In case any of you ever get the "Host key verification failed" error message when you try to ssh to any server including localhost. Thanks kaisen.
Symptoms:
Unable to ssh to any server including localhost when using a non-root account.
Consistently getting the "Host key verification failed" error message even when
~/known_hosts is already empty or doesn't exist
~/known_hosts never gets updated with new host keys
Reason:
Device pointed to by /dev/tty is not of 666 permission.
Resolution:
chmod 666 /dev/tty
Example:
Failed ssh attempts to localhost and other servers:
root@myserver:/etc/ssh>su - account1
myserver% ssh devusr@localhost
Host key verification failed.
myserver% ssh devusr@myserver
Host key verification failed.
root@myserver:/etc/ssh>su - myname
-bash-3.00$ ssh -x myname@myserver
Host key verification failed.
-bash-3.00$ ssh -x myname@myserver
Host key verification failed.
The culprit:
root@myserver:/etc/ssh>ls -l /dev/tty
lrwxrwxrwx 1 root other 26 Sep 11 2006 /dev/tty -> ../devices/pseudo/sy@0:tty
root@myserver:/etc/ssh>ls -l /devices/pseudo/sy@0:tty
crw--w---- 1 root tty 22, 0 Dec 15 20:20 /devices/pseudo/sy@0:tty
chmod 666 /dev/tty:
root@myserver:/etc/ssh>chmod 666 /devices/pseudo/sy@0:tty
root@myserver:/etc/ssh>ls -l /devices/pseudo/sy@0:tty
crw-rw-rw- 1 root tty 22, 0 Dec 15 20:20 /devices/pseudo/sy@0:tty
root@myserver:/etc/ssh>su - account2
-bash-3.00$ ls -l /devices/pseudo/sy@0:tty
crw-rw-rw- 1 root tty 22, 0 Dec 15 20:20 /devices/pseudo/sy@0:tty
ssh should now works and you are able to add new host keys to ~/known_hosts:
-bash-3.00$ ssh -x myname@myserver
The authenticity of host 'myserver (10.100.10.100)' can't be established.
RSA key fingerprint is 43:27:c1:aa:b9:c9:f1:21:33:11:aa:dd:ee:ff:10:9f.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'myserver,10.100.10.100' (RSA) to the list of known hosts.
Password:
Last login: Mon Dec 15 19:20:41 2008 from myserver2
Sun Microsystems Inc. SunOS 5.9 Generic May 2002
$ Connection to myserver closed.
-bash-3.00$ logout
Sunday, September 20, 2009
Getting "Host key verification failed" error message when you try to ssh to any server including localhost
Labels:
SolarisAdmin
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment