1 |
On 24 February 2011 13:17, dhk <dhkuhl@×××××××××.net> wrote: |
2 |
> On 02/23/2011 03:42 AM, Joost Roeleveld wrote: |
3 |
>> On Tuesday 22 February 2011 14:51:31 Mick wrote: |
4 |
>>> On 22 February 2011 14:19, <dhkuhl@×××××××××.net> wrote: |
5 |
>>>> ----- Original Message ----- |
6 |
>>>> From: Mick |
7 |
>>>> |
8 |
>>>>> There was a change in the default ssh encryption algorithm. You may |
9 |
>>>>> want to check if that is causing the problem. |
10 |
>>>> |
11 |
>>>> How would I do that? |
12 |
>>> |
13 |
>>> By examining your config files? Previously your keys would be in |
14 |
>>> ~/.ssh/id_dsa[rsa].pub, but now with ECDSA being the default they |
15 |
>>> would be in ~/.ssh/id_ecdsa.pub |
16 |
>>> |
17 |
>>> I recall something being mentioned in the elog asking to regenerate |
18 |
>>> the key-pair. |
19 |
>>> |
20 |
>>> HTH. |
21 |
>> |
22 |
>> If this is the case, you could try speciying your key on the command-line |
23 |
>> using the "-i" flag: |
24 |
>> |
25 |
>> # ssh -i .ssh/id_dsa.pub <host....> |
26 |
>> |
27 |
>> Replace the file with the one on your machine. |
28 |
>> |
29 |
>> HTH, |
30 |
>> |
31 |
>> Joost |
32 |
>> |
33 |
>> |
34 |
> |
35 |
> I still haven't gotten this to work. Am I the only one using this? The |
36 |
> "ssh -i .ssh/id_dsa.pub host" didn't work. I get a message "Read from |
37 |
> socket failed: Connection reset by peer" with or without the -i option. |
38 |
> |
39 |
> When I re-emerged openssh the following output is displayed. |
40 |
> |
41 |
> # emerge openssh |
42 |
> Calculating dependencies... done! |
43 |
>>>> Verifying ebuild manifests |
44 |
>>>> Emerging (1 of 1) net-misc/openssh-5.8_p1-r1 |
45 |
>>>> Installing (1 of 1) net-misc/openssh-5.8_p1-r1 |
46 |
>>>> Jobs: 1 of 1 complete Load avg: 2.80, |
47 |
> 1.95, 1.43 |
48 |
> |
49 |
> * Messages for package net-misc/openssh-5.8_p1-r1: |
50 |
> |
51 |
> * Starting with openssh-5.8p1, the server will default to a newer key |
52 |
> * algorithm (ECDSA). You are encouraged to manually update your stored |
53 |
> * keys list as servers update theirs. See ssh-keyscan(1) for more info. |
54 |
> * Remember to merge your config files in /etc/ssh/ and then |
55 |
> * reload sshd: '/etc/init.d/sshd reload'. |
56 |
> * Please be aware users need a valid shell in /etc/passwd |
57 |
> * in order to be allowed to login. |
58 |
>>>> Auto-cleaning packages... |
59 |
> |
60 |
>>>> No outdated packages were found on your system. |
61 |
> |
62 |
> * GNU info directory index is up-to-date. |
63 |
> |
64 |
> The ssh-keyscan man page hasn't helped. |
65 |
> |
66 |
> As of now I can only log in from older systems. |
67 |
|
68 |
This would imply that your older (rsa/dsa) server keys still work. |
69 |
|
70 |
What have you changed on your Gentoo client? |
71 |
|
72 |
Have you tried using ssh user@host to login with? |
73 |
-- |
74 |
Regards, |
75 |
Mick |