From owner-freebsd-questions@FreeBSD.ORG Fri Jun 6 22:03:25 2014 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 3691ABD2 for ; Fri, 6 Jun 2014 22:03:25 +0000 (UTC) Received: from ip-001.utdallas.edu (ip-001.utdallas.edu [129.110.180.40]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (Client CN "smtpauth.utdallas.edu", Issuer "COMODO High-Assurance Secure Server CA" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id A48DA2466 for ; Fri, 6 Jun 2014 22:03:24 +0000 (UTC) X-Group: None X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: Au8DALg5klOBbgogX2dsb2JhbAA/GoNfsByURgGBGwQYCwIQFCiEAwEBBAE4Ak8LGC4hIhQGARKILgMJCA02tGKSGw2GCBMEjEeBYEmDK4EWBIoxjXKPRolSHy+BAw X-IPAS-Result: Au8DALg5klOBbgogX2dsb2JhbAA/GoNfsByURgGBGwQYCwIQFCiEAwEBBAE4Ak8LGC4hIhQGARKILgMJCA02tGKSGw2GCBMEjEeBYEmDK4EWBIoxjXKPRolSHy+BAw X-IronPort-AV: E=Sophos;i="4.98,991,1392184800"; d="scan'208";a="18069599" Received: from zxtm01.utdallas.edu (HELO utd71538.utdallas.edu) ([129.110.10.32]) by ip-001.utdallas.edu with ESMTP/TLS/DHE-RSA-AES256-SHA; 06 Jun 2014 17:02:16 -0500 Date: Fri, 06 Jun 2014 17:02:13 -0500 From: Paul Schmehl Reply-To: Paul Schmehl To: Kevin Phair , Freebsd Questions Subject: Re: sshd broken after binary upgrade Message-ID: <704ACBF503C73C4AFDCBC342@localhost> In-Reply-To: <5392363B.8090206@gmail.com> References: <3BC6F354F757BCAAF379EC6C@localhost> <5392363B.8090206@gmail.com> X-Mailer: Mulberry/4.1.0a1 (Mac OS X) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline; size=2309 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 06 Jun 2014 22:03:25 -0000 --On June 6, 2014 at 5:44:27 PM -0400 Kevin Phair wrote: > > On 6/6/14, 5:33 PM, Paul Schmehl wrote: >> I upgraded a server from 8.3 to 8.4, and now sshd is broken. (The >> other server upgraded fine.) I used freebsd-update to upgrade to 8.4 >> RELEASE. >> >> Here's the errors I'm getting: >> >> # /etc/rc.d/sshd restart >> sshd not running? (check /var/run/sshd.pid). >> You already have an RSA host key in /etc/ssh/ssh_host_key >> Skipping protocol version 1 RSA Key Generation >> You already have a DSA host key in /etc/ssh/ssh_host_dsa_key >> Skipping protocol version 2 DSA Key Generation >> You already have an RSA host key in /etc/ssh/ssh_host_rsa_key >> Skipping protocol version 2 RSA Key Generation >> Auto configuration failed >> 58803:error:0E079065:configuration file routines:DEF_LOAD_BIO:missing >> equal >> sign:/usr/src/secure/lib/libcrypto/../../../crypto/openssl/crypto/conf/c >> onf_def.c:366:line 145 >> Performing sanity check on sshd configuration. >> Auto configuration failed >> 58804:error:0E079065:configuration file routines:DEF_LOAD_BIO:missing >> equal >> sign:/usr/src/secure/lib/libcrypto/../../../crypto/openssl/crypto/conf/c >> onf_def.c:366:line 145 >> /etc/rc.d/sshd: WARNING: failed precmd routine for sshd >> >> sshd_config looks fine. I replaced /etc/rc.d/sshd with a copy from >> the working server, so that's apparently not the problem. Not sure >> what's missing. >> >> Any help would be appreciated. I am connected to the server, but >> obviously can't start a new session. >> > It sounds similar to what this person ran into: > https://forums.freebsd.org/viewtopic.php?&t=36372 > > I've taken to telling freebsd-update to ignore /etc all together; the > time spent fixing things I let freebsd-update break in /etc/ seemed to > outmatch time required to make any config updates manually. > Thanks, Kevin. That fixed it. -- Paul Schmehl, Senior Infosec Analyst As if it wasn't already obvious, my opinions are my own and not those of my employer. ******************************************* "It is as useless to argue with those who have renounced the use of reason as to administer medication to the dead." Thomas Jefferson "There are some ideas so wrong that only a very intelligent person could believe in them." George Orwell