The problem magically fixed itself, but the key was not being accepted. I don't know where or how long keys might be, the only places I know where they're stored is in ~./ssh and /etc/ssh/
On Thu, Oct 3, 2013 at 11:11 AM, Csaba Toth <[email protected]> wrote: > Maybe that's not the only place for storing known hosts keys. Is there any > place in /etc/ or something? > > What's the actual error message? > > > On Thu, Oct 3, 2013 at 7:52 AM, Chris McQuistion > <[email protected]>wrote: > >> Yeah, we deleted the old keys out of the /root/.ssh/known_hosts file on >> the client side. Did that several times, actually. >> >> >> On Thu, Oct 3, 2013 at 9:20 AM, Csaba Toth <[email protected]>wrote: >> >>> The SSH keys on the _client_ side got deleted properly? >>> You know when you first connect to a host you accept it's public key, >>> and it is stored on client side. This is to avoid such fraud that someone >>> swaps out a machine with another one. The two machines won't have the same >>> keypair. I have a feeling that this prevention mechanism kicks in? >>> What's the exact error message? >>> >>> Csaba >>> >>> >>> On Wed, Oct 2, 2013 at 11:15 PM, Tilghman Lesher >>> <[email protected]>wrote: >>> >>>> I would suggest adding "-vvv" to your ssh command. The debugging >>>> information will generally show you where the error lies. If that >>>> doesn't get it, you can also change the LogLevel in >>>> /etc/ssh/sshd_config from INFO (default) to DEBUG, restart sshd, and >>>> look at your system logs. >>>> >>>> On Wed, Oct 2, 2013 at 5:05 PM, Curt Lundgren <[email protected]> >>>> wrote: >>>> > I regenerated the server SSH keys, which are separate from the root >>>> user SSH >>>> > keys: >>>> > >>>> > ssh_host_dsa_key >>>> > ssh_host_key >>>> > ssh_host_rsa_key >>>> > >>>> > >>>> > >>>> > On Wed, Oct 2, 2013 at 5:02 PM, Chris McQuistion < >>>> [email protected]> >>>> > wrote: >>>> >> >>>> >> Curt, did you run "ssh-keygen -t rsa" to generate the RSA key on >>>> this new >>>> >> server? Did you include a passphrase when it ran? >>>> >> >>>> >> >>>> >> On Wed, Oct 2, 2013 at 4:48 PM, Curt Lundgren <[email protected]> >>>> wrote: >>>> >>> >>>> >>> Thanks, Dave. I can reboot one of the clients in the morning, >>>> perhaps >>>> >>> that will clear up the issue. >>>> >>> >>>> >>> Curt >>>> >>> >>>> >>> >>>> >>> On Wed, Oct 2, 2013 at 4:45 PM, Dave Manginelli >>>> >>> <[email protected]> wrote: >>>> >>>> >>>> >>>> I'm at a client's site so I can't test this or be more specific >>>> but this >>>> >>>> sounds to me like the host key of the "old" machine is cached in >>>> the client >>>> >>>> and it does not match the host key of the machine now residing at >>>> that IP. >>>> >>>> You can test this by using the HostKeyAlias parameter when you >>>> connect from >>>> >>>> the client and setting it to any arbitrary name NOT in actual use >>>> on your >>>> >>>> network. It should ask you if you accept the new host key and >>>> then connect >>>> >>>> automatically after that as long as the same HostKeyAlias is >>>> supplied. You >>>> >>>> can fix it by clearing the key for that IP address on the client >>>> but I don't >>>> >>>> remember where it's located and am not able to pursue it right now. >>>> >>>> >>>> >>>> Maybe this will point you in the right direction... >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> On Wed, Oct 2, 2013 at 4:22 PM, Curt Lundgren <[email protected]> >>>> >>>> wrote: >>>> >>>>> >>>> >>>>> I've just built a couple of CentOS 6.4 machines, and need to use a >>>> >>>>> no-password RSA key login to root. No flames please about >>>> logging in as >>>> >>>>> root. >>>> >>>>> >>>> >>>>> Had it working on both machines, but when I changed the "main" IP >>>> >>>>> address so the new machine could take over for an ailing one, the >>>> login >>>> >>>>> capability was lost. I can do a password login, but not with the >>>> RSA key. >>>> >>>>> >>>> >>>>> Thought it might be the server SSH keys, as though they're >>>> somehow tied >>>> >>>>> to IP addresses, so I regenerated them. No joy. I've tried >>>> logging in from >>>> >>>>> a couple of different boxes (Linux and Mac), still no joy. >>>> >>>>> >>>> >>>>> The other server got built, got its "main" IP address changed, >>>> and is >>>> >>>>> working just fine. I did a diff between sshd_config on both >>>> machines; the >>>> >>>>> files are identical. >>>> >>>>> >>>> >>>>> I'm scratching my head and it's starting to hurt. Any ideas? (I >>>> know, >>>> >>>>> stop scratching.) >>>> >>>>> >>>> >>>>> Curt >>>> >>>>> >>>> >>>>> -- >>>> >>>>> -- >>>> >>>>> You received this message because you are subscribed to the Google >>>> >>>>> Groups "NLUG" group. >>>> >>>>> To post to this group, send email to [email protected] >>>> >>>>> To unsubscribe from this group, send email to >>>> >>>>> [email protected] >>>> >>>>> For more options, visit this group at >>>> >>>>> http://groups.google.com/group/nlug-talk?hl=en >>>> >>>>> >>>> >>>>> --- >>>> >>>>> You received this message because you are subscribed to the Google >>>> >>>>> Groups "NLUG" group. >>>> >>>>> To unsubscribe from this group and stop receiving emails from it, >>>> send >>>> >>>>> an email to [email protected]. >>>> >>>>> For more options, visit https://groups.google.com/groups/opt_out. >>>> >>>> >>>> >>>> >>>> >>>> -- >>>> >>>> -- >>>> >>>> You received this message because you are subscribed to the