ssh behavior changes after upgrade to 4.1-portable
Dan Mahoney, System Admin
danm at prime.gushi.org
Tue Aug 30 19:43:40 GMT 2005
Hey all, I just upgraded to the latest 4.1-portable openssh, and now
when trying to log into my system I get the following:
danm at box:/etc/ssh$ ssh danm at prime.gushi.org
WARNING: DSA key found for host prime.gushi.org
in /home/danm/.ssh/known_hosts:1
DSA key fingerprint d9:07:d0:eb:89:3d:04:73:33:e8:05:1c:6d:06:af:6b.
The authenticity of host 'prime.gushi.org (65.125.228.130)' can't be
established
but keys of different type are already known for this host.
RSA key fingerprint is ed:53:bd:52:65:9d:9d:9f:e8:bf:71:2a:82:03:1b:38.
Are you sure you want to continue connecting (yes/no)?
I have *always* had DSA *and* RSA keys available. Does the upgrade
cause the server to offer the keys in a different order of some sort?
According to a post on googlegroups (search for ssh patchset), this is
because the SSH built into the OS prefers DSA to RSA, but openSSH prefers
RSA to DSA
Why neither the builtin nor openssh-portable has this as a config file
variable is beyond me -- nor why the security/openssh-portable doesn't
make the same patch.
Is there any way I can force the thing to go back to its old behavior?
-Dan Mahoney
--
"You're a nomad billygoat!"
-Juston, July 18th, 2002
--------Dan Mahoney--------
Techie, Sysadmin, WebGeek
Gushi on efnet/undernet IRC
ICQ: 13735144 AIM: LarpGM
Site: http://www.gushi.org
---------------------------
More information about the freebsd-questions
mailing list