ssh error on user accounts [workaround found]

[flickerfly]

I deleted ~/.ssh, but am still getting the following error.

[ariejan]

ssh as root is bad. Add a normal user account, and just ssh to the box. I don't know, but I've never in my life used ask-pass.

[flickerfly]

I've never used askpass either and never ssh from root, except that I was troubleshooting here. It is unrealistic to switch users each time I want to ssh to another box. That changes permissions of the user and thereby means I have to re-chmod all my files what I want to send over the connection with scp which is a large part of what I do with ssh.

I need to know what the problem is. I've got work arounds.
_________________
An Evil Genious' Guide to Sheeple and How To Avoid Becoming One | 0x4C9EF4A

[Jaxom]

I would try adding a new user to the box and trying to ssh with the new account. That will aleast narrow it down a little. It's possible it's something in your specific user account.

I'm not the best diagnostician though, just thought I'd offer a suggestion as to where I would look first
_________________
Undisputed Heavyweight Champion. If it's undisputed, WHAT'S ALL THE FIGHTING ABOUT?!?! -- George Carlin

[flickerfly]

I broke down and created another account. This one has the same problem. It's a fresh account. Never been used. I'm left thinking it is a problem for all regular users. I also unmerge'd and re-merge'd openssh and that had no affect on the issue. (yes I ran etc-update also)
_________________
An Evil Genious' Guide to Sheeple and How To Avoid Becoming One | 0x4C9EF4A

[UberLord]

ask-pass afaik is a virtual program for an X based password entry for ssh
If you're seeing this then you aren't doing anything ssh from a console.

Try emerging gtk2-ssh-askpass

[flickerfly]

I emerged x11-ask-pass which is equivalent and it made no change in the issue. I've also created the file and chmod'd it 777. This resulted in the error “Host key verification failed.”
_________________
An Evil Genious' Guide to Sheeple and How To Avoid Becoming One | 0x4C9EF4A

[UberLord]

You need to log out before and login before trying it as it sets an environment variable

[flickerfly]

*bang* You've figured out a work around for me that I'm glad to have.

I'd rather do without this ugly GUI stuff though. I'm quite comfortable with the CLI. Any idea on how to take care of that?
_________________
An Evil Genious' Guide to Sheeple and How To Avoid Becoming One | 0x4C9EF4A

[merkaba]

has anyone found a *fix* for this?
i've got a similar problem sometime after moving to kernel 2.6 and udev.
root has no problem using ssh and regular terminal windows work fine.
as a regular user ssh -vvv hostname.com ends with:

[merkaba]

found the problem.
this fixed it:

[flickerfly]

[MKhaos7]

I was having the same problem here. But jsut the

[flickerfly]

Well, no doubt 666 is less secure simply because it's opening up the world, in addition to owner and group to read and write permissions on something (doesn't matter much what it is). Theoretically you could do 060 as long as everyone that needed console access was in the group (or was root). In practice leaving off the owner could be a bit of a risk, but I would think if it is set to owner of root it would be no big deal. All that to say, if you can get away with 660 than I would just in case. If your owner is set to root the owner settings are somewhat inconsequential, as far as I can tell.
_________________
An Evil Genious' Guide to Sheeple and How To Avoid Becoming One | 0x4C9EF4A

[g3n]

gtk2-ssh-askpass doesnt create /usr/lib/misc/ssh-askpass
and kdevelop needs it. I had to install x11-ssh-askpass instead
_________________
--[G]--

[karnesky]

[Chaos]

well everyone seems to have moved on from this one, but I am on another computer and don't like the emerge x11-ssh-askpass fix, so here's the fix if anyone wants it:

for whatever reason openssh can't access /dev/tty anymore so I found the best fix to be

[justanothergentoofanatic]

Won't that allow any user to display anything on any other user's console?

-Mike

[Loial]

I'm rather hesitant to change the permissions on /dev/tty
it now says
crw-rw---- 1 root tty 5, 0 Jan 23 18:02 /dev/tty
and i'm not in the tty group
changing permissions or group shouldn't be needed to just use ssh, right?!
btw, I can ssh fine to a machine that grants me acces because my public key is in it's authorized_keys2 file, but when it is not, I get the error about ssh_askpass

[nilbus]

This soved my problem with the Host Key Verification Failed error:

[nadir-san]

[cazort]

I recently had this problem arise after updating a variety of packages on my system. This thread seems to have been long since dead, but oddly, everything applied here, but with some twists--I was able to get it working by "chmod 666 /dev/tty". However, it didn't work to add my user to the tty group.

I agree this is not a great security thing. It doesn't matter on THIS machine because it's a desktop, but as a matter of principle...I want to know how to do this the "right" way.

Also, this begs the question, WHY THE HECK DID IT BREAK IN THE FIRST PLACE?

I don't do anything radically weird to this system I'm working on...something as fundamental as ssh SHOULD NOT BREAK, under any circumstances. While experienced users like us seemed to figure this out pretty easily...I wouldn't exactly say this would have been a piece of cake for a newbie. Is there any way we could look into this to figure out the actual cause--did some package update change the permissions? Was it a new version of ssh that was the problem? I dunno...something seems worthy of reporting something (not sure what) to bugs.gentoo.org. Just not sure exactly what to say...obviously we were able to "fix" it. But the point is, it should not have broken.
_________________
Alex Zorach | Teacology | RateTea | Why This Way

[m4chine]