Hi, after having updated the openssh package on a SuSE Linux 7.1 system, sshd says: "Disabling protocol version 2. Could not load host key" Deleting /etc/ssh/ssh_host_key and letting the start script regenerate it does not seem to help. What's wrong? Thanks, Robert -- Where do you want to be tomorrow? Entracom. Building Linux systems. http://www.entracom.de
Hi,
after having updated the openssh package on a SuSE Linux 7.1 system, sshd says: "Disabling protocol version 2. Could not load host key" Deleting /etc/ssh/ssh_host_key and letting the start script regenerate it does not seem to help. What's wrong?
It wants to have the protocol version 2 dsa host key: /etc/ssh/ssh_host_dsa_key and ssh_host_dsa_key.pub. It should be created by the start script as well.
Thanks, Robert
Thanks,
Roman.
--
- -
| Roman Drahtmüller
On Tuesday, 26. March 2002 18:10, Roman Drahtmueller wrote:
Hi,
after having updated the openssh package on a SuSE Linux 7.1 system, sshd says: "Disabling protocol version 2. Could not load host key" Deleting /etc/ssh/ssh_host_key and letting the start script regenerate it does not seem to help. What's wrong?
It wants to have the protocol version 2 dsa host key: /etc/ssh/ssh_host_dsa_key and ssh_host_dsa_key.pub. It should be created by the start script as well.
When I delete those two files, the start script recreates them, but I still get the same error. Any ideas? What exactly causes the error message "Could not load host key"? I guess I will have to look at the source code tomorrow...
Thanks, Robert
Thanks, Roman.
Thanks, Robert -- Where do you want to be tomorrow? Entracom. Building Linux systems. http://www.entracom.de
Hi Robert On 2002.03.26 22:49 Robert Szentmihalyi wrote:
When I delete those two files, the start script recreates them, but I still get the same error. Any ideas? What exactly causes the error message "Could not load host key"? I guess I will have to look at the source code tomorrow...
File ownership / permissions problems? Just $0.02 Maf.
Thanks, Robert
-- Where do you want to be tomorrow?
Entracom. Building Linux systems. http://www.entracom.de
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here
Am Die, 2002-03-26 um 23.49 schrieb Robert Szentmihalyi:
On Tuesday, 26. March 2002 18:10, Roman Drahtmueller wrote:
Hi,
after having updated the openssh package on a SuSE Linux 7.1 system, sshd says: "Disabling protocol version 2. Could not load host key" Deleting /etc/ssh/ssh_host_key and letting the start script regenerate it does not seem to help. What's wrong?
It wants to have the protocol version 2 dsa host key: /etc/ssh/ssh_host_dsa_key and ssh_host_dsa_key.pub. It should be created by the start script as well.
When I delete those two files, the start script recreates them, but I still get the same error. Any ideas? What exactly causes the error message "Could not load host key"? I guess I will have to look at the source code tomorrow...
look in the sshd_config, you need these lines # HostKeys for protocol version 2 HostKey /etc/ssh/ssh_host_rsa_key HostKey /etc/ssh/ssh_host_dsa_key after some updates, i've had the same problem, but only these lines were not present. hope this helps -- mfg alex ------------------------------------------------------------------------ I am chaos. I am the substance from which your artists and scientists build rhythms. I am the spirit with which your children and clowns laugh in happy anarchy. I am chaos. I am alive, and tell you that you are free
On Wed, 27 Mar 2002, Alexander Thoma wrote:
Am Die, 2002-03-26 um 23.49 schrieb Robert Szentmihalyi:
What exactly causes the error message "Could not load host key"? I guess I will have to look at the source code tomorrow...
look in the sshd_config, you need these lines
# HostKeys for protocol version 2 HostKey /etc/ssh/ssh_host_rsa_key HostKey /etc/ssh/ssh_host_dsa_key
Robert - did this work for you? I upgraded SuSE 7.3 with their 2.9.9p2 rpm and also have these lines in here -- it is working fine. I made one change 9c9,10 < Protocol 1,2 ---
#Protocol 1,2 Protocol 2
In general, I suggest using your favorite compare utility to compare sshd_config and sshd_config.rpmnew and make a judgement on the value of the rpm package defaults. Below is a typical protocol 2 log from putty to my SuSE sshd. Best regards,, dproc C:\WINNT>pscp -v david1@192.168.1.201:/var/tmp/mins0327.pdf \data\ Looking up host "192.168.1.201" Connecting to 192.168.1.201 port 22 Server version: SSH-2.0-OpenSSH_2.9.9p2 We claim version: SSH-2.0-PuTTY-Release-0.52 Using SSH protocol version 2 Doing Diffie-Hellman group exchange Doing Diffie-Hellman key exchange Host key fingerprint is: ssh-dss 1024 6e:16:8e:fd:c4:ae:0e:25:af:10:b8:02:c5:a2:e5:d8 Using username "david1". david1@192.168.1.201's password: Sent password Access granted Opened channel for session Started a shell/command Connected to 192.168.1.201
On Monday, 1. April 2002 21:17, dproc@dol.net wrote:
On Wed, 27 Mar 2002, Alexander Thoma wrote:
Am Die, 2002-03-26 um 23.49 schrieb Robert Szentmihalyi:
What exactly causes the error message "Could not load host key"? I guess I will have to look at the source code tomorrow...
look in the sshd_config, you need these lines
# HostKeys for protocol version 2 HostKey /etc/ssh/ssh_host_rsa_key HostKey /etc/ssh/ssh_host_dsa_key
Robert - did this work for you? I upgraded SuSE 7.3 with their 2.9.9p2 rpm and also have these lines in here -- it is working fine.
