Host key verification failed.
930 views
Skip to first unread message
gituser
May 8, 2012, 12:14:24 AM5/8/12
to Repo and Gerrit Discussion
SSH keys are steup on the website and on my machine correctly. I am on
unix. I get a host key verification error.
I check the id_rsa.pub file in .ssh and added that as the sitekey to
the website hosted on localhost and the github website. Any ideas on
why i am getting this message?
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle
attack)!
It is also possible that a host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
02:ea:81:74:8d:94:15:68:9f:6b:a0:62:52:5c:59:1c.
Please contact your system administrator.
Add correct host key in /mit/prashanw/.ssh/known_hosts to get rid of
this message.
Offending RSA key in /mit/prashanw/.ssh/known_hosts:1
remove with: ssh-keygen -f "/mit/prashanw/.ssh/known_hosts" -R
[localhost]:29418
RSA host key for [localhost]:29418 has changed and you have requested
strict checking.
Host key verification failed.
prashanw@w20-575-57:~/Desktop/gerrit$
unix. I get a host key verification error.
I check the id_rsa.pub file in .ssh and added that as the sitekey to
the website hosted on localhost and the github website. Any ideas on
why i am getting this message?
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle
attack)!
It is also possible that a host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
02:ea:81:74:8d:94:15:68:9f:6b:a0:62:52:5c:59:1c.
Please contact your system administrator.
Add correct host key in /mit/prashanw/.ssh/known_hosts to get rid of
this message.
Offending RSA key in /mit/prashanw/.ssh/known_hosts:1
remove with: ssh-keygen -f "/mit/prashanw/.ssh/known_hosts" -R
[localhost]:29418
RSA host key for [localhost]:29418 has changed and you have requested
strict checking.
Host key verification failed.
prashanw@w20-575-57:~/Desktop/gerrit$
gituser
May 8, 2012, 12:23:04 AM5/8/12
to Repo and Gerrit Discussion
Ok I managed to fix it by using the suggestion in the warning message.
But I get the following error ...why is the permission denied?
ssh prashanw@localhost -p 29418The authenticity of host '[localhost]:
29418 ([127.0.0.1]:29418)' can't be established.
RSA key fingerprint is 02:ea:81:74:8d:94:15:68:9f:6b:a0:62:52:5c:
59:1c.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '[localhost]:29418' (RSA) to the list of
known hosts.
Permission denied (publickey).
But I get the following error ...why is the permission denied?
ssh prashanw@localhost -p 29418The authenticity of host '[localhost]:
29418 ([127.0.0.1]:29418)' can't be established.
RSA key fingerprint is 02:ea:81:74:8d:94:15:68:9f:6b:a0:62:52:5c:
59:1c.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '[localhost]:29418' (RSA) to the list of
known hosts.
Permission denied (publickey).
gituser
May 8, 2012, 12:34:11 AM5/8/12
to Repo and Gerrit Discussion
So now the problem is when i run
ssh prashanw@localhost -p 29418
I get a
Permission denied (publickey).
Thanks for the help so far!
ssh prashanw@localhost -p 29418
I get a
Permission denied (publickey).
Thanks for the help so far!
Message has been deleted
Prashan Wanigasekara
May 8, 2012, 12:51:24 AM5/8/12
to Repo and Gerrit Discussion
ohh thanx for pointing out the mistake....i wasnt using prashanw as
the username!...thanx a lot for the help
On 5/8/12, gituser <pra...@gmail.com> wrote:
> Thanks for all the help! ..the log info is
>
> prashanw@w20-575-57:~/Desktop/gerrit$ ssh -vv -p 29418
> prashanw@localhost
> OpenSSH_5.8p1 Debian-1ubuntu3, OpenSSL 0.9.8o 01 Jun 2010
> debug1: Reading configuration data /etc/ssh/ssh_config
> debug1: Applying options for *
> debug2: ssh_connect: needpriv 0
> debug1: Connecting to localhost [127.0.0.1] port 29418.
> debug1: Connection established.
