| View previous topic :: View next topic |
| Author |
Message |
hwchen
n00b
Joined: 22 Aug 2003
Posts: 10
Location: Taiwan
|
 Posted: Tue Mar 02, 2004 4:58 am Post subject: SSH bug (or not?) solved " host key verification failed |
 |
|
Deat All:
These days i have installed gentoo for several machines. I always have a problem that user accounts can not ssh outside but root can. The reason is that the priority of /dev/tty is not correct. I have chmod 666 to it. And the question solve. This has once been a bug post on OpenSSH mail-list. The version with the bug is openssh 3.4. I wonder the bug is still exist in openssh 3.7.1 & 3.8. I do not know is this still a bug for other or it was just my method making the system.
ps: I do not know how to report a bug, would someone like do me a favor to report this question?
Sincerly Hwung-Wen Chen |
|
| Back to top |
|
 |
kashani
Advocate
Joined: 02 Sep 2002
Posts: 2032
Location: San Francisco
|
| Posted: Tue Mar 02, 2004 5:29 am Post subject: |
|
|
Are these recent installs? Openssh 3.4 is pretty old, I think around June 2002. I'd guess there is a problem with the way you're installing it or that fact that the packages are so old.
kashani
_________________
Will personally fix your server in exchange for motorcycle related shop tools in good shape. |
|
| Back to top |
|
|
mphilips
n00b
Joined: 09 Sep 2003
Posts: 49
|
| Posted: Thu Jun 17, 2004 3:08 pm Post subject: Host key verification failed. |
|
|
I had the same problem:
For any regular user:
| Code: | user@host1 $ ssh host2
Host key verification failed. |
Fixed by:
Brand new 2004.1 install with udev and openssh-3.8_p1.
Is the chmod 666 /dev/tty solution a workaround or the 'right answer'? Either way, what needs to be fixed, the openssh ebuild? Or is this an upstream openssh bug? |
|
| Back to top |
|
|
sirprize
n00b
Joined: 23 Mar 2004
Posts: 15
Location: Ulm, Germany
|
| Posted: Wed Jun 23, 2004 8:03 pm Post subject: |
|
|
I had the same problem and used the same fix, but I'd also like to know where the problem came from.
I installed that gentoo copy via a stage1 installation on an Athlon XP.
I basically did nothing important besides scripts/bootstrap.sh and emerge system. |
|
| Back to top |
|
|
Da_Big_G
n00b
Joined: 18 Oct 2003
Posts: 10
|
| Posted: Sun Jun 27, 2004 6:53 pm Post subject: |
|
|
THANK YOU!
I upgraded from a 2.4.x kernel with devfs to 2.6.7 with udev and suddenly couldn't ssh out to another box unless I was root.
This was solved with your 'chmod 666 /dev/tty' fix.
I just did the upgrade on a second box and had the same problem with the same fix, so I believe the problem is in udev.
The problem manifested itself as a "Host key verification failed" message from ssh. |
|
| Back to top |
|
|
gnuageux
Veteran
Joined: 17 Apr 2004
Posts: 1201
|
| Posted: Wed Jun 30, 2004 2:27 pm Post subject: |
|
|
BTW editing .ssh/known_hosts will resolve this. You just remove the host key for said ip, then the next time you ssh to it it will accept it. This is not a bug. The admin of the remote server regenerated thier host key Id imagine.
_________________
The realOTW: http://forums.realotw.org/index.php
Registered Linux user#364538 |
|
| Back to top |
|
|
gnuageux
Veteran
Joined: 17 Apr 2004
Posts: 1201
|
|
| Back to top |
|
|
Da_Big_G
n00b
Joined: 18 Oct 2003
Posts: 10
|
| Posted: Mon Jul 05, 2004 6:42 pm Post subject: |
|
|
| gnuageux wrote: | | BTW editing .ssh/known_hosts will resolve this. You just remove the host key for said ip, then the next time you ssh to it it will accept it. This is not a bug. The admin of the remote server regenerated thier host key Id imagine. |
That only helps if it's rejecting the host key for a valid reason.
The problem with udev is completely unrelated to the host key verification - it just fails at that point. You have to make sure the perms on your /dev/tty are correct.
BTW: I rebooted a few days ago and found that the permissions on /dev/tty are not sticky - that is, they revert to the default values causing the problem again. I just reapplied the fix, but it would be nice to know how to permanently change the permissions under udev. |
|
| Back to top |
|
|
dmmgentoo
n00b
Joined: 16 Jun 2002
Posts: 38
|
| Posted: Sat Jul 10, 2004 3:15 pm Post subject: |
|
|
| Da_Big_G wrote: | | gnuageux wrote: | | BTW editing .ssh/known_hosts will resolve this. You just remove the host key for said ip, then the next time you ssh to it it will accept it. This is not a bug. The admin of the remote server regenerated thier host key Id imagine. |
That only helps if it's rejecting the host key for a valid reason.
The problem with udev is completely unrelated to the host key verification - it just fails at that point. You have to make sure the perms on your /dev/tty are correct.
BTW: I rebooted a few days ago and found that the permissions on /dev/tty are not sticky - that is, they revert to the default values causing the problem again. I just reapplied the fix, but it would be nice to know how to permanently change the permissions under udev. |
I had a similar problem with xterm, as xterm refused to start with the default perms on /dev/tty. You could try changing the perms in /etc/udev/permissions.d/50-udev.permissions. |
|
| Back to top |
|
|
firephoto
Veteran
Joined: 29 Oct 2003
Posts: 1612
Location: +48° 5' 23.40", -119° 48' 30.00"
|
| Posted: Sat Jul 10, 2004 4:09 pm Post subject: |
|
|
The latest versions of udev will fix this ssh problem so maybe you don't have the latest udev? udev-030 is the latest greatest but I believe 027 had the fix.
https://bugs.gentoo.org/show_bug.cgi?id=53292
That's the bug about this. |
|
| Back to top |
|
|
|
Networking & Security
