Mailinglist Archive: opensuse-security (636 mails)
| < Previous | Next > |
Re: [suse-security] OpenSSH 2.5.1p1 and server key
- From: Jeremy Buchmann <jeremy@xxxxxxxxxxxxxxx>
- Date: Wed, 21 Feb 2001 14:33:35 -0800
- Message-id: <B6B9823E.1A2B%jeremy@xxxxxxxxxxxxxxx>
> Hi,
>
> I just compiled the latest incarnation of OpenSSH (2.5.1),
> and installed it. When I tried to start the daemon, it
> gave the following warning:
>
> Could not load server key. Disabling 2.0 protocol.
I got a similar thing. For some reason, the build process isn't respecting
the --sysconfdir configure option. Watch (warning: long script):
Script started on Wed Feb 21 14:13:27 2001
root@ws:/usr/src/openssh-2.5.1p1> make clean
[snip]
root@ws:/usr/src/openssh-2.5.1p1> ./configure --prefix=/usr/local
--sysconfdir=/etc/ssh --with-tcp-wrappers --with-pam --with-ipv4-default
[snip]
OpenSSH configured has been configured with the following options.
User binaries: /usr/local/bin
System binaries: /usr/local/sbin
Configuration files: /etc/ssh
Askpass program: /usr/local/libexec/ssh-askpass
Manual pages: /usr/local/man/manX
PID file: /var/run
Random number collection: Device (/dev/urandom)
Manpage format: man
PAM support: yes
KerberosIV support: no
AFS support: no
S/KEY support: no
TCP Wrappers support: yes
MD5 password support: no
IP address in $DISPLAY hack: no
Use IPv4 by default hack: yes
Translate v4 in v6 hack: yes
Host: i686-pc-linux-gnu
Compiler: gcc
Compiler flags: -g -O2 -Wall
Preprocessor flags: -I/usr/local/include -I/usr/local/include
Linker flags: -L/usr/local/lib -L/usr/local/lib
Libraries: -lpam -ldl -lwrap -lz -lnsl -lutil -lcrypto
PAM is enabled. You may need to install a PAM control file for sshd,
otherwise password authentication may fail. Example PAM control files
can be found in the contrib/ subdirectory
root@ws:/usr/src/openssh-2.5.1p1> make #works correctly
root@ws:/usr/src/openssh-2.5.1p1> make install #works correctly
root@ws:/usr/src/openssh-2.5.1p1> date
Wed Feb 21 14:16:04 PST 2001
root@ws:/usr/src/openssh-2.5.1p1> ls -l /usr/local/sbin/sshd
-rwxr-xr-x 1 root root 664028 Feb 21 14:15 /usr/local/sbin/sshd*
root@ws:/usr/src/openssh-2.5.1p1> ls -l /etc/ssh/
total 60
-rw-r--r-- 1 root root 26287 Feb 21 13:50 primes
-rw-r--r-- 1 root root 880 Feb 21 13:50 ssh_config
-rw------- 1 root root 668 Feb 9 11:25 ssh_host_dsa_key
-rw-r--r-- 1 root root 597 Feb 9 11:25 ssh_host_dsa_key.pub
-rw------- 1 root root 522 Feb 9 11:25 ssh_host_key
-rw-r--r-- 1 root root 326 Feb 9 11:25 ssh_host_key.pub
-rw------- 1 root root 887 Feb 21 13:50 ssh_host_rsa_key
-rw-r--r-- 1 root root 217 Feb 21 13:50 ssh_host_rsa_key.pub
-rw-r--r-- 1 root root 628 Feb 21 13:50 sshd_config
root@ws:/usr/src/openssh-2.5.1p1> /usr/local/sbin/sshd
/usr/local/etc/ssh_host_key: No such file or directory
error: Could not load host key: /usr/local/etc/ssh_host_key: No such file or
directory
Disabling protocol version 1. Could not load host key
Disabling protocol version 2. Could not load host key
sshd: no hostkeys available -- exiting.
root@ws:/usr/src/openssh-2.5.1p1> sshd --version
sshd: invalid option -- -
sshd version OpenSSH_2.5.1p1
Usage: sshd [options]
Options:
-f file Configuration file (default /etc/ssh/sshd_config)
-d Debugging mode (multiple -d means more debugging)
-i Started from inetd
-D Do not fork into daemon mode
-q Quiet (no logging)
-p port Listen on the specified port (default: 22)
-k seconds Regenerate server key every this many seconds (default: 3600)
-g seconds Grace period for authentication (default: 600)
-b bits Size of server RSA key (default: 768 bits)
-h file File from which to read host key (default:
/etc/ssh/ssh_host_key)
-u len Maximum hostname length for utmp recording
-4 Use IPv4 only
-6 Use IPv6 only
root@ws:/usr/src/openssh-2.5.1p1> exit
exit
----
Look at the -h flag above. It says the default is /etc/ssh/ssh_host_key,
but when the program tries to run, it looks for it in /usr/local/etc...I can
always symlink it to get it to run, but this has to be a bug...can anyone
else confirm before I send it in?
