SSH: DSA Key Issue: Unknown code krb5 195

I was attempt­ing to set up an SSH key between two servers, so I could auto­mat­i­cal­ly back up a file from one to the oth­er. This is usu­al­ly a fair­ly straight­for­ward and rou­tine pro­ce­dure; but in this case I had some issues. 

When I got every­thing set-up, with the pub­lic key in the accepted_keys file of the remote server, I saw this error when run­ning in debug mode, then I was asked for a pass­word, which should not hap­pen.

[me@host ~]$ ssh -v root@remotehost
...
debug1: Unspecified GSS failure.  Minor code may provide more information
Unknown code krb5 195


I was try­ing to get an old server run­ning Fedo­ra Core release 6 (Zod) to trust a rel­a­tive­ly new server Red Hat Enter­prise Lin­ux Server release 5.6 (Tikan­ga) for a dai­ly rsync of some files. 

After a few tries, it became appar­ent that the DSA pub­lic key I had load­ed on the Fedo­ra 6 machine was not work­ing. Being a bit reluc­tant to start tin­ker­ing around with the SSH Dae­mon on a machine that is hun­dreds of miles away, I decid­ed to try anoth­er pos­si­bil­i­ty, cre­at­ing an RSA key on the RHEL 5.6 server and append­ing that server’s pub­lic key to the accepted_keys file.

After gen­er­at­ing an an RSA key and fol­low­ing the prompts, then copy­ing over the id_rsa.pub to the authorized_keys file, every­thing worked fine.

[me@host ~]$ ssh-keygen -t rsa

Just a quick workaround that I hope will help oth­ers with a sim­i­lar predica­ment. In case you don’t feel like tin­ker­ing with an SSHD con­fig­u­ra­tion file and pos­si­bly los­ing access to your server if you make a mis­take.

Leave a Reply

Your email address will not be published. Required fields are marked *