[X2Go-Dev] X2go Mac client and Red Hat 7 server

Mihai Moldovan ionic at ionic.de
Tue May 12 01:06:56 CEST 2015 

On 11.05.2015 11:41 PM, Real, Elizabeth (392K) wrote:
> Permissions seem ok:
> -rw-r-----.   1 root ssh_keys  227 Aug 21  2014 ssh_host_ecdsa_key
> -rw-r--r--.   1 root root      162 Aug 21  2014 ssh_host_ecdsa_key.pub
> -rw-r-----.   1 root ssh_keys 1.7K Aug 21  2014 ssh_host_rsa_key
> -rw-r--r--.   1 root root      382 Aug 21  2014 ssh_host_rsa_key.pub

Also looked like that on my RH 7 machine. It's weird that the private keys have
group-readable permissions, especially given that the sshd_config man page
states "Note that sshd(8) will refuse to use a file if it is
group/world-accessible."

It doesn't seem like sshd cares too much, though. It still loads up the private
key and seems to ignore the "faulty" permissions. I assume the daemon has been
patched by Red Hat to support this.


> THE RSA key error came up again:
> debug1: sshd version OpenSSH_6.4, OpenSSL 1.0.1e-fips 11 Feb 2013
> debug3: Incorrect RSA1 identifier
> debug1: read PEM private key done: type RSA
> debug3: Incorrect RSA1 identifier
> debug3: Could not load "/etc/ssh/ssh_host_rsa_key" as a RSA1 public key
> debug1: private host key: #0 type 1 RSA
> debug3: Incorrect RSA1 identifier
> debug1: read PEM private key done: type ECDSA
> debug3: Incorrect RSA1 identifier
> debug3: Could not load "/etc/ssh/ssh_host_ecdsa_key" as a RSA1 public key

I think we are all misinterpreting the error.
Naturally, /etc/ssh/ssh_host_rsa_key is NOT a public key, but a private key, so
the error message is accurate.

It loaded up the private key correctly:
> debug1: private host key: #0 type 1 RSA

FWIW, the same error message(s) show up on Ubuntu machines, so I guess that's
not the problem.


What is currently still missing (or have I just overlooked it?) is the sshd
output for a connection attempt via X2Go Client.

Can you please provide that?



Mihai

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 884 bytes
Desc: OpenPGP digital signature
URL: <http://lists.x2go.org/pipermail/x2go-dev/attachments/20150512/c2957cb6/attachment.pgp>

More information about the x2go-dev mailing list