× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.



Yeah...you have to change permissions for the files and directories.
Check out this document:

Document Number: 386077821
Functional Area: Communications-TCP
Subfunctional Area: Security
Sub-Subfunctional Area: OpenSSH
OS/400 Release: V5R3M0
Product: PORTABLE UTILITIES FOR I5/OS (5733SC101)
Product Release: N/A

I'm sending you the email I got from IBM that contains this document.

On Fri, Apr 18, 2008 at 8:59 AM, Jon S <rvrratjon@xxxxxxxxxxx> wrote:

It is a unix box running ssh2. I just copied the
ssh_host_rsa_key.pub file from the Qopensys... Directory to my ~/.ssh directory and ran
ssh-keygen -e -f /home/gla/.ssh/ssh_host_rsa_key.pub > /home/gla/.ssh/ssh
_host_rsa_key.pub
and got a bunch of errors starting with

WARNING: UNPROTECTED PRIVATE KEY FILE!
Permissions 0644 for '/home/gla/.ssh/ssh_host_rsa_key.pub' are too open.
It is recommended that your private key files are NOT accessible by others.
This private key will be ignored.
bad permissions: ignore key: /home/gla/.ssh/ssh_host_rsa_key.pub

It looks like it thinks that my public key file is a private key. Any ideas?> Date: Fri, 18 Apr 2008 08:37:27 -0400> From: michaelrtr@xxxxxxxxx> To: midrange-l@xxxxxxxxxxxx> Subject: Re: sftp problems> > Is it a Unix box running SSH2? Check this> out...http://archive.midrange.com/midrange-l/200711/msg01240.html> > On Fri, Apr 18, 2008 at 8:33 AM, Jon S <rvrratjon@xxxxxxxxxxx> wrote:> >> > I am trying to get sftp up and running for a customer that needs to connect to a vendor. I have gone through all of the setup on the i and have verified that the vendor has loaded my public key on their host but I am still unable to connect. Below is the debug information that i am getting from -vvv, I just don't know what it's telling me. Any help would be appreciated.> >> > Thanks, Jon> >> > OpenSSH_3.5p1, SSH protocols 1.5/2.0, OpenSSL 0.9.7d 17 Mar 2004debug1: Reading configuration data /QOpenSys/QIBM/ProdData/SC1/OpenSSH/openssh-3.5p1/etc/ssh_configdebug3: Seeding PRNG from /QOpenSys/Q
IBM/ProdData/SC1/OpenSSH/openssh-3.5p1/libexec/ssh-rand-helperdebug1: Rhosts Authentication disabled, originating port will not be trusted.debug1: ssh_connect: needpriv 0debug1: Connecting to connect2.thehost.com [xxx.xxx.xxx.xxx] port 10022.debug1: Connection established.debug1: identity file /home/GLA/.ssh/id_rsa type -1debug1: identity file /home/GLA/.ssh/id_dsa type -1 debug1: Remote protocol version 2.0, remote software version Connect:Enterprise_UNIX_2.4.02 debug1: no match: Connect:Enterprise_UNIX_2.4.02 debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_3.5p1 debug3: RNG is ready, skipping seeding debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,d> iff> > ie-hellman- group1-sha1 debug2: kex_parse_kexinit: ssh-rsa,ssh-dss debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfo ur,aes192-cbc,aes256-cbc,rijndael-cbc@xxxxxxxxxx
u.se debug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc,rijndael-cbc@xxxxxxxxxxxxxxxxxxxx: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@xxxxxxxxxxx,hmac-sha1-96,hmac-md5-96debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-ripemd160@xxxxxxxxxxx,hmac-sha1-96,hmac-md5-96debug2: kex_parse_kexinit: none,zlibdebug2: kex_parse_kexinit: none,zlibdebug2: kex_parse_kexinit:debug2: kex_parse_kexinit:debug2: kex_parse_kexinit: first_kex_follows 0debug2: kex_parse_kexinit: reserved 0debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha1,diffie-hellman-group1-sha1debug2: kex_parse_kexinit: ssh-rsadebug2: kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbcdebug> 2:> > kex_parse_kexinit: aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbcdebug2: kex_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-sha1-96,hmac-md5-96debug2: ke
