01-25-2014
He should also be able to look at the NFS logfile (syslogd) for clues if your "df -k" test on the destination filesystem shows it is causing part of the problem.
Again, when we read the ssh -vvv output in the well written post above, it seems quite obvious the process is hanging trying to read a good key file, over and over. again. There are myriad entries of this key read failure.
Frankly, I'm not sure (of the logic of) why a set of ssh keys for a server would be remotely hosted on another server. If sshd was configured to be dependent on a remote server, then any network problem could cause sshd problems and, in turn, problems logging in to debug; which is the last thing a system admin would desire.
4 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
1 . Thanks everyone who read the post first.
2 . I have a log file which size is 143M , I can not use vi open it .I can not use xedit open it too.
How to view it ?
If I want to view 200-300 ,how can I implement it
3 . Thanks (3 Replies)
Discussion started by: chenhao_no1
3 Replies
2. UNIX for Dummies Questions & Answers
I have a 5000 line config.log file with several "maybe" errors. Any reccomendations on finding solvable problems? (2 Replies)
Discussion started by: NeedLotsofHelp
2 Replies
3. Shell Programming and Scripting
How to repeat the execution of a simple command like the following for 1 sec ?
echo Hi
The completion time for the command is not known, but we need to calculate the number of times this commans executes successfully within 1 sec.
Thanks
Kumarjit (5 Replies)
Discussion started by: kumarjt
5 Replies
4. UNIX for Dummies Questions & Answers
Hi,
I got following problem I want to use encrypted password and login for my script for oracle DB.
#This was created with echo "login" | openssl enc -base64 and echo "password" | openssl enc -base64
login= bG9naW4K
passwd= cGFzc3dvcmQK
Im using following... (4 Replies)
Discussion started by: kvok
4 Replies
LEARN ABOUT FREEBSD
ssh-keysign
SSH-KEYSIGN(8) BSD System Manager's Manual SSH-KEYSIGN(8)
NAME
ssh-keysign -- ssh helper program for host-based authentication
SYNOPSIS
ssh-keysign
DESCRIPTION
ssh-keysign is used by ssh(1) to access the local host keys and generate the digital signature required during host-based authentication with
SSH protocol version 2.
ssh-keysign is disabled by default and can only be enabled in the global client configuration file /etc/ssh/ssh_config by setting
EnableSSHKeysign to ``yes''.
ssh-keysign is not intended to be invoked by the user, but from ssh(1). See ssh(1) and sshd(8) for more information about host-based authen-
tication.
FILES
/etc/ssh/ssh_config
Controls whether ssh-keysign is enabled.
/etc/ssh/ssh_host_dsa_key
/etc/ssh/ssh_host_ecdsa_key
/etc/ssh/ssh_host_ed25519_key
/etc/ssh/ssh_host_rsa_key
These files contain the private parts of the host keys used to generate the digital signature. They should be owned by root, read-
able only by root, and not accessible to others. Since they are readable only by root, ssh-keysign must be set-uid root if host-
based authentication is used.
/etc/ssh/ssh_host_dsa_key-cert.pub
/etc/ssh/ssh_host_ecdsa_key-cert.pub
/etc/ssh/ssh_host_ed25519_key-cert.pub
/etc/ssh/ssh_host_rsa_key-cert.pub
If these files exist they are assumed to contain public certificate information corresponding with the private keys above.
SEE ALSO
ssh(1), ssh-keygen(1), ssh_config(5), sshd(8)
HISTORY
ssh-keysign first appeared in OpenBSD 3.2.
AUTHORS
Markus Friedl <markus@openbsd.org>
BSD
December 7, 2013 BSD