Linux by Trial and Error

A repository of the things I learn about Linux

SSH RSA Key Errors

Recently, I received an error when trying to connect to a new server via SSH. It was a newly built server and was built using Red Hat‘s Kickstart. I had already built other servers using the same Kickstart profile, so I figured the script was not likely the problem.

Before I get into that, let’s first go over the error I was getting when I tried to connect via SSH:

buffer_get_ret: trying to get more bytes 257 than in buffer 235
buffer_get_string_ret: buffer_get failed
buffer_get_bignum2_ret: invalid bignum
key_from_blob: can’t read rsa key
key_read: key_from_blob AAAAB3NzaC1yc2EAAZABIwAAAQEAwnCNsm+WKwBR8hSAInR4t3WgVGuvVY6xGz7Udo0jLRL/vpJbq1Kb0QupZ3qK8dnDbPbjCpC9w523MbraXXToyTP6riMXD19H1QfaeROY1fTv8ev7ZvNnfaHoN/Ifz3uPsKtRPmRKsxgF0/+2wmei2WLGDiHzOi7tiUXhSnLrgd7dldUtahOlw3tbp+GBVlTRenDbokXwi8Ru5oWqkY6jyBRVhDMO8AgowukNj/CoXQY59w6SI+ngEFxpCnSO78LuIRWceSSAsBXunr+843VbgBdgnIYaT0sMICQy/ieGiBoqT3pe166mWC failed
buffer_get_ret: trying to get more bytes 257 than in buffer 235
buffer_get_string_ret: buffer_get failed
buffer_get_bignum2_ret: invalid bignum
key_from_blob: can’t read rsa key
key_read: key_from_blob AAAAB3NzaC1yc2EAAZABIwAAAQEAwnCNsm+WKwBR8hSAInR4t3WgVGuvVY6xGz7Udo0jLRL/vpJbq1Kb0QupZ3qK8dnDbPbjCpC9w523MbraXXToyTP6riMXD19H1QfaeROY1fTv8ev7ZvNnfaHoN/Ifz3uPsKtRPmRKsxgF0/+2wmei2WLGDiHzOi7tiUXhSnLrgd7dldUtahOlw3tbp+GBVlTRenDbokXwi8Ru5oWqkY6jyBRVhDMO8AgowukNj/CoXQY59w6SI+ngEFxpCnSO78LuIRWceSSAsBXunr+843VbgBdgnIYaT0sMICQy/ieGiBoqT3pe166mWC failed
The authenticity of host ‘rhnsat1 (10.0.175.12)’ can’t be established.
RSA key fingerprint is 9d:5d:78:45:fb:6e:a5:2e:5b:58:83:ac:2b:af:b9:24.
Are you sure you want to continue connecting (yes/no)? no
Host key verification failed.

Now, to be clear, this did not prevent me from logging into the server. But it logged me in while warning me that the authenticity of the server could not be verified.  So, what’s an admin to do? Search Google, of course.

Unfortunately, that search was fruitless as every hit I got related to this kind of error was referencing the use of RSA key authentication and I was not using key authentication. I was simply using a username/password which authenticates to LDAP. Imagine my chagrin.

As a quick test, I logged in as root on my system and attempted an SSH connection to the remote server. This time, I did not get the error.  I logged off and back in and still didn’t get the error. Next, I logged out as root, back in as me and looked in my ~/.ssh/known_hosts file. There was my new server at the end of the file. I removed it and went to save the file….and got an error that it couldn’t write….Interesting.

Logged back in as root and edited the file and it let me remove the entry for that new server and save my known_hosts file just fine. This led me to verify the permissions on the known_hosts file. They were correct. I owned it and I had RW access to it. So, why did it not allow me to save it?

I ran ‘df -h’ on a hunch and what, to my wondering eyes should appear? A line showing that my /home partition was at 100% capacity! Well, darn it all if that didn’t explain a thing or two.

As it turns out, I had recently attempted to download a particularly large file (the RHEL6.4 DVD .iso) and it hadn’t downloaded because it was too large. But I had forgotten that I never went back and deleted the partial file.

Once that file was deleted, I was able to edit my known_hosts file, SSH to my new server, log back out, re-SSH to my new server and my errors were a thing of the past.

*whew*

Not sure why, but it always seems to come down to the little things. So, hopefully, there is someone out there who is getting this error and is NOT using RSA key authentication and will find this helpful. If not, it can at least serve as a reminder to me to check this in the future.

July 30, 2013 Posted by | authentication, errors, ssh | , , | Leave a comment