Hello,
I have installed openSSH 2.9p.1 on 5 IBM machines running AIX 4.2.x.
They all have the exact same ssh_known_hosts, .rhosts, sshd_config, and
ssh_config files one them (ftp transfer) and no .ssh/known_host file on
any of the machines. I am trying to ssh using RhostsRSAAuthentication
from machineA to the other 4 of them. Two of them work like they should,
but two are complaining and insist on password authentication. I am
using protocol 1 in this situation because of internal issues. Here is
the verbose output from the complaining machine (machines that are
complaining have the same output) [IP names and addresses have been
altered for protection]:
root@machineA/~<106# ssh -v machineC
OpenSSH_2.9p1, SSH protocols 1.5/2.0, OpenSSL 0x0090601f
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Seeded RNG with 34 bytes from programs
debug1: Seeded RNG with 3 bytes from system calls
debug1: Rhosts Authentication disabled, originating port will not be
trusted.
debug1: restore_uid
debug1: ssh_connect: getuid 0 geteuid 0 anon 1
debug1: Connecting to machineC [10.0.0.61] port 22.
debug1: temporarily_use_uid: 0/0 (e=0)
debug1: restore_uid
debug1: temporarily_use_uid: 0/0 (e=0)
debug1: restore_uid
debug1: Connection established.
debug1: read PEM private key done: type DSA
debug1: read PEM private key done: type RSA
debug1: identity file //.ssh/identity type -1
debug1: identity file //.ssh/id_rsa type -1
debug1: identity file //.ssh/id_dsa type -1
debug1: Remote protocol version 1.99, remote software version
OpenSSH_2.9p1
debug1: match: OpenSSH_2.9p1 pat ^OpenSSH
debug1: Local version string SSH-1.5-OpenSSH_2.9p1
debug1: Waiting for server public key.
debug1: Received server public key (768 bits) and host key (1024 bits).
debug1: Host 'machineC' is known and matches the RSA1 host key.
debug1: Found key in /etc/ssh/ssh_known_hosts:2
debug1: Encryption type: 3des
debug1: Sent encrypted session key.
debug1: Installing crc compensation attack detector.
debug1: Received encrypted confirmation.
debug1: Trying rhosts or /etc/hosts.equiv with RSA host authentication.
debug1: Remote: Accepted by .rhosts.
debug1: Remote: Your host key cannot be verified: unknown or invalid
host key.
debug1: Server refused our rhosts authentication or host key.
debug1: Doing password authentication.
root@machineC's password:
Please note that the output for a properly connecting machine is
identical (including the Rhosts Authentication disabled line) but the
host key is verified and password authentication doesn't happen which is
what I want. Does anyone have any thoughts on the issue ?? Any tips ??
Anything I could check ?? Anyone run into this problem ?? Thanks.
cheers - Jason :)
