Attempting to open an ssh session to any remote host fails when attempted by a non-root user. The error message is ssh_askpass: exec(/usr/lib/misc/ssh-askpass): No such file or directory Host key verification failed. Yes, ssh-askpass is not installed as the client system is not running X. When the root user executes the same command (ssh remoteuser@remotehost) the ssh client displays the password prompt on stdout, accepts the password on stdin, and opens the session successfully. I've seen evidence that others are encountering this problem: http://www.derkeiler.com/Mailing-Lists/securityfocus/Secure_Shell/2003-11/0016.html and http://lists.debian.org/debian-ssh/2004/04/msg00058.html
I would check to see if you have "SSH_ASKPASS" and "DISPLAY" are set.
The "Host key verification failed" message persists even after DISPLAY is unset. Here's a transcript of a session showing the error messages with and without DISPLAY set, and a successful Password: prompt when run as root. (I can attach output of ssh -vvv if it would be helpful) Script started on Sun May 23 13:05:27 2004 [MY_USERNAME@epic] ~ [501]$ echo $DISPLAY [MY_USERNAME@epic] ~ [502]$ echo $SSH_ASKPASS [MY_USERNAME@epic] ~ [503]$ ssh grace.speakeasy.net Host key verification failed. [MY_USERNAME@epic] ~ [504]$ DISPLAY=:0 ssh grace.speakeasy.net ssh_askpass: exec(/usr/lib/misc/ssh-askpass): No such file or directory Host key verification failed. [MY_USERNAME@epic] ~ [505]$ su Password: [root@epic] /home/MY_USERNAME [500]$ echo $DISPLAY [root@epic] /home/MY_USERNAME [501]$ echo $ASKPASS [root@epic] /home/MY_USERNAME [502]$ ssh MY_USERNAME@grace.speakeasy.net Password: [root@epic] /home/MY_USERNAME [503]$ exit [MY_USERNAME@epic] ~ [506]$ Script done on Sun May 23 13:06:24 2004
Sounds like you have a bad .ssh/known_hosts entry. Compare the entry with that of roots. I suspect you'll find them to be different.
Negative, there is no ~/.ssh/known_hosts file at all. I confirmed that it applies to all nonroot accounts by creating a new user and trying to ssh as that new user -- same thing.
Does /dev/tty exist and does it have the correct permissions? $ ls -l /dev/tty crw-rw-rw- 1 root root 5, 0 May 12 13:29 /dev/tty
/dev/tty is mode 660 rather than 666 as shown below: [root@epic] ~ [504]$ ls -l /dev/tty crw-rw---- 1 root root 5, 0 Dec 31 1969 /dev/tty Could the difference in permissions be a BSD vs. Linux issue? I've never changed any permissions in /dev so they were determined by the Gentoo maintainers. When I changed the permissions to 666 the problem was resolved, however I'm curious if they were originally set to 660 for a good reason. Also, a Google search using some keywords from the previous comment reveals that this bug appears to be a duplicate of bug 471 for which a patch has been submitted. For now I've changed permissions on /dev/tty which has resolved the issue -- thanks to everyone for your assistance.
No, a mode 660 /dev/tty is not a BSD/Linux thing, it's just wrong, and if Gentoo's installer makes it that way then it's buggy. *** This bug has been marked as a duplicate of 471 ***