LinuxQuestions.org
Go Job Hunting at the LQ Job Marketplace
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 01-03-2004, 09:59 AM   #1
locazor
LQ Newbie
 
Registered: Jan 2004
Location: Tønsberg, Norway
Distribution: Fedora Core 6
Posts: 13

Rep: Reputation: 0
Problems running sshd on gentoo


I ran
Code:
emerge sshd
to install the daemon. It compiled just fine and it is now installed. My problem is that when I try to run it, it doesn't accept my host keys running chmod 644. Whatever I try to set it to, it says it is unprotected and then ignores it, or it does not find the file at all when I set the chmod to for instance 400 or 700. What on earth am I supposed to do? I have generated the host keys with the following commands

Code:
    ssh-keygen -b 1024 -t rsa1 -f /etc/ssh/ssh_host_key -N ""
    ssh-keygen -b 1024 -t rsa -f /etc/ssh/ssh_host_rsa_key -N ""
    ssh-keygen -b 1024 -t dsa -f /etc/ssh/ssh_host_dsa_key -N ""
 
Old 01-03-2004, 12:13 PM   #2
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,675
Blog Entries: 54

Rep: Reputation: 2953Reputation: 2953Reputation: 2953Reputation: 2953Reputation: 2953Reputation: 2953Reputation: 2953Reputation: 2953Reputation: 2953Reputation: 2953Reputation: 2953
Sshd's own host keys /etc/ssh/ssh_host_* are chmod 0600, their public counterparts (/etc/ssh/ssh_host_*.pub) are 0644. Please post the actual and full errors.
 
Old 01-03-2004, 03:24 PM   #3
locazor
LQ Newbie
 
Registered: Jan 2004
Location: Tønsberg, Norway
Distribution: Fedora Core 6
Posts: 13

Original Poster
Rep: Reputation: 0
Quote:
root@mendocino locazor # sshd -h /etc/ssh/ssh_host_rsa_key.pub
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: UNPROTECTED PRIVATE KEY FILE! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0640 for '/etc/ssh/ssh_host_rsa_key.pub' are too open.
It is recommended that your private key files are NOT accessible by others.
This private key will be ignored.
bad permissions: ignore key: /etc/ssh/ssh_host_rsa_key.pub
Could not load host key: /etc/ssh/ssh_host_rsa_key.pub
Disabling protocol version 1. Could not load host key
Disabling protocol version 2. Could not load host key
sshd: no hostkeys available -- exiting.
root@mendocino locazor #
 
Old 01-03-2004, 05:55 PM   #4
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,675
Blog Entries: 54

Rep: Reputation: 2953Reputation: 2953Reputation: 2953Reputation: 2953Reputation: 2953Reputation: 2953Reputation: 2953Reputation: 2953Reputation: 2953Reputation: 2953Reputation: 2953
root@mendocino locazor # sshd -h /etc/ssh/ssh_host_rsa_key.pub
Try running "/etc/init.d/sshd start".
If it fails try "/etc/init.d/sshd status" and post the errors.

BTW, if you *must* a host key, then use /etc/ssh/ssh_host_dsa_key, not the dot pub one.
 
Old 01-03-2004, 07:05 PM   #5
locazor
LQ Newbie
 
Registered: Jan 2004
Location: Tønsberg, Norway
Distribution: Fedora Core 6
Posts: 13

Original Poster
Rep: Reputation: 0
Quote:
root@mendocino locazor # /etc/init.d/sshd start
* Starting sshd...
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: UNPROTECTED PRIVATE KEY FILE! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0640 for '/etc/ssh/ssh_host_key' are too open.
It is recommended that your private key files are NOT accessible by others.
This private key will be ignored.
bad permissions: ignore key: /etc/ssh/ssh_host_key
Could not load host key: /etc/ssh/ssh_host_key
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: UNPROTECTED PRIVATE KEY FILE! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0640 for '/etc/ssh/ssh_host_rsa_key' are too open.
It is recommended that your private key files are NOT accessible by others.
This private key will be ignored.
bad permissions: ignore key: /etc/ssh/ssh_host_rsa_key
Could not load host key: /etc/ssh/ssh_host_rsa_key
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: UNPROTECTED PRIVATE KEY FILE! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0640 for '/etc/ssh/ssh_host_dsa_key' are too open.
It is recommended that your private key files are NOT accessible by others.
This private key will be ignored.
bad permissions: ignore key: /etc/ssh/ssh_host_dsa_key
Could not load host key: /etc/ssh/ssh_host_dsa_key
Disabling protocol version 1. Could not load host key
Disabling protocol version 2. Could not load host key
sshd: no hostkeys available -- exiting. [ !! ]

root@mendocino locazor # /etc/init.d/sshd status
* status: stopped
root@mendocino locazor #
 
Old 01-03-2004, 07:27 PM   #6
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,675
Blog Entries: 54

Rep: Reputation: 2953Reputation: 2953Reputation: 2953Reputation: 2953Reputation: 2953Reputation: 2953Reputation: 2953Reputation: 2953Reputation: 2953Reputation: 2953Reputation: 2953
http://www.linuxquestions.org/questi...49#post681149: Sshd's own host keys /etc/ssh/ssh_host_* are chmod 0600, their public counterparts (/etc/ssh/ssh_host_*.pub) are 0644.

If chmodding doesnt work, please post the init script in BB "code" tags (to preserve the format) and the output of "ls -al /etc/ssh". Bit awkward, this.

Last edited by unSpawn; 01-03-2004 at 07:28 PM.
 
Old 01-03-2004, 07:37 PM   #7
locazor
LQ Newbie
 
Registered: Jan 2004
Location: Tønsberg, Norway
Distribution: Fedora Core 6
Posts: 13

Original Poster
Rep: Reputation: 0
chmod didn't help either, but I deleted all my host keys and ran the /etc/init.d/sshd start script, then it generated the keys for itself and it worked. Thanks for your help
 
Old 01-03-2004, 07:45 PM   #8
unSpawn
Moderator
 
Registered: May 2001
Posts: 27,675
Blog Entries: 54

Rep: Reputation: 2953Reputation: 2953Reputation: 2953Reputation: 2953Reputation: 2953Reputation: 2953Reputation: 2953Reputation: 2953Reputation: 2953Reputation: 2953Reputation: 2953
Np.
 
Old 05-21-2007, 12:26 AM   #9
williamconley
LQ Newbie
 
Registered: May 2007
Posts: 1

Rep: Reputation: 0
Quote:
Originally Posted by locazor
chmod didn't help either, but I deleted all my host keys and ran the /etc/init.d/sshd start script, then it generated the keys for itself and it worked. Thanks for your help

thanks for posting that. it resolved an issue I have had (fighting intermittently) for three days.

I guess using the script to start it allows for a little more interaction that just firin it up.
 
  


Reply

Tags
available, sshd


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Gentoo: Problems running links with svga Snerkel Linux - Software 1 04-30-2005 08:33 PM
Problems running emerge -u system Gentoo FreeThinkerJim Linux - Distributions 4 04-25-2005 12:36 AM
check to see if sshd is running naijaguy Linux - Newbie 1 08-14-2004 03:37 AM
sshd problems: scuzzy Linux - Software 8 07-29-2004 01:44 PM
Enabling SSH in mandrake 9.2 - sshd vs. sshd-xinetd DogTags Linux - Newbie 7 11-25-2003 01:17 PM


All times are GMT -5. The time now is 02:35 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration