Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

SSH won't accept key

Status
Not open for further replies.
TSch

TSch

Technical User
Jul 12, 2001
557
DE
Good morning folks,

on sunday we had to restore one of our machines using an mksysb from 6th May.

Since then there have been no changes to the machine's ssh installation.

But after the restore we were unable to Login to the machine using ssh (Lucky for us the telnet is still open on that machine ...). I checked the authorized_keys file and everything's fine. It is same key as before we performed the restore.

Generally ssh is working. The subsystem is running an we can ssh from that machine to another machine ...

Any ideas ?

Regards
Thomas
 
Sort by date Sort by votes
That's exactly what happened to me! when i restored from a mksysb i got the following message when i tried to ssh

Code: 
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
69:2d:1c:73:08:52:2f:d8:05:ca:7e:b7:42:f0:0c:39.
Please contact your system administrator.
Add correct host key in /.ssh/known_hosts2 to get rid of this message.
Offending key in /etc/ssh/ssh_known_hosts2:8
RSA host key for s1empac has changed and you have requested strict checking.

I think the machine id has changed! so i had to go to the machine it self and do the ssh to the other machine and now it is working!

I just need to get rid of this message by updating the know_hosts2 in the etc!

Regards,
Khalid
 
Upvote 0 Downvote
I'll have a look into this.

Thanks a lot !
 
Upvote 0 Downvote
Thomas,

Just to update you with the solution to the warning i got above, i just had to restore /etc/ssh directory from a previous mksysb backup on that machine and then i had to stopsrc -s sshd and startsrc -s sshd and now every thing is back to normal!

I thought of sharing it with you and I hope this helps you as well.

Regards,
Khalid
 
Upvote 0 Downvote
I would recommend to re-generate host keys to have uniq on each none-cluster system (in cluster I keep the same)
 
Upvote 0 Downvote
Hi Khalid,

everything's fine now.

Thanks a lot for the help !

Regards
Thomas
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Michael1457
  • Locked
  • Question
AIX firewall accept established connection
Replies
3
Views
324
w5000
w5000
TSch
  • Locked
  • Question
Execute ssh command on VIO Server
Replies
1
Views
331
w5000
w5000
NoLogic001
  • Locked
  • Question
Ssh-keygen (Saving the key failed:)
Replies
3
Views
205
iggsterman
iggsterman
Guy987
  • Locked
  • Question
Smartcard authentication to SSH
Replies
0
Views
81
Guy987
Guy987
Germo
  • Locked
  • Question
Quick SSh Question
Replies
3
Views
84
VineetSingla
VineetSingla

Part and Inventory Search

Sponsor

Back
Top