On Mon, 18 Feb 2002, dan radom wrote:

I'm no ssh expert, and I'm sure I'll be corrected if I'm wrong...
but here is my shot at this:

> debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
> debug1: Host 'pluto' is known and matches the RSA host key.
> debug1: Found key in /home/graffix/.ssh/known_hosts:7
> debug1: bits set: 1620/3191

That [above] says your sshd has a record of a connection from 'pluto'; there is 
an older public key from pluto in /home/graffix/.ssh/known_hosts

> ssh_rsa_verify: RSA_verify failed: error:04077068:rsa routines:RSA_verify:bad signature
> debug1: ssh_rsa_verify: signature incorrect
> key_verify failed for server_host_key

However, for whatever reason, the authentication didn't work.  The 'signature' 
passed during handshake didn't "unlock" the public key?

Perhaps 'pluto' is using a new set of keys now.  If you 'trust' pluto, you could just delete the record in known_hosts.  When you reconnect the client will tell you that 'pluto' is unknown, do you want to trust pluto.

-- 
Cheers!

Randy

================================================================
Randy Arabie
GnuPG Key Info -- 

 Fingerprint: 7E25 DFA2 EF72 9551 9C6C  8AA6 6E8C A0F5 7E33 D981
 Key ID: 7C603AEF
 http://www.arabie.org/keys/rrarabie.gnupg
================================================================