> debug2: key_type_from_name: unknown key type '-----BEGIN'
> debug2: key_type_from_name: unknown key type '-----END'
> debug1: identity file /mit/prashanw/.ssh/id_rsa type 1
> debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048
> debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048
> debug1: identity file /mit/prashanw/.ssh/id_rsa-cert type -1
> debug1: identity file /mit/prashanw/.ssh/id_dsa type -1
> debug1: identity file /mit/prashanw/.ssh/id_dsa-cert type -1
> debug1: identity file /mit/prashanw/.ssh/id_ecdsa type -1
> debug1: identity file /mit/prashanw/.ssh/id_ecdsa-cert type -1
> debug1: Remote protocol version 2.0, remote software version
> GerritCodeReview_2.2.2 (SSHD-CORE-0.5.1-R1095809)
> debug1: no match: GerritCodeReview_2.2.2 (SSHD-CORE-0.5.1-R1095809)
> debug1: Enabling compatibility mode for protocol 2.0
> debug1: Local version string SSH-2.0-OpenSSH_5.8p1 Debian-1ubuntu3
> debug2: fd 4 setting O_NONBLOCK
> debug1: Unspecified GSS failure. Minor code may provide more
> information
> Server host/loca...@ATHENA.MIT.EDU not found in Kerberos database
>
> debug1: Unspecified GSS failure. Minor code may provide more
> information
> Server host/loca...@ATHENA.MIT.EDU not found in Kerberos database
>
> debug1: Unspecified GSS failure. Minor code may provide more
> information
>
>
> debug1: SSH2_MSG_KEXINIT sent
> debug1: SSH2_MSG_KEXINIT received
> debug2: kex_parse_kexinit: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-
> sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-
> group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-
> sha1
> debug2: kex_parse_kexinit: ssh-rsa-...@openssh.com,ssh-rsa-cert-
> v...@openssh.com,ssh-rsa,ecdsa-sha2-nis...@openssh.com,ecdsa-
> sha2-nistp3...@openssh.com,ecdsa-sha2-nistp521-cert-
> v...@openssh.com,ssh-dss-...@openssh.com,ssh-dss-cert-
> v...@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-
> nistp521,ssh-dss
> debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-
> ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-
> cbc,aes192-cbc,aes256-cbc,arcfour,rijnda...@lysator.liu.se
> debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-
> ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-
> cbc,aes192-cbc,aes256-cbc,arcfour,rijnda...@lysator.liu.se
> debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,uma...@openssh.com,hmac-
> ripemd160,hmac-ri...@openssh.com,hmac-sha1-96,hmac-md5-96
> debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,uma...@openssh.com,hmac-
> ripemd160,hmac-ri...@openssh.com,hmac-sha1-96,hmac-md5-96
> debug2: kex_parse_kexinit: none,zl...@openssh.com,zlib
> debug2: kex_parse_kexinit: none,zl...@openssh.com,zlib
> debug2: kex_parse_kexinit:
> debug2: kex_parse_kexinit:
> debug2: kex_parse_kexinit: first_kex_follows 0
> debug2: kex_parse_kexinit: reserved 0
> debug2: kex_parse_kexinit: diffie-hellman-group1-sha1
> debug2: kex_parse_kexinit: ssh-rsa
> debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,aes192-
> cbc,aes256-cbc
> debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,aes192-
> cbc,aes256-cbc
> debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-md5-96,hmac-sha1-96
> debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-md5-96,hmac-sha1-96
> debug2: kex_parse_kexinit: none
> debug2: kex_parse_kexinit: none
> debug2: kex_parse_kexinit:
> debug2: kex_parse_kexinit:
> debug2: kex_parse_kexinit: first_kex_follows 0
> debug2: kex_parse_kexinit: reserved 0
> debug2: mac_setup: found hmac-md5
> debug1: kex: server->client aes128-cbc hmac-md5 none
> debug2: mac_setup: found hmac-md5
> debug1: kex: client->server aes128-cbc hmac-md5 none
> debug2: dh_gen_key: priv key bits set: 117/256
> debug2: bits set: 527/1024
> debug1: sending SSH2_MSG_KEXDH_INIT
> debug1: expecting SSH2_MSG_KEXDH_REPLY
> debug1: Server host key: RSA 02:ea:81:74:8d:94:15:68:9f:6b:a0:62:52:5c:
> 59:1c
> debug1: Host '[localhost]:29418' is known and matches the RSA host
> key.
