Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in

  FAQ | Search | Memberlist | Usergroups | Statistics | Profile | Log in to check your private messages | Log in | Register

sshd -> correct key but not from a permitted host problem
 View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
hanj
Veteran
Veteran


Joined: 19 Aug 2003
Posts: 1500
PostPosted: Tue Aug 31, 2010 2:23 pm    Post subject: sshd -> correct key but not from a permitted host problem Reply with quote
I'm starting to see this on several boxes. I run offsite backups using dirvish, and I connect via SSH to these boxes. Now in my logs I'm starting to see something like this:

Code:
sshd[4724]: Authentication tried for xxxx with correct key but not from a permitted host (host=xxxx, ip=xxx.xxx.xxx.xxx).


I tried adding the hostname to the key, but the message continues:
Code:
from="hostname,xxx.xxx.xxx.xxx"


I'm running the following openssh on all boxes:
Code:
net-misc/openssh-5.5_p1-r2  USE="pam tcpd -X -X509 -hpn -kerberos -ldap -libedit (-selinux) -skey -static"


Any ideas?
Thanks!
hanji
_________________
Server Admin Blog - Uno-Code.com
Back to top
View user's profile Send private message
bjlockie
Veteran
Veteran


Joined: 18 Oct 2002
Posts: 1186
Location: Canada
PostPosted: Thu Sep 02, 2010 4:13 am    Post subject: Re: sshd -> correct key but not from a permitted host pro Reply with quote
hanj wrote:
I'm starting to see this on several boxes. I run offsite backups using dirvish, and I connect via SSH to these boxes. Now in my logs I'm starting to see something like this:

Code:
sshd[4724]: Authentication tried for xxxx with correct key but not from a permitted host (host=xxxx, ip=xxx.xxx.xxx.xxx).


I tried adding the hostname to the key, but the message continues:
Code:
from="hostname,xxx.xxx.xxx.xxx"


I'm running the following openssh on all boxes:
Code:
net-misc/openssh-5.5_p1-r2  USE="pam tcpd -X -X509 -hpn -kerberos -ldap -libedit (-selinux) -skey -static"


Any ideas?
Thanks!
hanji


Regenerate a key and put the pub on the remote box.
_________________
AMD FX6100 CPU, 16 GiB RAM, OCZ Vertex 3 SSD
ASRock 970 Extreme3 motherboard with S/PDIF audio
Galaxy-NVidia GeForce 8800GT video card, Cyber Power CP550HG USB UPS
Back to top
View user's profile Send private message
cwr
Veteran
Veteran


Joined: 17 Dec 2005
Posts: 1969
PostPosted: Thu Sep 02, 2010 7:28 am    Post subject: Reply with quote
Well, you could start by checking the known_hosts file, but it would be
nice to know why the setup has suddenly changed.

Will
Back to top
View user's profile Send private message
cach0rr0
Bodhisattva
Bodhisattva


Joined: 13 Nov 2008
Posts: 4123
Location: Houston, Republic of Texas
PostPosted: Thu Sep 02, 2010 8:33 am    Post subject: Reply with quote
you using /etc/hosts.allow and/or /etc/hosts.deny ?
_________________
Lost configuring your system?
dump lspci -n here | see Pappy's guide | Link Stash
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



 Links: forums.gentoo.org | www.gentoo.org | bugs.gentoo.org | wiki.gentoo.org | forum-mods@gentoo.org

Copyright 2001-2025 Gentoo Foundation, Inc. Designed by Kyle Manna © 2003; Style derived from original subSilver theme. | Hosting by Gossamer Threads Inc. © | Powered by phpBB 2.0.23-gentoo-p11 © 2001, 2002 phpBB Group
Privacy Policy