Yes, it works just fine. I realized what the problem was when I looked at the sshd_config on another SuSE 7.3 system. I just wonder how these two lines could get lost during the update...
I made one change
9c9,10 < Protocol 1,2 ---
#Protocol 1,2 Protocol 2
In general, I suggest using your favorite compare utility to compare sshd_config and sshd_config.rpmnew and make a judgement on the value of the rpm package defaults.
Below is a typical protocol 2 log from putty to my SuSE sshd.
Best regards,, dproc
C:\WINNT>pscp -v david1@192.168.1.201:/var/tmp/mins0327.pdf \data\ Looking up host "192.168.1.201" Connecting to 192.168.1.201 port 22 Server version: SSH-2.0-OpenSSH_2.9.9p2 We claim version: SSH-2.0-PuTTY-Release-0.52 Using SSH protocol version 2 Doing Diffie-Hellman group exchange Doing Diffie-Hellman key exchange Host key fingerprint is: ssh-dss 1024 6e:16:8e:fd:c4:ae:0e:25:af:10:b8:02:c5:a2:e5:d8 Using username "david1". david1@192.168.1.201's password: Sent password Access granted Opened channel for session Started a shell/command Connected to 192.168.1.201
-- Where do you want to be tomorrow? Entracom. Building Linux systems. http://www.entracom.de
** On Tue, 2 Apr 2002 23:45:56 +0200 Robert Szentmihalyi
After updating openssh to v3.1p1 (under SuSE 7.3), I am no longer able to access X based apps from remote using SSH2 (SuSE 7.1). It's being called from a script executed from an xterm: #! /bin/sh xhost + ssh <destination> xhost - The connection itself works fine, but if I attempt to run an X dependent application, I get an error - unable to connect to DISPLAY remote:0.0. I have edited the configuration file to enable X11forwarding. What next? JimW
On Wed, 27 Mar 2002, Jim Westbrook wrote:
After updating openssh to v3.1p1 (under SuSE 7.3), I am no longer able to access X based apps from remote using SSH2 (SuSE 7.1). It's being called from a script executed from an xterm:
#! /bin/sh xhost + ssh <destination> xhost -
The xhost statements should not be necessary.
The connection itself works fine, but if I attempt to run an X dependent application, I get an error - unable to connect to DISPLAY remote:0.0.
Was the contents of $DISPLAY reasonable before the call to ssh? The host part should be either localhost or something that can be resolved through dns. Try also ssh -X. You can see if what it does with ssh -v. If there is no error, either ssh thinks that you don't have an X connection or forwarding is disabled either on client or server side. Ciao, Roland main(int k,char**p){char*q=p[2];float i,j,r,x,y,a=*q++/4;for(y=a;--y>- a;puts(""))for(x=0;x++<*q;putchar(p[1][k%9]))for(i=k=r=0;j=r*r-i*i+(x/ *q*q[2]-q[1])/40,i=2*r*i+y/q[3],j*j+i*i<11&&++k<99;r=j);}
Am Mittwoch, 27. März 2002 09:00 schrieb Jim Westbrook:
After updating openssh to v3.1p1 (under SuSE 7.3), I am no longer able to access X based apps from remote using SSH2 (SuSE 7.1).
Iirc the default for X-Forwarding has been changed. In the past it was activated on default, now you must turn it on explicitly.
#! /bin/sh xhost + ssh <destination> xhost -
Remove both xhost lines because they are not used for X via ssh. Then change the ssh command to ssh -X <destination> Hth. -- Udo Burghardt
Jim, It sounds like something on the remote side (e.g. a .bashrc file) is foolishly setting the DISPLAY variable to a wrong value. ssh never sets DISPLAY to remote:0.0, it uses values like remote:10.0 or localhost:10.0. First of all you should remove the dangerous and unnecessary xhost commands. Then experiment to check (a) you really are using X forwarding (b) $DISPLAY is not being overwritten Try ssh -X remotehost 'echo $DISPLAY' and make sure the display number is non-zero. Bob On Wed, 27 Mar 2002, Jim Westbrook wrote:
After updating openssh to v3.1p1 (under SuSE 7.3), I am no longer able to access X based apps from remote using SSH2 (SuSE 7.1). It's being called from a script executed from an xterm:
#! /bin/sh xhost + ssh <destination> xhost -
The connection itself works fine, but if I attempt to run an X dependent application, I get an error - unable to connect to DISPLAY remote:0.0.
I have edited the configuration file to enable X11forwarding.
What next?
JimW
-- To unsubscribe, e-mail: suse-security-unsubscribe@suse.com For additional commands, e-mail: suse-security-help@suse.com Security-related bug reports go to security@suse.de, not here
============================================================== Bob Vickers R.Vickers@cs.rhul.ac.uk Dept of Computer Science, Royal Holloway, University of London WWW: http://www.cs.rhul.ac.uk/home/bobv Phone: +44 1784 443691
participants (10)
-
Alexander Thoma -
Bob Vickers -
dproc@dol.net -
jfweber@bellsouth.net -
Jim Westbrook -
Maf . King -
Robert Szentmihalyi -
Roland Kuhn -
Roman Drahtmueller -
Udo Burghardt