Devin Reade wrote: > --On Friday, May 08, 2015 09:58:32 AM -0400 "James B. Byrne" > <byrnejb@xxxxxxxxxxxxx> wrote: > >> While attempting to debug something else I ran across this: >> >> ssh -vvv somehost >> . . . >> debug1: Connection established. >> debug1: permanently_set_uid: 0/0 >> debug1: identity file /root/.ssh/identity type -1 >> debug1: identity file /root/.ssh/identity-cert type -1 >> debug3: Not a RSA1 key file /root/.ssh/id_rsa. >> debug2: key_type_from_name: unknown key type '-----BEGIN' >> debug3: key_read: missing keytype >> debug3: key_read: missing whitespace >> >> [snip] >> >> The password-less connections complete in any case but I am perplexed >> as to what is the problem with the root identity key that ssh is >> reporting. >> >> Can anyone explain to me what this means? > > IIRC there was a time when id_rsa could refer to either an > RSA1 key or RSA2 key. I believe ssh is first trying to read > the file as an RSA1 key, finding problems, and then opening it > as an RSA2 key. In fact, if you scroll down from there you probably > see a line like the following: > > debug1: identity file /home/somebody/.ssh/id_rsa type 1 > > which is a successful read (note the type is 1 and not -1). > > In other words, it's nothing to worry about. The messages are > a bit different under CentOS 7 (I suspect you're running CentOS 6 > on the client), but they say about the same thing. <snip> I would *strongly* recommend editing your /etc/ssh/sshd_config, and comment or delete the fallback, and replace it, like: #Protocol 2,1 Protocol 2 That way, it won't even try. mark _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos