SSH rejects my host key for version 2 only.
 

I'm trying to get ssh to run, but when I run sshd, is says "Disabling protocol version 2. Could not load host key." I have it set for both SSH1 and SSH2, and before I fixed another problem, it said:

Disabling protocol version 1. Could not load host key
Disabling protocol version 2. Could not load host key

So I figure that when it leaves out "Disabling protocol version 1" it means version 1 works. According to "man sshd" the HostKey directive sets the key for both SSH1 and SSH2.

Why does only version 1 work?

you may have enabled protocol version 2, but did you generate the public/private keys to go with it? if not, it won't work.

Protocol 1 works because the keys are generated automatically when the machine is installed for the first time (or when SSH is installed for the first time).

let me know if you already generated SSH keys for Protocol 2 or not... if you didn't, i'll tell ya how :D

As far as I know ssh-keygen is the way to create keys. You're saying there's another one? I wish my book would have told me that. How do you create keys for SSH2?

Look in /etc/ssh. Typically there are 3 sets of keys. If you don't have them, then generate the missing ones using:

ssh-keygen -t rsa1 -f /etc/ssh/ssh_host_key -N ""
ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N ""
ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N ""

Hey, it works! :D - sort of. After I did all that with the keys, I logged, and it never did a thing afterwords. It didn't even give me a prompt. The log for my SSH client said that the login was successful. Now when I try to log in it does nothing until the connection times out. What's wrong now?

can you post the output from your terminal? it's kinda difficult to see what's happening without the output...

sounds like the daemon isn't running though, if ur getting connection refused...

It's like this:

login: root
password:<password>
<nothing....>

And that's about as far as it gets. When I try to log in again, it never responds. Once it did this:

login: root
<nothing.....>

It's strange.

that is a bit strange... i'm not sure why it's asking for a "login:" though... ssh doesn't normally do that ...unless you are using PuTTY on a windoze machine, of course :D

how long did you wait before determining that it was indeed doing *nothing*?? i can take a minute or two very occasionally. i would wait for as long as it takes to get an error message if i were you.

Well, now that you mention it, I am using PuTTY.

When the connection isn't working right, I just wait and wait until a box pops up that says the connection timed out.

hmm.... very strange.... with PuTTY, it does the following steps:

1. PuTTYonnects to TCP/IP port.

2. PuTTY prompts for username.

3. PuTTY sends username to server, and waits for password prompt response.

From this point on, PuTTY isn't doing anything except displaying what the remote server throws at it.

Therefore, the password prompt comes from the SSH server you are connecting to... which indicates that the daemon is working and running.

I have absolutely no idea why it times out after logging in though. Have you tried creating a new normal user account, and using that to log in with? it could be a weird issue with your own user account.

Well, I forgot my normal account's password, so I had to do a little cutting and pasting before I could log in with that account. It went a bit farther this time. The output was as follows:

login: travis
password:<password>
Last login on <whenever>
<nothing....>

It never told me my last login before. I tried it again, and it didn't do anything. Now what should I do?

ok... a possible reason for it not working before was that you were logging in as root.... (that's how i read it anyhow) :D remote logins as root are not permitted on most machines.

when you say it logged in fine with user 'travis', you said it told you your last login, but then did nothing... what do you mean "nothing"?? did it give you an error? did it time out? did PuTTY display a dialog box?

"Nothing" means it sits there, the cursor blinks, and eventually PuTTY pops up a little box telling me that the connection timed out.

I don't see why it wouldn't like root logins. I've got EnableRootLogins set to "yes". Is there something else I should do so that it will be happier with root logins?

nah... that's all u need to do to enable remote root logins. it's not recommended though, of course :D

as for it timing out... it sounds like your daemon is crashing, maybe... it is active to begin with (cos it asks for your password), but then it times out, so i think it's hanging or crashing.
does your machine have a *really* high load on it, or did you compile the SSH daemon yourself??

:D

SSH installed when Linux installed, and I'm the only one accessing my PS2. It isn't even hooked up to the Internet.

However, I was thinking that since the Playstation 2 probably has the biggest ratio of CPU power to RAM (~5 Gigaflops/32 Mb), I'd try it without X running. It got a little bit further this time. The output is as follows:

login as: travis
travis@10.0.0.3's password:
Last login: Mon Aug 4 19:04:20 2003 from 10.0.0.2
[travis@pstwo travis]$ ls -al
total 152
drwx------ 12 travis travis 4096 Aug 4 18:54 .
drwxr-xr-x 7 root root 4096 May 22 19:58 ..
-rw------- 1 travis travis 0 May 23 18:59 .ICEauthority
-rw------- 1 travis travis 99 Aug 4 18:50 .Xauthority
-rw-r--r-- 1 travis travis 4846 May 22 19:58 .Xdefaults
-rw------- 1 travis travis 160 Aug 4 21:43 .bash_history
-rw-r--r-- 1 travis travis 24 May 22 19:58 .bash_logout
<nothing....>

Then after about five seconds, it said "Connection reset by peer." You can see that it says "total 152", so it didn't even finish "ls -al" before it quit.

A 286 could probably do SSH and X at the same time without crashing, so I doubt this is the matter.