On Mon, 18 Feb 2002, Randy Arabie wrote:

> On Mon, 18 Feb 2002, dan radom wrote:
> 
> I'm no ssh expert, and I'm sure I'll be corrected if I'm wrong...
> but here is my shot at this:
> 
> > debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
> > debug1: Host 'pluto' is known and matches the RSA host key.
> > debug1: Found key in /home/graffix/.ssh/known_hosts:7
> > debug1: bits set: 1620/3191
> 
> That [above] says your sshd has a record of a connection from 'pluto'; there is 
> an older public key from pluto in /home/graffix/.ssh/known_hosts
> 
> > ssh_rsa_verify: RSA_verify failed: error:04077068:rsa routines:RSA_verify:bad signature
> > debug1: ssh_rsa_verify: signature incorrect
> > key_verify failed for server_host_key
> 
> However, for whatever reason, the authentication didn't work.  The 'signature' 
> passed during handshake didn't "unlock" the public key?
> 
> Perhaps 'pluto' is using a new set of keys now.  If you 'trust' pluto, 
> you could just delete the record in known_hosts.  When you reconnect 
> the client will tell you that 'pluto' is unknown, do you want to trust pluto.

I should add, that if there is _ANY_ chance that you are not talking to 
'pluto' in that handshake, then don't delete the record in known_hosts.
You could be the victim of a "man in the middle" attack.

-- 
Cheers!

Randy

================================================================
Randy Arabie
GnuPG Key Info -- 

 Fingerprint: 7E25 DFA2 EF72 9551 9C6C  8AA6 6E8C A0F5 7E33 D981
 Key ID: 7C603AEF
 http://www.arabie.org/keys/rrarabie.gnupg
================================================================