[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Ssh keys problem



Anne Wilson wrote:
On Tuesday 21 March 2006 10:25, Andy Green wrote:
Anne Wilson wrote:
Warning - the authenticity of host 'borg (127.0.0.1)'... can't be
established RSA key fingerprint is ......
Are you sure you want to continue?

Permanently added 'borg' (RSA) to the list of known hosts.


It's perfectly possible that, when I made a boo-boo on transfering some
files from my home directory a couple of days ago, I could have
overwritten something. In fact, I think that's the most likely reason. Question is, though, how do I go about troubleshooting this? Should I
delete the .ssh directory on the remote box so that I have to start
afresh there?
Put simply, borg was not in your clientside ~/.ssh/known_hosts.  When
you said yes, it was added.  There's nothing to troubleshoot about that,
from now on ssh connects to borg will be checked against the signature
stored now in your known_hosts, silently unless borg's signature changes
(because it is another machine trying to fake you out, or because you
reinstalled the OS on borg, etc).

It's strange, though, as I had used it before.

Did you not mention some things got nuked? If you nuked ~/.ssh/known_hosts this is what you could expect.

When you run ssh-agent, it prints out some shell commands to set
environment vars.  You need to make sure that the environment you run
ssh from has those vars in it, otherwise ssh cannot communicate with
ssh-agent.

I'm not sure I understand, Andy. Putting your comments together with my experience of gpg, are you saying that ssh-agent isn't running? If so, I

No.

presume that I need to add it to startup scripts.

No need to be in the dark, find out if it is running, with

ps -Af | grep ssh-agent

What I was telling you is that is does not matter is ssh-agent is running or not, if the shell you run ssh from does not have the environment vars spat out by ssh-agent in it, then ssh will not be able to communicate with ssh-agent. One of the magic vars spat out by ssh-agent is a randomly-chosen socketname that ssh-agent is listening on

$ ssh-agent
SSH_AUTH_SOCK=/tmp/ssh-uQXjj14171/agent.14171; export SSH_AUTH_SOCK;
SSH_AGENT_PID=14172; export SSH_AGENT_PID;
echo Agent pid 14172;

Notice these are just printed by ssh-agent. You should start ssh-agent like this

eval `ssh-agent`

to get the magic environment vars into the current shell. Apparently you can stick that in

/etc/X11/xinit/Xclients

and infect the shell used to start your desktop manager with the magic vars so all of X (ie, Konsole windows, xterms, etc) can inherit them automatically.

-Andy

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]