>> ... >> Are you sure that the ssh-keysign is really OpenSSH 6.6p1's? The error >> you are getting below is consistent with an old ssh-keysign choking >> on a key type that it doesn't understand (e.g. Ed25519). >> ... I applied the patch to ssh-keysign.c, compiled from scratch and did the install. Here are the differences between the log I sent previously and for the current install (I went ahead and started the 6.6p1 sshd): 25,26c25,26 < debug1: Remote protocol version 2.0, remote software version OpenSSH_6.5 < debug1: match: OpenSSH_6.5 pat OpenSSH* compat 0x04000000 --- > debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6 > debug1: match: OpenSSH_6.6 pat OpenSSH* compat 0x04000000 127c127 < no matching hostkey found --- > no matching hostkey found for key ED25519 41:cd:e0:03:3f:32:4e:a3:1c:34:b9:c9:8d:cc:d8:d2 So yes, the key in question is the ED25519 key. The files /etc/ssh/ssh_host_ed25519_key and /etc/ssh/ssh_host_ed25519_key.pub, exist. However, the ED25519 key didn't exist in the /etc/ssh/ssh_known_hosts file. Adding that key changes the behavior some, but I still get the following when running 'ssh <HOST>': no matching hostkey found for key ED25519 41:cd:e0:03:3f:32:4e:a3:1c:34:b9:c9:8d:cc:d8:d2 ssh_keysign: no reply key_sign failed bowman@<HOST>'s password: Permission denied, please try again. bowman@<HOST>'s password: Including the spurious password prompt, which doesn't wait for input. Pieter _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev