Ask Your Question
0

Fedora 23 broke svn+ssh

asked 2015-11-09 14:43:30 -0500

Per Bothner gravatar image

After I updated my laptop Fedora 23, I'm having problems with ssh-based svn and cvs connection.

Plain ssh to another host (as well as ssh back to my laptop) work.

Plain svn checkout works: svn checkout svn://sourceware.org/svn/kawa/trunk kawa

svn+ssh checkout no longer works:

$ svn checkout svn+ssh://sourceware.org/svn/kawa/trunk kawa svn: E170013: Unable to connect to a repository at URL 'svn+ssh://sourceware.org/svn/kawa/trunk' svn: E210002: To better debug SSH connection problems, remove the -q option from 'ssh' in the [tunnels] section of your Subversion configuration file. svn: E210002: Network connection closed unexpectedly

I tried setting SELINUX to permissive, but that didn't help.

BTW the same things happens with cvs:

$ cvs update The authenticity of host 'cvs.savannah.gnu.org (208.118.235.72)' can't be established. RSA key fingerprint is SHA256:FYkx0iik+iBeCLRzvUyUSTRT98TEBBJoYuQsTXbyGL8. RSA key fingerprint is MD5:80:5a:b0:0c:ec:93:66:29:49:7e:04:2b:fd:ba:2c:d5. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added 'cvs.savannah.gnu.org,208.118.235.72' (RSA) to the list of known hosts. Permission denied (publickey). cvs [update aborted]: end of file from server (consult above messages if any)

The only thing that has changed (I think) is updating to Fedora 23.

The Fedora 23 Release Notes mention something about some ssh changes (seem like some old encryption methods were removed/deprecated), but I haven't found anything helpful about this problem or what to do about it.

edit retag flag offensive close merge delete

Comments

First selinux is not you issue, it looks like the know_hosts on you .ssh/ folder do not have or has a different finger print, review the file entry and remove it if it has a conflict just allow it so it is added to your know_hosts file. Hope this help

aeperezt gravatar imageaeperezt ( 2015-11-09 14:47:34 -0500 )edit

The known_hosts file is not the issue, as you can see from the cvs example (which unfortnately got formatted rather badly - sorry).

Per Bothner gravatar imagePer Bothner ( 2015-11-09 18:25:14 -0500 )edit

2 Answers

Sort by ยป oldest newest most voted
0

answered 2015-11-09 16:45:40 -0500

Rabin gravatar image

Fedora 23 comes with OpenSSH version 7, which remove some legacy cryptography, and it seems that now there is no lapping crypro between your machine and the remote server, and this why you can't initiate a connection.

You can try and use a older version of OpenSSH.

edit flag offensive delete link more
0

answered 2015-11-10 11:58:09 -0500

Per Bothner gravatar image

It turned out that sourceware.org only had an old ssh1 public key for me, which was no longer supported by OpenSSH 7. I emailed my (existing) id_dsa.pub and id_rsa.pub to an admit, who installed them. It now works.

edit flag offensive delete link more

Question Tools

1 follower

Stats

Asked: 2015-11-09 14:43:30 -0500

Seen: 468 times

Last updated: Nov 09 '15