[CLUE-Tech] ssh trouble

Dave Hagerty dave at surfingpenguin.com
Sat Nov 8 17:55:21 MST 2003 

Try checking permissions on ~/.ssh and the files within that directory. 
Try them at 400 or 600 as a test.


On Sat, 2003-11-08 at 11:22, Jason S. Friedman wrote:
> SSH has been working between my two boxes with the various users I have set up on them.
> 
> Now, the root user on box 1 cannot ssh to box 2 as any user.  In other words, as root:
> 
> ssh root at box2
> fails
> ssh plainuser at box2
> fails
> 
> Whereas, as plainuser on box 1:
> ssh root at box2
> succeeds
> ssh plainuser at box2
> succeeds
> 
> And, any user on box 2, including root, can ssh to box 1 successfully.
> 
> Here's my output:
> 
> root at abigail ~ $ ssh -v charles.powerpull.net
> OpenSSH_3.4p1, SSH protocols 1.5/2.0, OpenSSL 0x0090602f
> debug1: Reading configuration data /etc/ssh/ssh_config
> debug1: Applying options for *
> debug1: Rhosts Authentication disabled, originating port will not be trusted.
> debug1: ssh_connect: needpriv 0
> debug1: Connecting to charles.powerpull.net [192.168.0.150] port 22.
> debug1: Connection established.
> debug1: identity file /root/.ssh/identity type -1
> debug1: identity file /root/.ssh/id_rsa type -1
> debug1: identity file /root/.ssh/id_dsa type -1
> debug1: Remote protocol version 2.0, remote software version OpenSSH_3.4p1
> debug1: match: OpenSSH_3.4p1 pat OpenSSH*
> Enabling compatibility mode for protocol 2.0
> debug1: Local version string SSH-2.0-OpenSSH_3.4p1
> debug1: SSH2_MSG_KEXINIT sent
> debug1: SSH2_MSG_KEXINIT received
> debug1: kex: server->client aes128-cbc hmac-md5 none
> debug1: kex: client->server aes128-cbc hmac-md5 none
> debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent
> debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
> debug1: dh_gen_key: priv key bits set: 127/256
> debug1: bits set: 1584/3191
> debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
> debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
> Host key verification failed.
> debug1: Calling cleanup 0x80675a0(0x0)
> _______________________________________________
> CLUE-Tech mailing list
> Post messages to: CLUE-Tech at clue.denver.co.us
> Unsubscribe or manage your options: http://clue.denver.co.us/mailman/listinfo/clue-tech
-- 
____________________________________________
Dave Hagerty
... and they that weave networks, shall be confounded.
Isaiah 19:9 (KJV)

"On the side of the software box, in the 'System Requirements' section,
it
said 'Requires Windows 98 or better'. So I installed Linux."

"There is no limit to the good you can do if you don't care who gets the
credit." - George C. Marshall

More information about the clue-tech mailing list