On Wed, Mar 08, 2000 at 01:52:16AM -0900, Ethan Benson wrote: > On Tue, Mar 07, 2000 at 11:33:37PM -0500, Michael Stone wrote: > > What would that workaround be? I only see a workaround to change the > > displayed message. > > edit the known_hosts file and change the 1023 to a 1024. Have you actually tried that or are you making an assumption? > slogin foo Warning: Server lies about size of server host key: actual size is 1023 bits vs. announced 1024. Warning: This may be due to an old implementation of ssh. The authenticity of host 'foo' can't be established. Key fingerprint is 1023 4c:c4:66:39:45:9d:cf:46:8f:f5:f6:a4:9a:f7:3c:3c. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added 'foo' to the list of known hosts. > grep foo .ssh/known_hosts foo 1023 37 78321456835647684088724321179959228715816993570785314601414202492847540992266306829835465306036012774254351586206770010420279667163844563655688369666830343053722363384089114700887864796180881904349163951320845370426715835870640149054823688787050575345596761790673959467193178318418213079368149332485896407769 At this point we alread have a discrepency with the documentation. (What you said is actually not what the UPGRADING file says.) "OpenSSH will print warning messages when it encounters such keys. To rid yourself of these message, edit you known_hosts files and replace the incorrect key length (usually "1024") with the correct key length (usually "1023")." Hmm. Looks like openssh uses 1023 automatically. But maybe you're right and the documentation is wrong. I'll make some changes. > grep foo .ssh/known_hosts foo 1024 37 78321456835647684088724321179959228715816993570785314601414202492847540992266306829835465306036012774254351586206770010420279667163844563655688369666830343053722363384089114700887864796180881904349163951320845370426715835870640149054823688787050575345596761790673959467193178318418213079368149332485896407769 > slogin foo Warning: Server lies about size of server host key: actual size is 1023 bits vs. announced 1024. Warning: This may be due to an old implementation of ssh. Warning: /home/mstone/.ssh/known_hosts, line 7: keysize mismatch for host foo: actual 1023 vs. announced 1024. Warning: replace 1024 with 1023 in /home/mstone/.ssh/known_hosts, line 7. Nope, that wasn't it. Got any other helpful untested advice? -- Mike Stone
Attachment:
pgpHEn8USKnPU.pgp
Description: PGP signature