Wpointer-arith -Wuninitialized -Wsign-compare -Wformat-security -fno-strict-aliasing -D_FORTIFY_SOURCE=2 -fno-builtin-memset -std=gnu99 -I. -I. -DSSHDIR=\"/usr/local/etc\" - D_PATH_SSH_PROGRAM=\"/usr/local/bin/ssh\"... (0 Replies)
Discussion started by: scao
0 Replies

8. AIX

Ping to remote host failed

Actually. I was getting a ping to remote host failed for one of my etherchannel. When I checked it was in backup adapter and again I use to faileover and brought to primary channel. But it was again going to backup channel and giving me the alert ping to remotehost failed. When I checked the load... (3 Replies)
Discussion started by: Mohamed Thamim
3 Replies

9. AIX

Openssh install failed on AIX 6.1

im new to aix... my task is suppose to be simple. install openssh i followed this article: Installing OpenSSH and OpenSSL on AIX 6.1 | Keymon's snippets and brushstrokes when i try to start the sshd service with the command: "startsrc -s sshd" im getting an error saying: "the sshd subsystem... (6 Replies)
Discussion started by: guy3145
6 Replies

10. UNIX for Beginners Questions & Answers

Host key verification failed error

HI i am getting host key verification failed error. # cat id_rsa.pub | ssh root@10.110.51.245 'cat >> .ssh/authorized_keys;exit;' cat: id_rsa.pub: No such file or directory @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! ... (3 Replies)
Discussion started by: scriptor
3 Replies

LEARN ABOUT REDHAT

ssh-keyscan

SSH-KEYSCAN(1)						    BSD General Commands Manual 					    SSH-KEYSCAN(1)

NAME

     ssh-keyscan -- gather ssh public keys

SYNOPSIS

     ssh-keyscan [-v46] [-p port] [-T timeout] [-t type] [-f file] [host | addrlist namelist] [...]

DESCRIPTION

     ssh-keyscan is a utility for gathering the public ssh host keys of a number of hosts.  It was designed to aid in building and verifying
     ssh_known_hosts files.  ssh-keyscan provides a minimal interface suitable for use by shell and perl scripts.

     ssh-keyscan uses non-blocking socket I/O to contact as many hosts as possible in parallel, so it is very efficient.  The keys from a domain
     of 1,000 hosts can be collected in tens of seconds, even when some of those hosts are down or do not run ssh.  For scanning, one does not
     need login access to the machines that are being scanned, nor does the scanning process involve any encryption.

     The options are as follows:

     -p port
	     Port to connect to on the remote host.

     -T timeout
	     Set the timeout for connection attempts.  If timeout seconds have elapsed since a connection was initiated to a host or since the
	     last time anything was read from that host, then the connection is closed and the host in question considered unavailable.  Default
	     is 5 seconds.

     -t type
	     Specifies the type of the key to fetch from the scanned hosts.  The possible values are ``rsa1'' for protocol version 1 and ``rsa''
	     or ``dsa'' for protocol version 2.  Multiple values may be specified by separating them with commas.  The default is ``rsa1''.

     -f filename
	     Read hosts or addrlist namelist pairs from this file, one per line.  If - is supplied instead of a filename, ssh-keyscan will read
	     hosts or addrlist namelist pairs from the standard input.

     -v      Verbose mode.  Causes ssh-keyscan to print debugging messages about its progress.

     -4      Forces ssh-keyscan to use IPv4 addresses only.

     -6      Forces ssh-keyscan to use IPv6 addresses only.

SECURITY

     If a ssh_known_hosts file is constructed using ssh-keyscan without verifying the keys, users will be vulnerable to attacks.  On the other
     hand, if the security model allows such a risk, ssh-keyscan can help in the detection of tampered keyfiles or man in the middle attacks which
     have begun after the ssh_known_hosts file was created.

EXAMPLES

     Print the rsa1 host key for machine hostname:

     $ ssh-keyscan hostname

     Find all hosts from the file ssh_hosts which have new or different keys from those in the sorted file ssh_known_hosts:

     $ ssh-keyscan -t rsa,dsa -f ssh_hosts | 
	     sort -u - ssh_known_hosts | diff ssh_known_hosts -

FILES

     Input format:

     1.2.3.4,1.2.4.4 name.my.domain,name,n.my.domain,n,1.2.3.4,1.2.4.4

     Output format for rsa1 keys:

     host-or-namelist bits exponent modulus

     Output format for rsa and dsa keys:

     host-or-namelist keytype base64-encoded-key

     Where keytype is either ``ssh-rsa'' or ``ssh-dsa''.

     /etc/ssh/ssh_known_hosts

BUGS

     It generates "Connection closed by remote host" messages on the consoles of all the machines it scans if the server is older than version
     2.9.  This is because it opens a connection to the ssh port, reads the public key, and drops the connection as soon as it gets the key.

SEE ALSO

     ssh(1), sshd(8)

AUTHORS

     David Mazieres <dm@lcs.mit.edu> wrote the initial version, and Wayne Davison <wayned@users.sourceforge.net> added support for protocol ver-
     sion 2.

BSD
								  January 1, 1996							       BSD
All times are GMT -4. The time now is 07:40 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy