Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: SSH2 - signature didn't match with host key
Operating Systems HP-UX SSH2 - signature didn't match with host key Post 302842703 by Stars on Friday 9th of August 2013 05:19:46 PM
Old 08-09-2013
Question SSH2 - signature didn't match with host key
I am trying to complete ssh2 connection between HP-UX and CoreFTP. The host key authentication fails with signature didn't match. See below output. I can connect to this CoreFTP from my Windows desktop, and connect to a multitude of other servers from the HP-UX system as well, but have encountered this error on this particular connection.
Code:
debug: Remote version: SSH-2.0-CoreFTP-0.3.2
debug: Ssh2Transport/trcommon.c:1397: lang s to c: `', lang c to s: `'
debug: Ssh2Transport/trcommon.c:1462: c_to_s: cipher aes128-cbc, mac hmac-sha1, 
compression none
debug: Ssh2Transport/trcommon.c:1465: s_to_c: cipher aes128-cbc, mac hmac-sha1, 
compression none
debug: SshKeyFile/sshkeyfile.c:362: file /xxxx/xxxx/.ssh2/hostkeys/key_22_70
.109.223.36.pub does not exist.
debug: SshKeyFile/sshkeyfile.c:362: file /etc/ssh2/hostkeys/key_22_11.222.333.44
.pub does not exist.
Host key not found from database.
Key fingerprint:
xonjjj-beaas-cccel-vrrab-cyhyr-fdlab-tbtez-pjkiz-fsryn-licwl-hjxax
You can get a public key's fingerprint by running
% ssh-keygen -F publickey.pub
on the keyfile.
Are you sure you want to continue connecting (yes/no)? yes
Host key saved to /xxxx/xxxx/.ssh2/hostkeys/key_22_11.222.333.44.pub
host key for 11.222.333.44, accepted by xxxx Mon Jul 29 2013 14:05:53 -0500
debug: SshProtoTrKex/trkex.c:569: Signature didn't match.
debug: Ssh2Common/sshcommon.c:169: DISCONNECT received: Key exchange failed.
debug: SshReadLine/sshreadline.c:2245: Uninitializing ReadLine...
debug: Ssh2/ssh2.c:685: Returning user input stream to original values.
warning: Authentication failed.
Disconnected; key exchange or algorithm negotiation failed (Key exchange failed.
).
Sftp2/sftp2.c:3965: buffer: 'AUTHENTICATED NO

Has anyone encountered this and have a resolution. Thx.
Last edited by Scott; 08-10-2013 at 02:29 AM.. Reason: Code tags
 

10 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

RSA host key addition

Guys How do i add RSA key for a host ? I was able to connect to a host some time back but now its not connectable ,via SSH. Message i get is : abhi@myHost:~/.ssh> ssh eatcid@yourHost @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: REMOTE HOST IDENTIFICATION... (3 Replies)
Discussion started by: ak835
3 Replies

2. Shell Programming and Scripting

Host Key verification failed

Hi, I am running a script to scp a file from one server to another. I have created the public/private key and copied the public key to the other server and appended it to authorized_key file. But i am getting the error message saying "Host Key verification failed" Connection lost. It works well... (3 Replies)
Discussion started by: ahamed
3 Replies

3. UNIX for Dummies Questions & Answers

host key issue via java

Hi, I am encountering below mentioned exception when I execute my Java program that is supposed to SFTP the file from one server over to another. Can you please tell me some pointers to resolve this issue? Exception HostName- 10.1.1.1 ; userName- bmsftp log4j:WARN No appenders could be... (0 Replies)
Discussion started by: prashant.ladha
0 Replies

4. UNIX for Dummies Questions & Answers

Host key verification failed in openssh

Experts, We are trying to make a key-based authentication from Server A to Server B. Server A is installed with openshh. Server B runs "Sun_SSH_1.1". Server A's rsa2 public key has been added into the server B's authorized_keys. We are sure that permission settings of the files and folders in... (1 Reply)
Discussion started by: rprajendran
1 Replies

5. Cybersecurity

Request for SSH2 public key

Hey all, I have a request from a third party that will be setting my firm up for an account so we can sftp files to their server in a Production environment. I know where the public keys are located on our Red Hat Linux envronment. I was going to ftp the keys from the Linux environment over to my... (2 Replies)
Discussion started by: dfb500
2 Replies

