[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[sshproxy-dev] Re: SSHproxy - 'Incompatible ssh peer' error
|
From: |
Kalina Detko |
|
Subject: |
[sshproxy-dev] Re: SSHproxy - 'Incompatible ssh peer' error |
|
Date: |
Mon, 25 Jul 2005 21:31:25 +0200 |
|
User-agent: |
Debian Thunderbird 1.0.2 (X11/20050602) |
David Guerizec wrote:
Le Dimanche 24 Juillet 2005 01:44, vous avez écrit :
Unfortunately, I'm getting a strange error and have no idea how to fix it.
I've added a new entry into 'site' table - with name = my computer's
hostname and ip_address = my computer's IP. Then, I've added my login
and password to my computer to the 'user' table (with appropriate site_id).
I run the server and then I try to run the client... and I get such error:
Incompatible ssh peer (no acceptable host key)
I could understand this problem if it was a remote host, but I'm trying
to ssh from my localhost to localhost. I've tried 'ssh my_hostname'
before, so the RSA key already exists - how could there be any mismatch?
Of course, connecting with a real, external server causes the same error.
Do you have any ideas, how to fix this?
I think yes.
First, note that RSA is not used by the proxy, and SSH protocol 2 must be
enabled on the remote host (Protocol 2 in /etc/ssh/sshd_config).
As remote host in this case is localhost, i've checked:
$ grep -i proto /etc/ssh/sshd_config | grep -v ^#
Protocol 2
Support for protocol 1 is not planned due to security risks, and support for
RSA is not yet planned, but could be in the future.
Then ensure you have created the configuration directory $HOME/.sshproxy and
created a DSA key pair with the following command:
$ ssh-keygen -t dsa -f $HOME/.sshproxy/id_dsa
I've had generated this key before, but to be sure, I've done it again.
Finally, you have to have the proxy host key in the $HOME/.ssh/known_hosts
file.
To do this, the simpler is to create a new entry in your /etc/hosts file:
(type this as root)
# echo '127.0.0.1 ssh-proxy' >> /etc/hosts
$ grep ssh-proxy /etc/hosts
127.0.0.1 ssh-proxy
then, as your user, type:
$ ssh -p 2242 ssh-proxy
Why port 2242? My sshd listens on 22.
if it asks if it can add the host key to your known_hosts file, type y, then
you can kill it by Control-C.
Done.
I have either 127.0.0.1, my non-loopback address, my hostname and
'localhost' in known_hosts file.
You should now be ready to retry the SSH client with the following command:
$ ./SSH -P address@hidden address@hidden
I've added also 'ssh-proxy' to 'sites' mysql table, and my login to
'user' table. Then:
$ ./SSH -P address@hidden address@hidden
Password:
Incompatible ssh peer (no acceptable host key)
Your example:
$ ./SSH -P address@hidden address@hidden
Password:
Traceback (most recent call last):
(...python traceback...)
AttributeError: SSHClient instance has no attribute 'hostkey'
Understandable - my hostname is not 'ssh-proxy'.
Another try:
$ ./SSH -P address@hidden address@hidden
Password:
Incompatible ssh peer (no acceptable host key)
Tell me if it still doesn't work.
For me - it looks like my computer doesn't like paramiko ;-)
Maybe I should ask on the paramiko mailing list?
I've found this exception in paramiko sources, but there is no more
explanation in the code - just that some key doesn't match other key.
Do you have any other ideas?
--
Kalina
----------------------------------------------------------------------
Najlepszy serwis MOTO w Polsce! >>> http://link.interia.pl/f18a8