From mboxrd@z Thu Jan 1 00:00:00 1970 MIME-Version: 1.0 References: In-Reply-To: From: Alexander Kapshuk Date: Wed, 14 Nov 2018 21:11:10 +0200 Message-ID: To: Fans of the OS Plan 9 from Bell Labs <9fans@9fans.net> Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Subject: Re: [9fans] Ssh configuration from within drawterm Topicbox-Message-UUID: ef68e2ce-ead9-11e9-9d60-3106f5b1d025 On Tue, Nov 13, 2018 at 1:20 AM hiro <23hiro@gmail.com> wrote: > > did you try with proto=3Drsa instead of proto=3Dpass ?! > you don't need both rsa and dsa. why not use just rsa? > Thanks for your prompt response. I got rid of the dsa key in my factotum. Here's my current rsa key record in factotum cpu% grep ssh /mnt/factotum/ctl key proto=3Drsa service=3Dssh role=3Dclient role=3Dsign comment=3Dsasha@plan9.domain size=3D1024 ek=3D23 n=3DF69A9E3314E579E9C6A18D9804029849B5CF441E41E2D1CC3A41EE39D296C692B392911= 28CA86DD714BE78BDDBFC54766D34712A77E04EFC7869055217E2DCC3684E0612AB7E9EA350= 778BBEA87348BB43A8BDC37A86B0433EBB8ADDC0EB5A314DC35AE10721C9E33BB760ED7DAB7= 0C8D65801EAE7DC7021222E42976C133E47 !dk? !p? !q? !kp? !kq? !c2? key proto=3Dpass service=3Dssh server=3Dpc-sasha user=3Dsasha !password? Ssh debugging output: cpu% ssh -d pc-sasha /386/bin/ssh2: mounting /srv/netssh on /net /386/bin/ssh2: can't open /srv/netssh: '/srv/netssh' file does not exist /386/bin/ssh2: mounting /srv/ssh on /net /386/bin/ssh2: can't open /srv/ssh: '/srv/ssh' file does not exist /386/bin/ssh2: mounting /srv/ssh.sasha on /net /386/bin/ssh2: dial conn /net/ssh!pc-sasha!22: connect handshake failed Here are the contents of my /net/ssh: cpu% ls -l /net/ssh d-r-xr-xr-x M 90 sasha sasha 0 Nov 14 20:47 /net/ssh/0 d-r-xr-xr-x M 90 sasha sasha 0 Nov 14 20:47 /net/ssh/1 d-r-xr-xr-x M 90 sasha sasha 0 Nov 14 20:48 /net/ssh/2 d-r-xr-xr-x M 90 sasha sasha 0 Nov 14 20:48 /net/ssh/3 d-r-xr-xr-x M 90 sasha sasha 0 Nov 14 20:55 /net/ssh/4 d-r-xr-xr-x M 90 sasha sasha 0 Nov 14 20:57 /net/ssh/5 d-r-xr-xr-x M 90 sasha sasha 0 Nov 14 20:58 /net/ssh/6 d-r-xr-xr-x M 90 sasha sasha 0 Nov 14 20:58 /net/ssh/7 --rw-rw-rw- M 90 sasha sasha 0 Nov 14 20:47 /net/ssh/clone --rw-rw-rw- M 90 sasha sasha 0 Nov 14 20:47 /net/ssh/ctl --rw------- M 90 sasha sasha 0 Nov 14 20:47 /net/ssh/keys The Keys and Management section of SSH(4), refers to various keys required for the operation of ssh. (1). The first key needed is the host key for server operation. In the case of the keys being stored in factotum(4), these keys will be the first ones listed with proto=3Drsa and proto=3Ddss. That's what I already have in my factotum shown above. (2). The next set of keys are the public host keys used by clients to verify the identities of servers. As with the original Plan 9 SSH implementation, there is a system-wide list of these in /sys/lib/ssh/keyring and each user may have a list in $home/lib/keyring. If a public key for a remote server is listed and matches the one offered by the server, the connection proceeds. If a public key for a remote server is listed but does not match the one offered by the server, or if no public key is listed for a remote server, ssh (see ssh2(1)) presents the key to the user and asks whether to reject the key, accept the key only for that session, or accept the key permanently. The last option causes the key to be written to the user's keyring. In the case of a mismatching key, the accept option can either be to add to or replace the old key. I have neither of the keyring files, nor do I get prompted to accept any ke= ys. What am I missing? Thanks.