Mailinglist Archive: opensuse-security (465 mails)

< Previous Next >
Re: [suse-security] Problems with OpenSSH after upgrading: private keys broken !
  • From: JW <jw@xxxxxxxxxxxxxxxxxx>
  • Date: Thu, 06 Dec 2001 12:44:23 -0600
  • Message-id: <5.1.0.14.0.20011206123316.020efe90@xxxxxxxxxxxxxxxxxxxxxxx>
At 06:11 PM 12/6/2001 +0000, you wrote:

>Hello,
>
>> Last night I installed the OpenSSH update from YOU, and this morning I found that all our public keys don't work anymore.
>> What's worse, generating new ones doesn't work either.
>
>I updated OpenSSH when the new version was made available on
>many boxes running 7.0 and 7.2 and I had the same problem.
>When you install the new version, a new config file is created as
>/etc/ssh/sshd_config.rpmnew. It seems this new config file has
>different options than the one provided with the older versions of
>OpenSSH I had. Copy the .rpmnew file in place of
>/etc/ssh/sshd_config and adjust it to your setup. It worked for me
>after that.
>

On one box I didn't have any .rpmnew files, which is odd.

On the other one I did install the .rpmnew files and that didn't help either.

I've even tried setting up new rsa and dsa keys between the two hosts have the hte now-updated sshd and it _still_ doens't work.

Am I doing it wrong? Here's what I do:

On the client side:
jw@suse3:~ > ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/jw/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/jw/.ssh/id_rsa.
Your public key has been saved in /home/jw/.ssh/id_rsa.pub.
The key fingerprint is:
bd:fb:df:4e:26:39:9b:3f:e7:68:47:b4:9b:f7:42:b6 jw@suse3
jw@suse3:~ > cat /home/jw/.ssh/id_rsa.pub

copy paste output of cat starting with "ssh-rsa" and ending with "jw@suse3" and paste it into the remote host ("sever") in ~/.ssh/authorized_keys.

Go back to client, type ssh <remote server, which in this case is "fluorite"> and I get asked for a password!:

jw@suse3:~ > ssh fluorite
jw@fluorite's password:

ssh jw@fluorite doesn't fix the prob either.

What am I doing wrong?





----------------------------------------------------
Jonathan Wilson
System Administrator

Cedar Creek Software http://www.cedarcreeksoftware.com
Central Texas IT http://www.centraltexasit.com


< Previous Next >
References