> debug1: Found key in /mit/prashanw/.ssh/known_hosts:1
> debug2: bits set: 512/1024
> debug1: ssh_rsa_verify: signature correct
> debug2: kex_derive_keys
> debug2: set_newkeys: mode 1
> debug1: SSH2_MSG_NEWKEYS sent
> debug1: expecting SSH2_MSG_NEWKEYS
> debug2: set_newkeys: mode 0
> debug1: SSH2_MSG_NEWKEYS received
> debug1: Roaming not allowed by server
> debug1: SSH2_MSG_SERVICE_REQUEST sent
> debug2: service_accept: ssh-userauth
> debug1: SSH2_MSG_SERVICE_ACCEPT received
> debug2: key: /mit/prashanw/.ssh/id_rsa (0x7f482ac1d120)
> debug2: key: /mit/prashanw/.ssh/id_dsa ((nil))
> debug2: key: /mit/prashanw/.ssh/id_ecdsa ((nil))
> debug1: Authentications that can continue: publickey
> debug1: Next authentication method: publickey
> debug1: Offering RSA public key: /mit/prashanw/.ssh/id_rsa
> debug2: we sent a publickey packet, wait for reply
> debug1: Authentications that can continue: publickey
> debug1: Trying private key: /mit/prashanw/.ssh/id_dsa
> debug1: Trying private key: /mit/prashanw/.ssh/id_ecdsa
> debug2: we did not send a packet, disable method
> debug1: No more authentication methods to try.
> Permission denied (publickey).
> prashanw@w20-575-57:~/Desktop/gerrit$
> --
> To unsubscribe, email repo-discuss...@googlegroups.com
> More info at http://groups.google.com/group/repo-discuss?hl=en
>
the username!...thanx a lot for the help
On 5/8/12, gituser <pra...@gmail.com> wrote:
> Thanks for all the help! ..the log info is
>
> prashanw@w20-575-57:~/Desktop/gerrit$ ssh -vv -p 29418
> prashanw@localhost
> OpenSSH_5.8p1 Debian-1ubuntu3, OpenSSL 0.9.8o 01 Jun 2010
> debug1: Reading configuration data /etc/ssh/ssh_config
> debug1: Applying options for *
> debug2: ssh_connect: needpriv 0
> debug1: Connecting to localhost [127.0.0.1] port 29418.
> debug1: Connection established.
> debug2: key_type_from_name: unknown key type '-----BEGIN'
> debug2: key_type_from_name: unknown key type '-----END'
> debug1: identity file /mit/prashanw/.ssh/id_rsa type 1
> debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048
> debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048
> debug1: identity file /mit/prashanw/.ssh/id_rsa-cert type -1
> debug1: identity file /mit/prashanw/.ssh/id_dsa type -1
> debug1: identity file /mit/prashanw/.ssh/id_dsa-cert type -1
> debug1: identity file /mit/prashanw/.ssh/id_ecdsa type -1
> debug1: identity file /mit/prashanw/.ssh/id_ecdsa-cert type -1
> debug1: Remote protocol version 2.0, remote software version
> GerritCodeReview_2.2.2 (SSHD-CORE-0.5.1-R1095809)
> debug1: no match: GerritCodeReview_2.2.2 (SSHD-CORE-0.5.1-R1095809)
> debug1: Enabling compatibility mode for protocol 2.0
> debug1: Local version string SSH-2.0-OpenSSH_5.8p1 Debian-1ubuntu3
> debug2: fd 4 setting O_NONBLOCK
> debug1: Unspecified GSS failure. Minor code may provide more
> information
> Server host/loca...@ATHENA.MIT.EDU not found in Kerberos database
>
> debug1: Unspecified GSS failure. Minor code may provide more
> information
> Server host/loca...@ATHENA.MIT.EDU not found in Kerberos database
>
> debug1: Unspecified GSS failure. Minor code may provide more
> information
>
>
> debug1: SSH2_MSG_KEXINIT sent
> debug1: SSH2_MSG_KEXINIT received
> debug2: kex_parse_kexinit: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-
> sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-
> group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-
> sha1
> debug2: kex_parse_kexinit: ssh-rsa-...@openssh.com,ssh-rsa-cert-
> v...@openssh.com,ssh-rsa,ecdsa-sha2-nis...@openssh.com,ecdsa-
