[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Форвард 22 порта и "Host key verification failed"

Oleg Frolkov -> debian-russian@lists.debian.org  @ Fri, 25 Jul 2008 23:38:35 +0400:

 OF> $ ssh -vvv user@1.2.3.4
 OF> OpenSSH_3.6.1p2, SSH protocols 1.5/2.0, OpenSSL 0x0090701f
 OF> debug1: Reading configuration data /etc/ssh/ssh_config
 OF> debug1: Applying options for *
 OF> debug1: Rhosts Authentication disabled, originating port will not be trusted.
 OF> debug2: ssh_connect: needpriv 0
 OF> debug1: Connecting to 1.2.3.4 [1.2.3.4] port 22.
 OF> debug1: Connection established.
 OF> debug1: identity file /home/sysop/.ssh/identity type -1
 OF> debug1: identity file /home/sysop/.ssh/id_rsa type -1
 OF> debug1: identity file /home/sysop/.ssh/id_dsa type -1
 OF> debug1: Remote protocol version 2.0, remote software version OpenSSH_4.3p2
 OF> Debian-9etch2
 OF> debug1: match: OpenSSH_4.3p2 Debian-9etch2 pat OpenSSH*
 OF> debug1: Enabling compatibility mode for protocol 2.0
 OF> debug1: Local version string SSH-2.0-OpenSSH_3.6.1p2
 OF> debug1: SSH2_MSG_KEXINIT sent
 OF> debug1: SSH2_MSG_KEXINIT received
 OF> debug2: kex_parse_kexinit:
 OF> diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1
 OF> debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
 OF> debug2: kex_parse_kexinit:
 OF> aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se
 OF> debug2: kex_parse_kexinit:
 OF> aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se
 OF> debug2: kex_parse_kexinit:
 OF> hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
 OF> debug2: kex_parse_kexinit:
 OF> hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
 OF> debug2: kex_parse_kexinit: none,zlib
 OF> debug2: kex_parse_kexinit: none,zlib
 OF> debug2: kex_parse_kexinit:
 OF> debug2: kex_parse_kexinit:
 OF> debug2: kex_parse_kexinit: first_kex_follows 0
 OF> debug2: kex_parse_kexinit: reserved 0
 OF> debug2: kex_parse_kexinit:
 OF> diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
 OF> debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
 OF> debug2: kex_parse_kexinit:
 OF> aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
 OF> debug2: kex_parse_kexinit:
 OF> aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour128,arcfour256,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@lysator.liu.se,aes128-ctr,aes192-ctr,aes256-ctr
 OF> debug2: kex_parse_kexinit:
 OF> hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
 OF> debug2: kex_parse_kexinit:
 OF> hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
 OF> debug2: kex_parse_kexinit: none,zlib@openssh.com
 OF> debug2: kex_parse_kexinit: none,zlib@openssh.com
 OF> debug2: kex_parse_kexinit:
 OF> debug2: kex_parse_kexinit:
 OF> debug2: kex_parse_kexinit: first_kex_follows 0
 OF> debug2: kex_parse_kexinit: reserved 0
 OF> debug2: mac_init: found hmac-md5
 OF> debug1: kex: server->client aes128-cbc hmac-md5 none
 OF> debug2: mac_init: found hmac-md5
 OF> debug1: kex: client->server aes128-cbc hmac-md5 none
 OF> debug1: SSH2_MSG_KEX_DH_GEX_REQUEST sent
 OF> debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
 OF> debug2: dh_gen_key: priv key bits set: 123/256
 OF> debug2: bits set: 1057/2048
 OF> debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
 OF> debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
 OF> debug3: check_host_in_hostfile: filename /home/sysop/.ssh/known_hosts
 OF> debug3: check_host_in_hostfile: filename /etc/ssh/ssh_known_hosts
 OF> debug3: check_host_in_hostfile: filename /home/sysop/.ssh/known_hosts
 OF> debug3: check_host_in_hostfile: filename /etc/ssh/ssh_known_hosts
 OF> debug2: no key of type 0 for host 1.2.3.4
 OF> debug3: check_host_in_hostfile: filename /home/sysop/.ssh/known_hosts2
 OF> debug3: check_host_in_hostfile: filename /etc/ssh/ssh_known_hosts2
 OF> debug3: check_host_in_hostfile: filename /home/sysop/.ssh/known_hosts
 OF> debug3: check_host_in_hostfile: filename /etc/ssh/ssh_known_hosts
 OF> debug2: no key of type 2 for host 1.2.3.4
 OF> Host key verification failed.
 OF> debug1: Calling cleanup 0x8062d60(0x0)


 OF> Но все равно это для меня не прояснило ситуацию :( ssh не нашел локально ключа
 OF> и не делает попыток его получить с той стороны.

Ну, он его уже получил, иначе что бы он искал в known_hosts?

А от рута, говоришь, работает?  А на разницу посмотреть?
И потом эта...  man ssh_config на предмет StrictHostKeyChecking?

-- 
Artem Chuprina
RFC2822: <ran{}ran.pp.ru> Jabber: ran@jabber.ran.pp.ru

Балансу вежливости и самоуважения надо учиться у англичан. Они ко всем
обращаются на "вы", но "Я" пишут с большой буквы
	(c) Yuri Nesterenko
Reply to: