Re: [SLUG] Setting up ssh advice?

Thu, 14 Aug 2003 13:12:33 -0700 

On 13 Aug, John Clarke wrote:
>  Please stop doing this.  I'm on this list, don't send me a separate 
>  copy. 

Very sorry; and I've done it again in the reply to the email before
this one.  :-(  Sorry, sorry.

>  > + echo -n 'Generating SSH1 RSA host key: ' 
>  > Generating SSH1 RSA host key: + /usr/bin/ssh-keygen -q -t rsa1 -f 
> /etc/ssh/ssh_host_key -C '' -N '' 
>  > + chmod 600 /etc/ssh/ssh_host_key 
>  > + chmod 644 /etc/ssh/ssh_host_key.pub 
>  > + success 'RSA1 key generation' 
>  [snip] 
>  > Starting sshd:+ initlog -c '/usr/sbin/sshd ' 
>  > Disabling protocol version 1. Could not load host key 
>   
>  So does your sshd_config point to the same key file that the script is 
>  generating? 

I was going to say yes, but I have to say no.  In /etc/ssh/sshd_config:

HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_dsa_key

And from the restart:

+ do_rsa_keygen
+ '[' '!' -s /etc/ssh/ssh_host_rsa_key ']'
+ echo -n 'Generating SSH2 RSA host key: '
Generating SSH2 RSA host key: + /usr/bin/ssh-keygen -q -t rsa -f 
/etc/ssh/ssh_host_rsa_key -C '' -N ''
+ chmod 600 /etc/ssh/ssh_host_rsa_key
+ chmod 644 /etc/ssh/ssh_host_rsa_key.pub
+ success 'RSA key generation'

I had removed the RSA 1 definition when the error first started
occurring.

luke> And modified sshd_config like so:
luke> 
luke>     # HostKey for protocol version 1
luke>     HostKey /etc/ssh/ssh_host_key
luke>     # HostKeys for protocol version 2
luke>     #HostKey /etc/ssh/ssh_host_rsa_key
luke>     HostKey /etc/ssh/ssh_host_dsa_key
luke> 
luke> But restarting sshd on the 7.2 RH system gives this error:
luke> 
luke> # /etc/rc.d/init.d/sshd start
luke> Generating SSH2 RSA host key:                              [  OK  ]
luke> Starting sshd:Disabling protocol version 1. Could not load host key
luke>                                                            [  OK  ]

But adding it back in again has made the error vanish. I don't
understand why, but I'm not complaining.  Maybe there's a difference
between hitting "Enter" when prompted for a password and using the
option: -N ''  for ssh-keygen -t rsa.

# HostKey for protocol version 1
HostKey /etc/ssh/ssh_host_key

John, many thanks for all your help and patience.

luke

-- 
SLUG - Sydney Linux User's Group - http://slug.org.au/
More Info: http://lists.slug.org.au/listinfo/slug

Reply via email to