2

When I try to do connect to the ILO 4 of a DL380 I get the following error:

 ssh -vvv ilo@me2_ilo

OpenSSH_4.3p2, OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008

debug1: Reading configuration data /etc/ssh/ssh_config

debug1: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to me2_ilo [xx.xxx.xxx.xxx] port 22.
debug1: Connection established.
debug1: identity file /home/mmx/.ssh/id_rsa type -1
debug3: Not a RSA1 key file /home/mmx/.ssh/id_dsa.
debug2: key_type_from_name: unknown key type '-----BEGIN'
debug3: key_read: missing keytype
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug3: key_read: missing whitespace
debug2: key_type_from_name: unknown key type '-----END'
debug3: key_read: missing keytype
debug1: identity file /home/mmx/.ssh/id_dsa type 2
debug1: loaded 2 keys
debug1: Remote protocol version 2.0, remote software version RomSShell_4.62
debug1: no match: RomSShell_4.62
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_4.3
debug2: fd 3 setting O_NONBLOCK
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-dss
debug2: kex_parse_kexinit: aes256-cbc,aes192-cbc,aes128-cbc,3des-cbc
debug2: kex_parse_kexinit: aes256-cbc,aes192-cbc,aes128-cbc,3des-cbc
debug2: kex_parse_kexinit: hmac-sha1
debug2: kex_parse_kexinit: hmac-sha1
debug2: kex_parse_kexinit: none
debug2: kex_parse_kexinit: none
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_init: found hmac-sha1
debug1: kex: server->client aes128-cbc hmac-sha1 none
debug2: mac_init: found hmac-sha1
debug1: kex: client->server aes128-cbc hmac-sha1 none
debug2: dh_gen_key: priv key bits set: 153/320
debug2: bits set: 1063/2048
debug1: sending SSH2_MSG_KEXDH_INIT
debug1: expecting SSH2_MSG_KEXDH_REPLY
debug3: check_host_in_hostfile: filename /home/mmx/.ssh/known_hosts
debug3: check_host_in_hostfile: filename /etc/ssh/ssh_known_hosts
debug3: check_host_in_hostfile: filename /home/mmx/.ssh/known_hosts
debug3: check_host_in_hostfile: match line 7
debug3: check_host_in_hostfile: filename /home/mmx/.ssh/known_hosts
debug3: check_host_in_hostfile: filename /etc/ssh/ssh_known_hosts
debug2: no key of type 0 for host me2_ilo
debug3: check_host_in_hostfile: filename /home/mmx/.ssh/known_hosts2
debug3: check_host_in_hostfile: filename /etc/ssh/ssh_known_hosts2
debug3: check_host_in_hostfile: filename /home/mmx/.ssh/known_hosts
debug3: check_host_in_hostfile: filename /etc/ssh/ssh_known_hosts
debug2: no key of type 1 for host me2_ilo
The authenticity of host 'me2_ilo (xx.xxx.xxx.xxx)' can't be established.
DSA key fingerprint is xx:xx:xx:xx:xx:xx:xx:ff:xx:xx:xx:xx:xx:xx:xx:xx.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'me2_ilo' (DSA) to the list of known hosts.
debug2: bits set: 1021/2048
debug1: ssh_dss_verify: signature incorrect
key_verify failed for server_host_key

The permission of the .ssh directory and authorized_keys is correct. The same thing happens when I use the IP address.

I try this on the other machine and its working fine, only on this one I have problems.

The firmware of the ILO is 1.10.( like the others)

Any idea what is wrong?

thanks

ewwhite
  • 197,159
  • 92
  • 443
  • 809
user221642
  • 21
  • 2
  • FWIW, this is not an issue with your authorized key, but your client is complaining about the server key instead - `key_verify failed for server_host_key`. – Felix Frank May 28 '14 at 10:06
  • I am guessing the public key and the private key on the server do not correspond. Maybe an attempt at generating a new key only replaced one of the two files. Now how to login and fix the problem is a bit of a tricky question if ssh is the preferred way to do it. Try `-o HostKeyAlgorithms=ssh-rsa`. – kasperd May 28 '14 at 10:32
  • @kasperd it's an ILO. The OP can log on via http sand correct the key if needed. – ewwhite May 28 '14 at 11:46
  • When I use an Internet explorer I can log on to the ILO – Bigben59 May 29 '14 at 17:45

0 Answers0