-- Jeremy [jeremy@xxxxxxxxxxxxxxx]
>
> I just compiled the latest incarnation of OpenSSH (2.5.1),
> and installed it. When I tried to start the daemon, it
> gave the following warning:
>
> Could not load server key. Disabling 2.0 protocol.
I got a similar thing. For some reason, the build process isn't respecting
the --sysconfdir configure option. Watch (warning: long script):
Script started on Wed Feb 21 14:13:27 2001
root@ws:/usr/src/openssh-2.5.1p1> make clean
[snip]
root@ws:/usr/src/openssh-2.5.1p1> ./configure --prefix=/usr/local
--sysconfdir=/etc/ssh --with-tcp-wrappers --with-pam --with-ipv4-default
[snip]
OpenSSH configured has been configured with the following options.
User binaries: /usr/local/bin
System binaries: /usr/local/sbin
Configuration files: /etc/ssh
Askpass program: /usr/local/libexec/ssh-askpass
Manual pages: /usr/local/man/manX
PID file: /var/run
Random number collection: Device (/dev/urandom)
Manpage format: man
PAM support: yes
KerberosIV support: no
AFS support: no
S/KEY support: no
TCP Wrappers support: yes
MD5 password support: no
IP address in $DISPLAY hack: no
Use IPv4 by default hack: yes
Translate v4 in v6 hack: yes
Host: i686-pc-linux-gnu
Compiler: gcc
Compiler flags: -g -O2 -Wall
Preprocessor flags: -I/usr/local/include -I/usr/local/include
Linker flags: -L/usr/local/lib -L/usr/local/lib
Libraries: -lpam -ldl -lwrap -lz -lnsl -lutil -lcrypto
PAM is enabled. You may need to install a PAM control file for sshd,
otherwise password authentication may fail. Example PAM control files
can be found in the contrib/ subdirectory
root@ws:/usr/src/openssh-2.5.1p1> make #works correctly
root@ws:/usr/src/openssh-2.5.1p1> make install #works correctly
root@ws:/usr/src/openssh-2.5.1p1> date
Wed Feb 21 14:16:04 PST 2001
root@ws:/usr/src/openssh-2.5.1p1> ls -l /usr/local/sbin/sshd
-rwxr-xr-x 1 root root 664028 Feb 21 14:15 /usr/local/sbin/sshd*
root@ws:/usr/src/openssh-2.5.1p1> ls -l /etc/ssh/
total 60
-rw-r--r-- 1 root root 26287 Feb 21 13:50 primes
-rw-r--r-- 1 root root 880 Feb 21 13:50 ssh_config
-rw------- 1 root root 668 Feb 9 11:25 ssh_host_dsa_key
-rw-r--r-- 1 root root 597 Feb 9 11:25 ssh_host_dsa_key.pub
-rw------- 1 root root 522 Feb 9 11:25 ssh_host_key
-rw-r--r-- 1 root root 326 Feb 9 11:25 ssh_host_key.pub
-rw------- 1 root root 887 Feb 21 13:50 ssh_host_rsa_key
-rw-r--r-- 1 root root 217 Feb 21 13:50 ssh_host_rsa_key.pub
-rw-r--r-- 1 root root 628 Feb 21 13:50 sshd_config
root@ws:/usr/src/openssh-2.5.1p1> /usr/local/sbin/sshd
/usr/local/etc/ssh_host_key: No such file or directory
error: Could not load host key: /usr/local/etc/ssh_host_key: No such file or
directory
Disabling protocol version 1. Could not load host key
Disabling protocol version 2. Could not load host key
sshd: no hostkeys available -- exiting.
root@ws:/usr/src/openssh-2.5.1p1> sshd --version
sshd: invalid option -- -
sshd version OpenSSH_2.5.1p1
Usage: sshd [options]
Options:
-f file Configuration file (default /etc/ssh/sshd_config)
-d Debugging mode (multiple -d means more debugging)
-i Started from inetd
-D Do not fork into daemon mode
-q Quiet (no logging)
-p port Listen on the specified port (default: 22)
-k seconds Regenerate server key every this many seconds (default: 3600)
-g seconds Grace period for authentication (default: 600)
-b bits Size of server RSA key (default: 768 bits)
-h file File from which to read host key (default:
/etc/ssh/ssh_host_key)
-u len Maximum hostname length for utmp recording
-4 Use IPv4 only
-6 Use IPv6 only
root@ws:/usr/src/openssh-2.5.1p1> exit
exit
----
Look at the -h flag above. It says the default is /etc/ssh/ssh_host_key,
but when the program tries to run, it looks for it in /usr/local/etc...I can
always symlink it to get it to run, but this has to be a bug...can anyone
else confirm before I send it in?
-- Jeremy [jeremy@xxxxxxxxxxxxxxx]
| < Previous | Next > |