ssh from new FC6 system times out to one destination
Jim van Wel
jim at coolzero.info
Thu Mar 15 13:46:06 UTC 2007
Hey there,
When you look at your id_rsa files, does it looks like it's starting with
this:
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
many code
-----END RSA PRIVATE KEY-----
and id_rsa.pub:
ssh-rsa MANY CODE
me at localhost.localdomain
?
Normally when I generate via ssh-keygen I do this:
ssh-keygen -t rsa -b 2048
So you now for sure you are using RSA instead of DSA.
Also knowing you use rsa instead of rsa1 for example.
Greetings,
Jim.
> On Thu, Mar 15, 2007 at 02:03:45PM +0100, Jim van Wel wrote:
>> > On Thu, Mar 15, 2007 at 11:42:44AM +0000, Eur Ing Chris Green wrote:
>> >> On Thu, Mar 15, 2007 at 12:35:52PM +0100, Jim van Wel wrote:
>> >> > Hi there,
>> >> >
>> >> > > debug3: Not a RSA1 key file /home/chris/.ssh/id_rsa.
>> >> > > debug2: key_type_from_name: unknown key type '-----BEGIN'
>> >> >
>> >> > Your rsa_key is not alright? Are you working with SSH keys?
>> >> >
>> >> I was wondering what that was about too. The odd thing is that it
>> >> appears to work, if I remove my /home/chris/.ssh/id_rsa file (well,
>> >> rename it) then when I use ssh the remote hosts ask for my password.
>> >>
>> >> Maybe I'll try regenerating all my keys, those ones are quite old.
>> >>
>> > It makes no difference, I still get all that stuff (in debug) about
>> > "Not a RSA1 key file /home/chris/.ssh/id_rsa", all my ssh logins do
>> > the same but they all work OK except one.
>> >
>> Can you post your sshd_config here? Maybe some strange line somewhere.
>> How
>> did you generated the keys? Looks like the SSH-RSA is not working right.
>> It needs to parse your public key, and it is not doing this at this
>> moment.
>>
> I generated my keys by saying "ssh_keygen" and accepted the default
> file name.
>
> It's an absolutely default ssh_config as far as I can see:-
>
> # $OpenBSD: ssh_config,v 1.21 2005/12/06 22:38:27 reyk Exp $
>
> # This is the ssh client system-wide configuration file. See
> # ssh_config(5) for more information. This file provides defaults for
> # users, and the values can be changed in per-user configuration files
> # or on the command line.
>
> # Configuration data is parsed as follows:
> # 1. command line options
> # 2. user-specific file
> # 3. system-wide file
> # Any configuration value is only changed the first time it is set.
> # Thus, host-specific definitions should be at the beginning of the
> # configuration file, and defaults at the end.
>
> # Site-wide defaults for some commonly used options. For a comprehensive
> # list of available options, their meanings and defaults, please see the
> # ssh_config(5) man page.
>
> # Host *
> # ForwardAgent no
> # ForwardX11 no
> # RhostsRSAAuthentication no
> # RSAAuthentication yes
> # PasswordAuthentication yes
> # HostbasedAuthentication no
> # BatchMode no
> # CheckHostIP yes
> # AddressFamily any
> # ConnectTimeout 0
> # StrictHostKeyChecking ask
> # IdentityFile ~/.ssh/identity
> # IdentityFile ~/.ssh/id_rsa
> # IdentityFile ~/.ssh/id_dsa
> # Port 22
> # Protocol 2,1
> # Cipher 3des
> # Ciphers
> aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes>
> # EscapeChar ~
> # Tunnel no
> # TunnelDevice any:any
> # PermitLocalCommand no
> Host *
> GSSAPIAuthentication yes
> # If this option is set to yes then remote X11 clients will have full
> access
> # to the original X11 display. As virtually no X11 client supports the
> untrusted
> # mode correctly we set this to yes.
> ForwardX11Trusted yes
> # Send locale-related environment variables
> SendEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY
> LC_MESS>
> SendEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
> SendEnv LC_IDENTIFICATION LC_ALL
>
> --
> Chris Green
>
> --
> fedora-list mailing list
> fedora-list at redhat.com
> To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
>
More information about the fedora-list
mailing list