Timeline for Configuring ssh fingerprints on dns to replace known_hosts fails
Current License: CC BY-SA 3.0
19 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| Feb 8, 2016 at 10:31 | answer | added | awolf | timeline score: 0 | |
| Feb 23, 2014 at 20:23 | answer | added | htoip | timeline score: 0 | |
| Jan 10, 2013 at 23:38 | vote | accept | Michael Yasumoto | ||
| Jan 5, 2013 at 11:56 | answer | added | Michael Yasumoto | timeline score: 6 | |
| Jan 3, 2013 at 1:47 | history | edited | Michael Yasumoto | CC BY-SA 3.0 | added 612 characters in body |
| Jan 2, 2013 at 17:23 | comment | added | Michael Yasumoto | No, the error is the exact same as when I connect by name. No matching host key fingerprint found in DNS. It sounds like you are confusing the problem. It is not an ssh DNS issue due to the "UseDNS yes" option. This is an SSHFP problem using "VerifyHostKeyDNS yes", so connecting by IP is probably not going to solve it. | |
| Jan 2, 2013 at 12:12 | comment | added | peterph | @peacekeeper so the error is something like The authenticity of host 'publicIP (publicIP)' can't be established. ? | |
| Jan 2, 2013 at 10:14 | comment | added | Michael Yasumoto | Same issue. Either SSHFP doesn't support sshing directly to an IP, or it does a reverse look up of the IP and gets the name which puts things right to where I started. The SSHFP doesn't match the key of the server I'm connecting to. | |
| Jan 2, 2013 at 9:07 | comment | added | peterph | Try connecting directly by IP address - to me it seems that ssh is confused by the DNS records not matching the hostname you are trying to reach. | |
| Jan 2, 2013 at 8:14 | comment | added | Michael Yasumoto | Gert, I responded in an update above because I couldn't fit the response into this comment box. | |
| Jan 2, 2013 at 8:13 | history | edited | Michael Yasumoto | CC BY-SA 3.0 | added 2065 characters in body |
| Jan 2, 2013 at 7:18 | comment | added | Gert van den Berg | It might be interesting to see from Wireshark / tcpdump what is being queried from the DNS server and what response is sent. Knowing the exact queries and responses should help finding the problem. | |
| Jan 2, 2013 at 4:24 | comment | added | Michael Yasumoto | Yes. Sorry, I should have mentioned that I tried all variations: ssh www; ssh www.test.us; ssh www.test.us.; All of them result in the same response. | |
| Jan 2, 2013 at 4:10 | history | edited | Michael Yasumoto | CC BY-SA 3.0 | added 4147 characters in body |
| Jan 2, 2013 at 4:02 | history | tweeted | twitter.com/#!/StackUnix/status/286321619230662656 | ||
| Jan 2, 2013 at 1:34 | comment | added | Ulrich Dangel | Did you try to connect to explicitly connect to www.test.us? | |
| Jan 2, 2013 at 0:49 | review | First posts | |||
| Jan 2, 2013 at 1:17 | |||||
| Jan 2, 2013 at 0:40 | history | edited | Michael Yasumoto | CC BY-SA 3.0 | added 228 characters in body |
| Jan 2, 2013 at 0:33 | history | asked | Michael Yasumoto | CC BY-SA 3.0 |