From owner-freebsd-ports Sun Jul 19 17:11:30 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id RAA14575 for freebsd-ports-outgoing; Sun, 19 Jul 1998 17:11:30 -0700 (PDT) (envelope-from owner-freebsd-ports@FreeBSD.ORG) Received: from freefall.freebsd.org (freefall.FreeBSD.ORG [204.216.27.21]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id RAA14570 for ; Sun, 19 Jul 1998 17:11:29 -0700 (PDT) (envelope-from gnats@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.8.8/8.8.5) id RAA11336; Sun, 19 Jul 1998 17:10:01 -0700 (PDT) Date: Sun, 19 Jul 1998 17:10:01 -0700 (PDT) Message-Id: <199807200010.RAA11336@freefall.freebsd.org> To: freebsd-ports@FreeBSD.ORG From: Brian Behlendorf Subject: Re: ports/7323: "make install" of ssh blows away host key pair Reply-To: Brian Behlendorf Sender: owner-freebsd-ports@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org The following reply was made to PR ports/7323; it has been noted by GNATS. From: Brian Behlendorf To: Matthew Hunt , freebsd-gnats-submit@FreeBSD.ORG Cc: Subject: Re: ports/7323: "make install" of ssh blows away host key pair Date: Sun, 19 Jul 1998 16:52:16 -0700 At 07:08 PM 7/19/98 -0400, Matthew Hunt wrote: >On Sun, Jul 19, 1998 at 02:34:15PM -0700, brian@hyperreal.org wrote: > >> >Description: >> When conducting a /usr/ports based install of ssh, a "make install" >> obliterates any preexisting host keys. A "make install" should instead >> look for any pre-existing keys and use them, or at least prompt to ask >> if the user wishes to make new keys. > >Are you certain? Yes. A "make clean; make; make install" nuked it. I don't think I had to do a "make deinstall" first. Now, this was the first time I had installed it by going through the /usr/ports environment - previously I had simply installed it from the ssh distribution tarball, using all the defaults it had found. Aha - looks like the defaults from the tarball were to install the keys in /etc, whereas the one in /usr/ports puts them in /usr/local/etc. Okay, makes sense now - adding some fool-proofness by checking in /etc and prompting the user ("want to use these?") would seem like a good idea. Updating the keys might not have been a bad idea anyways. Brian --=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-- "Common sense is the collection of prejudices | brian@apache.org acquired by the age of eighteen." - Einstein | brian@hyperreal.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message