SUMMARY: OpenSSH - Could not load host key: /etc/sshd/ssh_host_rsa_key

From: LOEWENTHAL Simon (sloewenthal@gemini.edu)
Date: Thu May 12 2005 - 16:50:16 EDT

• Next message: Andrew Hall: "SUMMARY: Solaris 10 x86 and IBM HS20 Blade."
• Previous message: sunsa_tx@yahoo.com: "Installing GNU packages"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

SUMMARY:

The problem was two fold:

1) The sshd_config should have been modifed to look for the keys under
/etc/ssh instead of /etc/sshd, instead of using the -h option. Since my
sshd_config is on an NFS mount then this was easier than rolling the
change out to all the clients.

2) Pam was spitting out an error message, which stopped non-root
accounts from logging in. When the UsePAM option in the sshd_config was
toggled to no the users could log onto the system.

Many thanks to all those of you who replied: Eric Lewandowski, Andrew
Hall, Chrisopher L Bernard, Crist Clark, Mauricio Tavares, and Micheal
Chanslor.

Regards, Simon.
-- ISG/Gemini/AURA

LOEWENTHAL Simon wrote:

>Dear all,
>
>Today I installed OpenSSH on a Solaris 8 machine. I created the keys
>under /etc/ssh, which are:
> 2 -rw------- 1 root other 668 Apr 29 15:28 ssh_host_dsa_key
> 2 -rw-r--r-- 1 root other 603 Apr 29 15:28
>ssh_host_dsa_key.pub
> 2 -rw------- 1 root other 883 Apr 29 15:27 ssh_host_rsa_key
> 2 -rw-r--r-- 1 root other 223 Apr 29 15:27
>ssh_host_rsa_key.pub
>
>The /etc/init.d/openssh essentially runs:
>
>[ -x /opt/csw/sbin/sshd ] && /opt/csw/sbin/sshd -h
>/etc/ssh/ssh_host_dsa_key -h /etc/ssh/ssh_host_rsa_key
>
>However, when this runs I get the message:
>Could not load host key: /etc/sshd/ssh_host_rsa_key
>Could not load host key: /etc/sshd/ssh_host_dsa_key
>
>In the /etc/init.d/openssh there is a varible defined, KEYDIR=/etc/ssh,
>but this is only used by /ssh-keygen/, and it does not
>say /etc/ssh*d.
>
>*If I link /etc/ssh to /etc/sshd the error message disapears, but no
>users except root can log on via SSH.
>If I move /etc/ssh /etc/sshd, then keygen runs again as if it cannot see
>the keys, and then sshd says that it cannot load the keys from /etc/ssh!
>
>Has anyone seen this afore?
>
>
>Regards, S.

[demime 1.01b removed an attachment of type application/x-pkcs7-signature which had a name of smime.p7s]
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers

• Next message: Andrew Hall: "SUMMARY: Solaris 10 x86 and IBM HS20 Blade."
• Previous message: sunsa_tx@yahoo.com: "Installing GNU packages"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:30:41 EDT