# ownership issues with .ssh?

## NamfFohyr

hello:

when i use ssh, i keep getting messages saying "Failed to add the host to the list of known hosts."

this doesn't happen when i run as root.

the .ssh directory is owned by the appropriate user -- not root, but myself.

any ideas?

thanks,

ry

----------

## embobo

 *NamfFohyr wrote:*   

> hello:
> 
> when i use ssh, i keep getting messages saying "Failed to add the host to the list of known hosts."
> 
> this doesn't happen when i run as root.
> ...

 

Please post the output of running the ssh command in verbose mode: "ssh -v <host>"

----------

## NamfFohyr

user1@localhost ~ $ ssh -v user1@alva

OpenSSH_4.5p1, OpenSSL 0.9.8d 28 Sep 2006

debug1: Reading configuration data /etc/ssh/ssh_config

debug1: Connecting to alva [128.129.5.166] port 22.

debug1: Connection established.

debug1: identity file /home/user1/.ssh/identity type -1

debug1: identity file /home/user1/.ssh/id_rsa type -1

debug1: identity file /home/user1/.ssh/id_dsa type -1

debug1: Remote protocol version 1.99, remote software version OpenSSH_4.5

debug1: match: OpenSSH_4.5 pat OpenSSH*

debug1: Enabling compatibility mode for protocol 2.0

debug1: Local version string SSH-2.0-OpenSSH_4.5

debug1: SSH2_MSG_KEXINIT sent

debug1: SSH2_MSG_KEXINIT received

debug1: kex: server->client aes128-cbc hmac-md5 none

debug1: kex: client->server aes128-cbc hmac-md5 none

debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent

debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP

debug1: SSH2_MSG_KEX_DH_GEX_INIT sent

debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY

The authenticity of host 'alva (128.129.5.166)' can't be established.

RSA key fingerprint is 97:bf:a3:60:87:a1:ad:e1:e1:9e:44:2c:d4:e8:8b:91.

Are you sure you want to continue connecting (yes/no)? yes

Failed to add the host to the list of known hosts (/home/user1/.ssh/known_hosts).

debug1: ssh_rsa_verify: signature correct

debug1: SSH2_MSG_NEWKEYS sent

debug1: expecting SSH2_MSG_NEWKEYS

debug1: SSH2_MSG_NEWKEYS received

debug1: SSH2_MSG_SERVICE_REQUEST sent

debug1: SSH2_MSG_SERVICE_ACCEPT received

debug1: Authentications that can continue: publickey,gssapi-keyex,gssapi-with-mic,password,keyboard-interactive

debug1: Next authentication method: publickey

debug1: Trying private key: /home/user1/.ssh/identity

debug1: Trying private key: /home/user1/.ssh/id_rsa

debug1: Trying private key: /home/user1/.ssh/id_dsa

debug1: Next authentication method: keyboard-interactive

Password:

debug1: Authentication succeeded (keyboard-interactive).

debug1: channel 0: new [client-session]

debug1: Entering interactive session.

----------

## link1305

Is that IP address already in the known hosts file?  If something on the machine changes (I'm not sure exactly what would need to change...) then it could be recognized as a different host and it would fail to add it to the file because its already in there.

----------

## NamfFohyr

there is no .ssh/known_hosts file in my home ("user1") directory.

to see if this was the issue, i went:

```

su root

cd ~user1/.ssh

touch known_hosts

chown user1 known_hosts

chgrp user1 known_hosts
```

but this didn't fix the problem.

this does seem like a permissions issue though. my user has his own group; is that perhaps the problem?

----------

## didymos

Does the file /home/user1/.ssh/known_hosts exist?  If not, try doing "touch /home/user1/.ssh/known_hosts" and running ssh again. 

[edit]  Ok, nevermind that. However, I also have a user with its own group and never had a problem with ssh.

----------

## didymos

Oh, yeah, little chown trick.  Instead of "chown user1  <file>" then "chgrp user1 <file>", you can do both with "chown user1: <file>".

----------

## embobo

 *NamfFohyr wrote:*   

> there is no .ssh/known_hosts file in my home ("user1") directory.
> 
> to see if this was the issue, i went:
> 
> ```
> ...

 

Try doing that again without the su part, i.e., as user1. Perhaps user1 cannot write to his own .ssh dir? Also what is the output of "ls -l ~user1/.ssh"?

----------

## NamfFohyr

oh yeah! i shouldn't need to be root to do that!

i get a "permission denied" when i try to do

```

ls -l ~user1/.ssh/
```

as users 1. i don't know why there's a problem because user1 owns .ssh.

it shows the output in normal "ls -l" format, but every interesting character is a '?' except for the name of the file known_hosts.

----------

## embobo

 *NamfFohyr wrote:*   

> oh yeah! i shouldn't need to be root to do that!
> 
> i get a "permission denied" when i try to do
> 
> ```
> ...

 

 :Confused:  It sounds like you might have filesystem corruption. I recommend booting from CD and running fsck on it.

----------

## JeliJami

try the following:

```
$ su - root

# chmod 700 ~user1/.ssh

# chmod 600 ~user1/.ssh/known_hosts

# chown -R user1 ~user1/.ssh/

# exit

$

```

and try again

----------

## didymos

Usually, when files end up in that "???????" state, you can't do anything with them.  Even delete.  You need to fsck the partition.

----------

## JeliJami

 *didymos wrote:*   

> Usually, when files end up in that "???????" state, you can't do anything with them.  Even delete.  You need to fsck the partition.

 

Incorrect:

Use SSHFS to mount some dir on another machine.

Now ls -l the mounted parent directory as user root:

```
$ whoami

david

$ mkdir mnt/test

$ sshfs server:/home/david mnt/test

$ ls -l mnt/

drwxr-xr-x 1 david david 4096 Jun 20 17:13 test

$ sudo su -

# whoami

root

# ls -l /home/david/mnt/

d????????? ? ?     ?        ?            ? test

```

(with sshfs, this can be overriden with options allow_others or allow_root)

----------

## Eddy

I also had this problem, for me it was solved by removing (just rm -r as user) the .ssh directory. If you then use ssh, it will automatically create the directory.

----------

## NamfFohyr

thanks all!

too bad the "f*ck the partition" advice came first! i should have tried deleting the directory.

still, to this UNIX initiate, it seems that permissions are too integral to the OS to have something like this mess up and for it to be a minor issue.

it's amazing that the solution could be as easy as deleting the .ssh directory![/glep]

ry

----------

## didymos

 *NamfFohyr wrote:*   

> 
> 
> too bad the "f*ck the partition" advice came first! i should have tried deleting the directory.
> 
> 

 

I did say "usually".

----------

## NamfFohyr

after reinstalling everything, the problem reappeared. 

i could solve the problem by deleting the .ssh directory.

so this problem is fixed. but is it solved...?

ry

----------

## trizz

Yeah, same problem here...  deleted ~/.ssh

Fixed? yes. Solved? IMHO... no.

----------