6. Shell Programming and Scripting

Script to check if host key authentication is setup

Hey all, I have a script that I use for some automated installs. Unfortunately for the script to work the server that it's running from needs to have host-key authentication setup to the target server. If it isn't setup beforehand and the script is executed the install partially completes and... (1 Reply)
Discussion started by: Rike255
1 Replies

7. Solaris

Ssh between servers - No DSA host key is known

It seems I can do ssh <IP> but not ssh <hostname> If I try to ssh to hostname I get the error - No DSA host key is known for host1 and you have requested strict checking. Host key verification failed. Where do I set up the DSA keys? Is it ssh_known_hosts? Assume afterwards I can... (3 Replies)
Discussion started by: psychocandy
3 Replies

8. UNIX for Advanced & Expert Users

Ssh2 key has been overwritten, need a way to restore

I had generated a ssh2 key on my AIX box, to receive files from other AIX and Linux systems. Key Name: id_ssh2_server.pub However this ssh2 key (both public and private keys) has been overwritten, while I was generating another ssh2 key. Now the earlier configured target systems are not able... (3 Replies)
Discussion started by: freakygs
3 Replies

9. UNIX for Beginners Questions & Answers

Host key verification failed error

HI i am getting host key verification failed error. # cat id_rsa.pub | ssh root@10.110.51.245 'cat >> .ssh/authorized_keys;exit;' cat: id_rsa.pub: No such file or directory @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! ... (3 Replies)
Discussion started by: scriptor
3 Replies

10. Solaris

Change from weak ssh host key to strong one

Hi, I got instructions from Security audit team for Solaris-10 server. They mentioned - "The sshd configuration on the host supported weak host keys and allowed password authentication on Solaris server. Enable stronger keys (2048 or 4096 bit)". I am not clear enough, what they mean by weak... (7 Replies)
Discussion started by: solaris_1977
7 Replies

LEARN ABOUT PHP

ssh2_connect

SSH2_CONNECT(3) 							 1							   SSH2_CONNECT(3)

ssh2_connect - Connect to an SSH server

SYNOPSIS

       resource ssh2_connect (string  $host, [int  $port = 22], [array	$methods], [array  $callbacks])

DESCRIPTION

	Establish a connection to a remote SSH server.

	Once connected, the client should verify the server's hostkey using ssh2_fingerprint(3), then authenticate using either password or public
       key.

PARAMETERS

	      o $host
		-

	      o $port
		-

	      o $methods
		-$methods may be an associative array with up to four parameters as described below.

	      $methods may be an associative array with any or all of the following parameters.

	       * - Supported Values are dependent on methods supported by underlying library. See libssh2 documentation  for  additional  informa-
	      tion.

	      $client_to_server and $server_to_client may be an associative array with any or all of the following parameters.

	      +------+--------------------------------------+---+
	      |Index |					    |	|
	      |      |					    |	|
	      |      |		     Meaning		    |	|
	      |      |					    |	|
	      |      |		Supported Values*	    |	|
	      |      |					    |	|
	      +------+--------------------------------------+---+
	      |crypt |					    |	|
	      |      |					    |	|
	      |      | List of crypto methods to advertise, |	|
	      |      | comma separated in order of  prefer- |	|
	      |      | ence.				    |	|
	      |      |					    |	|
	      |      |					    |	|
	      |      | rijndael-cbc@lysator.liu.se,	    |	|
	      |      | aes256-cbc, aes192-cbc,	aes128-cbc, |	|
	      |      | 3des-cbc, blowfish-cbc, cast128-cbc, |	|
	      |      | arcfour, and none**		    |	|
	      |      |					    |	|
	      |comp  |					    |	|
	      |      |					    |	|
	      |      | List  of  compression   methods	 to |	|
	      |      | advertise,  comma separated in order |	|
	      |      | of preference.			    |	|
	      |      |					    |	|
	      |      |					    |	|
	      |      |		  zlib and none 	    |	|
	      |      |					    |	|
	      | mac  |					    |	|
	      |      |					    |	|
	      |      | List of MAC  methods  to  advertise, |	|
	      |      | comma  separated in order of prefer- |	|
	      |      | ence.				    |	|
	      |      |					    |	|
	      |      |					    |	|
	      |      | hmac-sha1,    hmac-sha1-96,    hmac- |	|
	      |      | ripemd160,		      hmac- |	|
	      |      | ripemd160@openssh.com, and none**    |	|
	      |      |					    |	|
	      +------+--------------------------------------+---+
	      Note