x_parse_kexinit: hmac-md5,hmac-sha1,hmac-ripemd160,hmac-sha1-96,hmac-md5-96debug2: kex_parse_kexinit: none,zlibdebug2: kex_parse_kexinit: none,zlibdebug2: kex_parse_kexinit:debug2: kex_parse_kexinit:debug2: kex_parse_kexinit: first_kex_follows 0debug2: kex_parse_kexinit: reserved 0debug2: mac_init: found hmac-md5debug1: kex: server->client aes128-cbc hmac-md5 nonedebug2: mac_init: found hmac-md5debug1: kex: client->server aes128-cbc hmac-md5 nonedebug1: SSH2_MSG_KEX_DH_GEX_REQUEST sentdebug1: expecting SSH2_MSG_KEX_DH_GEX_GROUPdebug1: dh_gen_key: priv key bits set: 128/256debug1: bits set: 1595/3191debug1: SSH2_MSG_KEX_DH_GEX_INIT sentdebug1: expecting SSH2_MSG_KEX_DH_GEX_REPLYdebug3: check_host_in_hostfile: filename /home/GLA/.ssh/known_hostsdebug3: check_host_in_hostfile: filename /QOp> enS> > ys/QIBM/ProdData/SC1/OpenSSH/openssh-3.5p1/etc/ssh_known_hostsdebug3: check_host_in_hostfile: filename /home/GLA/.ssh/known_hostsdebug3: check_host_in_hostfile: filename /QOpenSys/QI
BM/ProdData/SC1/OpenSSH/openssh-3.5p1/etc/ssh_known_hostsdebug3: check_host_in_hostfile: filename /home/GLA/.ssh/known_hostsdebug3: check_host_in_hostfile: filename /QOpenSys/QIBM/ProdData/SC1/OpenSSH/openssh-3.5p1/etc/ssh_known_hostsdebug2: no key of type 0 for host connect2.intrado.comdebug3: check_host_in_hostfile: filename /home/GLA/.ssh/known_hosts2debug3: check_host_in_hostfile: filename /QOpenSys/QIBM/ProdData/SC1/OpenSSH/openssh-3.5p1/etc/ssh_known_hosts2debug3: check_host_in_hostfile: filename /home/GLA/.ssh/known_hostsdebug3: check_host_in_hostfile: filename /QOpenSys/QIBM/ProdData/SC1/OpenSSH/openssh-3.5p1/etc/ssh_known_hostsdebug2: no key of type 2 for host connect2.intrado.comdebug2: readpassphrase: not a 5250 return ENOTTYHost key verification failed.debug1: Calling cleanup 0x200> 13a> > 74(0x0)> >> >> >> >> >> >> >> >> >> >> >> >> >> >> > _________________________________________________________________> > More immediate than e-mail? Get instant access with Wi
ndows Live Messenger.> > http://www.windowslive.com/messenger/overview.html?ocid=TXT_TAGLM_WL_Refresh_instantaccess_042008> > --> > This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list> > To post a message email: MIDRANGE-L@xxxxxxxxxxxx> > To subscribe, unsubscribe, or change list options,> > visit: http://lists.midrange.com/mailman/listinfo/midrange-l> > or email: MIDRANGE-L-request@xxxxxxxxxxxx> > Before posting, please take a moment to review the archives> > at http://archive.midrange.com/midrange-l.> >> >> -- > This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list> To post a message email: MIDRANGE-L@xxxxxxxxxxxx> To subscribe, unsubscribe, or change list options,> visit: http://lists.midrange.com/mailman/listinfo/midrange-l> or email: MIDRANGE-L-request@xxxxxxxxxxxx> Before posting, please take a moment to review the archives> at http://archive.midrange.com/midrange-l.>
_________________________________________________________________
Get in touch in an instant. Get Windows Live Messenger now.
http://www.windowslive.com/messenger/overview.html?ocid=TXT_TAGLM_WL_Refresh_getintouch_042008


--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.



As an Amazon Associate we earn from qualifying purchases.

This thread ...

Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.