Google >>>> >>>> Groups "NLUG" group. >>>> >>>> To post to this group, send email to [email protected] >>>> >>>> To unsubscribe from this group, send email to >>>> >>>> [email protected] >>>> >>>> For more options, visit this group at >>>> >>>> http://groups.google.com/group/nlug-talk?hl=en >>>> >>>> >>>> >>>> --- >>>> >>>> You received this message because you are subscribed to the Google >>>> >>>> Groups "NLUG" group. >>>> >>>> To unsubscribe from this group and stop receiving emails from it, >>>> send >>>> >>>> an email to [email protected]. >>>> >>>> For more options, visit https://groups.google.com/groups/opt_out. >>>> >>> >>>> >>> >>>> >>> -- >>>> >>> -- >>>> >>> You received this message because you are subscribed to the Google >>>> Groups >>>> >>> "NLUG" group. >>>> >>> To post to this group, send email to [email protected] >>>> >>> To unsubscribe from this group, send email to >>>> >>> [email protected] >>>> >>> For more options, visit this group at >>>> >>> http://groups.google.com/group/nlug-talk?hl=en >>>> >>> >>>> >>> --- >>>> >>> You received this message because you are subscribed to the Google >>>> Groups >>>> >>> "NLUG" group. >>>> >>> To unsubscribe from this group and stop receiving emails from it, >>>> send an >>>> >>> email to [email protected]. >>>> >>> For more options, visit https://groups.google.com/groups/opt_out. >>>> >> >>>> >> >>>> >> -- >>>> >> -- >>>> >> You received this message because you are subscribed to the Google >>>> Groups >>>> >> "NLUG" group. >>>> >> To post to this group, send email to [email protected] >>>> >> To unsubscribe from this group, send email to >>>> >> [email protected] >>>> >> For more options, visit this group at >>>> >> http://groups.google.com/group/nlug-talk?hl=en >>>> >> >>>> >> --- >>>> >> You received this message because you are subscribed to the Google >>>> Groups >>>> >> "NLUG" group. >>>> >> To unsubscribe from this group and stop receiving emails from it, >>>> send an >>>> >> email to [email protected]. >>>> >> For more options, visit https://groups.google.com/groups/opt_out. >>>> > >>>> > >>>> > -- >>>> > -- >>>> > You received this message because you are subscribed to the Google >>>> Groups >>>> > "NLUG" group. >>>> > To post to this group, send email to [email protected] >>>> > To unsubscribe from this group, send email to >>>> > [email protected] >>>> > For more options, visit this group at >>>> > http://groups.google.com/group/nlug-talk?hl=en >>>> > >>>> > --- >>>> > You received this message because you are subscribed to the Google >>>> Groups >>>> > "NLUG" group. >>>> > To unsubscribe from this group and stop receiving emails from it, >>>> send an >>>> > email to [email protected]. >>>> > For more options, visit https://groups.google.com/groups/opt_out. >>>> >>>> -- >>>> -- >>>> You received this message because you are subscribed to the Google >>>> Groups "NLUG" group. >>>> To post to this group, send email to [email protected] >>>> To unsubscribe from this group, send email to >>>> [email protected] >>>> For more options, visit this group at >>>> http://groups.google.com/group/nlug-talk?hl=en >>>> >>>> --- >>>> You received this message because you are subscribed to the Google >>>> Groups "NLUG" group. >>>> To unsubscribe from this group and stop receiving emails from it, send >>>> an email to [email protected]. >>>> For more options, visit https://groups.google.com/groups/opt_out. >>>> >>> >>> -- >>> -- >>> You received this message because you are subscribed to the Google >>> Groups "NLUG" group. >>> To post to this group, send email to [email protected] >>> To unsubscribe from this group, send email to >>> [email protected] >>> For more options, visit this group at >>> http://groups.google.com/group/nlug-talk?hl=en >>> >>> --- >>> You received this message because you are subscribed to the Google >>> Groups "NLUG" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to [email protected]. >>> For more options, visit https://groups.google.com/groups/opt_out. >>> >> >> -- >> -- >> You received this message because you are subscribed to the Google Groups >> "NLUG" group. >> To post to this group, send email to [email protected] >> To unsubscribe from this group, send email to >> [email protected] >> For more options, visit this group at >> http://groups.google.com/group/nlug-talk?hl=en >> >> --- >> You received this message because you are subscribed to the Google Groups >> "NLUG" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> For more options, visit https://groups.google.com/groups/opt_out. >> > > -- > -- > You received this message because you are subscribed to the Google Groups > "NLUG" group. > To post to this group, send email to [email protected] > To unsubscribe from this group, send email to > [email protected] > For more options, visit this group at > http://groups.google.com/group/nlug-talk?hl=en > > --- > You received this message because you are subscribed to the Google Groups > "NLUG" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > For more options, visit https://groups.google.com/groups/opt_out. > -- -- You received this message because you are subscribed to the Google Groups "NLUG" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/nlug-talk?hl=en --- You received this message because you are subscribed to the Google Groups "NLUG" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