		     Crypt and MAC method " none"

		      For security reasons, none is disabled by the underlying libssh2 library unless explicitly  enabled  during  build  time	by
		     using the appropriate ./configure options. See documentation for the underlying library for more information.

	      o $callbacks
		-$callbacks may be an associative array with any or all of the following parameters.

	       Callbacks parameters

	      +-----------+--------------------------------------+---+
	      |  Index	  |					 |   |
	      | 	  |					 |   |
	      | 	  |		  Meaning		 |   |
	      | 	  |					 |   |
	      | 	  |		 Prototype		 |   |
	      | 	  |					 |   |
	      +-----------+--------------------------------------+---+
	      |  ignore   |					 |   |
	      | 	  |					 |   |
	      | 	  |  Name  of  function  to call when an |   |
	      | 	  | SSH2_MSG_IGNORE packet is received	 |   |
	      | 	  |					 |   |
	      | 	  |	  void ignore_cb($message)	 |   |
	      | 	  |					 |   |
	      |  debug	  |					 |   |
	      | 	  |					 |   |
	      | 	  |  Name of function to  call	when  an |   |
	      | 	  | SSH2_MSG_DEBUG packet is received	 |   |
	      | 	  |					 |   |
	      | 	  | void  debug_cb($message,  $language, |   |
	      | 	  | $always_display)			 |   |
	      | 	  |					 |   |
	      | macerror  |					 |   |
	      | 	  |					 |   |
	      | 	  |  Name of function  to  call  when  a |   |
	      | 	  | packet  is	received but the message |   |
	      | 	  | authentication code failed.  If  the |   |
	      | 	  | callback  returns TRUE, the mismatch |   |
	      | 	  | will be ignored, otherwise the  con- |   |
	      | 	  | nection will be terminated. 	 |   |
	      | 	  |					 |   |
	      | 	  |	 bool macerror_cb($packet)	 |   |
	      | 	  |					 |   |
	      |disconnect |					 |   |
	      | 	  |					 |   |
	      | 	  |  Name  of  function  to call when an |   |
	      | 	  | SSH2_MSG_DISCONNECT    packet     is |   |
	      | 	  | received				 |   |
	      | 	  |					 |   |
	      | 	  | void   disconnect_cb($reason,  $mes- |   |
	      | 	  | sage, $language)			 |   |
	      | 	  |					 |   |
	      +-----------+--------------------------------------+---+
RETURN VALUES

	Returns a resource on success, or FALSE on error.

EXAMPLES

       Example #1

	      ssh2_connect(3) example

	       Open a connection forcing 3des-cbc when sending packets, any strength aes cipher when receiving packets, no compression	in  either
	      direction, and Group1 key exchange.

	      <?php
	      /* Notify the user if the server terminates the connection */
	      function my_ssh_disconnect($reason, $message, $language) {
		printf("Server disconnected with reason code [%d] and message: %s
",
		       $reason, $message);
	      }

	      $methods = array(
		'kex' => 'diffie-hellman-group1-sha1',
		'client_to_server' => array(
		  'crypt' => '3des-cbc',
		  'comp' => 'none'),
		'server_to_client' => array(
		  'crypt' => 'aes256-cbc,aes192-cbc,aes128-cbc',
		  'comp' => 'none'));

	      $callbacks = array('disconnect' => 'my_ssh_disconnect');

	      $connection = ssh2_connect('shell.example.com', 22, $methods, $callbacks);
	      if (!$connection) die('Connection failed');
	      ?>

SEE ALSO

       ssh2_fingerprint(3), ssh2_auth_none(3), ssh2_auth_password(3), ssh2_auth_pubkey_file(3).

PHP Documentation Group 													   SSH2_CONNECT(3)
All times are GMT -4. The time now is 11:16 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy