On Thu, May 17, 2012 at 04:26:38PM -0700, Jason Usher wrote: > > > --- On Thu, 5/17/12, Jason Hellenthal <jhellent...@dataix.net> wrote: > > > > That is not the standard "key mismatch" error that you > > assumed it was.? Look at it again - it is saying that > > we do have a key for this server of type DSA, but the client > > is receiving one of type RSA, etc. > > > > > > The keys are the same - they have not changed at all - > > they are just being presented to clients in the reverse > > order, which is confusing them and breaking automated, > > key-based login. > > > > > > I need to take current ssh server behavior (rsa, then > > dss) and change it back to the old order (dss, then rsa). > > > > Have you attempted to change that order via sshd_config and > > placing the > > DSA directive before the RSA one ? > > > sshd_config has no such config directive. ssh_config does, but that's for > clients, and I have no way to interact with the clients. > > It would indeed be very nice if this key order, which seems like a prime > candidate for configuration, was a configurable option in sshd_config, but it > is not. > > I am fairly certain that I need to hack up some source files, and I thought I > had it with myproposal.h (see link in OP) but there must be more, because > that small change does not fix things...
You don't have any of this in your config ? # HostKey for protocol version 1 #HostKey /usr/local/etc/ssh/ssh_host_key # HostKeys for protocol version 2 HostKey /usr/local/etc/ssh/ssh_host_rsa_key #HostKey /usr/local/etc/ssh/ssh_host_dsa_key #HostKey /usr/local/etc/ssh/ssh_host_ecdsa_key -- - (2^(N-1)) _______________________________________________ freebsd-hackers@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "freebsd-hackers-unsubscr...@freebsd.org"