> sha2-nistp3...@openssh.com,ecdsa-sha2-nistp521-cert-
> v...@openssh.com,ssh-dss-...@openssh.com,ssh-dss-cert-
> v...@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-
> nistp521,ssh-dss
> debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-
> ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-
> cbc,aes192-cbc,aes256-cbc,arcfour,rijnda...@lysator.liu.se
> debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-
> ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-
> cbc,aes192-cbc,aes256-cbc,arcfour,rijnda...@lysator.liu.se
> debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,uma...@openssh.com,hmac-
> ripemd160,hmac-ri...@openssh.com,hmac-sha1-96,hmac-md5-96
> debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,uma...@openssh.com,hmac-
> ripemd160,hmac-ri...@openssh.com,hmac-sha1-96,hmac-md5-96
> debug2: kex_parse_kexinit: none,zl...@openssh.com,zlib
> debug2: kex_parse_kexinit: none,zl...@openssh.com,zlib
> debug2: kex_parse_kexinit:
> debug2: kex_parse_kexinit:
> debug2: kex_parse_kexinit: first_kex_follows 0
> debug2: kex_parse_kexinit: reserved 0
> debug2: kex_parse_kexinit: diffie-hellman-group1-sha1
> debug2: kex_parse_kexinit: ssh-rsa
> debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,aes192-
> cbc,aes256-cbc
> debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,aes192-
> cbc,aes256-cbc
> debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-md5-96,hmac-sha1-96
> debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-md5-96,hmac-sha1-96
> debug2: kex_parse_kexinit: none
> debug2: kex_parse_kexinit: none
> debug2: kex_parse_kexinit:
> debug2: kex_parse_kexinit:
> debug2: kex_parse_kexinit: first_kex_follows 0
> debug2: kex_parse_kexinit: reserved 0
> debug2: mac_setup: found hmac-md5
> debug1: kex: server->client aes128-cbc hmac-md5 none
> debug2: mac_setup: found hmac-md5
> debug1: kex: client->server aes128-cbc hmac-md5 none
> debug2: dh_gen_key: priv key bits set: 117/256
> debug2: bits set: 527/1024
> debug1: sending SSH2_MSG_KEXDH_INIT
> debug1: expecting SSH2_MSG_KEXDH_REPLY
> debug1: Server host key: RSA 02:ea:81:74:8d:94:15:68:9f:6b:a0:62:52:5c:
> 59:1c
> debug1: Host '[localhost]:29418' is known and matches the RSA host
> key.
> debug1: Found key in /mit/prashanw/.ssh/known_hosts:1
> debug2: bits set: 512/1024
> debug1: ssh_rsa_verify: signature correct
> debug2: kex_derive_keys
> debug2: set_newkeys: mode 1
> debug1: SSH2_MSG_NEWKEYS sent
> debug1: expecting SSH2_MSG_NEWKEYS
> debug2: set_newkeys: mode 0
> debug1: SSH2_MSG_NEWKEYS received
> debug1: Roaming not allowed by server
> debug1: SSH2_MSG_SERVICE_REQUEST sent
> debug2: service_accept: ssh-userauth
> debug1: SSH2_MSG_SERVICE_ACCEPT received
> debug2: key: /mit/prashanw/.ssh/id_rsa (0x7f482ac1d120)
> debug2: key: /mit/prashanw/.ssh/id_dsa ((nil))
> debug2: key: /mit/prashanw/.ssh/id_ecdsa ((nil))
> debug1: Authentications that can continue: publickey
> debug1: Next authentication method: publickey
> debug1: Offering RSA public key: /mit/prashanw/.ssh/id_rsa
> debug2: we sent a publickey packet, wait for reply
> debug1: Authentications that can continue: publickey
> debug1: Trying private key: /mit/prashanw/.ssh/id_dsa
> debug1: Trying private key: /mit/prashanw/.ssh/id_ecdsa
> debug2: we did not send a packet, disable method
> debug1: No more authentication methods to try.
> Permission denied (publickey).
> prashanw@w20-575-57:~/Desktop/gerrit$
> To unsubscribe, email repo-discuss...@googlegroups.com
> More info at http://groups.google.com/group/repo-discuss?hl=en
>
Reply all
Reply to author
Forward
0 new messages