Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 17 Jan 2002 20:45:09 -0800
From:      Mike Makonnen <mike_makonnen@yahoo.com>
To:        freebsd-bugs@freebsd.org
Subject:   Re: misc/34003: Hardcoded path for ssh-keygen in /etc/rc.network
Message-ID:  <200201180445.g0I4j9J01281@blackbox.pacbell.net>
next in thread | raw e-mail | index | archive | help 

On Thu, 17 Jan 2002 11:37:44 -0800 (PST)
"David P. Discher" <dpd@dpdtech.com> wrote:

> >Environment:
> FreeBSD seven.dpdtech.com 4.4-RELEASE FreeBSD 4.4-RELEASE #0: Thu Jan
17 12:23:54 CST 2002    
root@seven.dpdtech.com:/build/src/sys/compile/borg_fbsd44_20020117a 
i386
> 
> >Description:
> I found this awhile back, in the /etc/rc.network file, the path to
ssh-keygen is hardcoded to /usr/bin/ssh-keygen.  The causes problems
when trying to upgrade to new versions of OpenSSH from the ports
collections.   This seems to be a slight oversight.
> 
snip..
> 2.  Change the rc.conf  $sshd_program, to $sshd_prefix.  Then change
/etc/rc and rc.network to use $sshd_prefix/sbin/sshd and
$sshd_path/bin/ssh-keygen  or simliar.    

I think the best way to handle this is with a separate
$ssh_keygen_program line. If you're going to do it, might as well go all
the way. Since you are using 4.4 Release I have included a diff against
that release, and in case someone thinks this is worthy of commiting,
I've also included a patch against -current (the delta between -4.x and
-current is too big for only one set of diffs).

David, please note that you will have to overide the value of
ssh_keygen_program in your local /etc/rc.conf.


cheers,
mike makonnen

4.4-RELEASE:
Index: etc/rc.network
===================================================================
RCS file: /home/ncvs/src/etc/rc.network,v
retrieving revision 1.74.2.23
diff -u -r1.74.2.23 rc.network
--- etc/rc.network	17 Aug 2001 07:26:38 -0000	1.74.2.23
+++ etc/rc.network	18 Jan 2002 03:54:49 -0000
@@ -744,11 +744,13 @@
 	[Yy][Ee][Ss])
 		if [ ! -f /etc/ssh/ssh_host_key ]; then
 			echo ' creating ssh RSA host key';
-			/usr/bin/ssh-keygen -N "" -f /etc/ssh/ssh_host_key
+			${ssh_keygen_program:-/usr/bin/ssh-keygen} -N "" \
+						-f /etc/ssh/ssh_host_key
 		fi
 		if [ ! -f /etc/ssh/ssh_host_dsa_key ]; then
 			echo ' creating ssh DSA host key';
-			/usr/bin/ssh-keygen -d -N "" -f /etc/ssh/ssh_host_dsa_key
+			${ssh_keygen_program:-/usr/bin/ssh-keygen} -d -N "" \
+						-f /etc/ssh/ssh_host_dsa_key
 		fi
 		;;
 	esac
Index: etc/defaults/rc.conf
===================================================================
RCS file: /home/ncvs/src/etc/defaults/rc.conf,v
retrieving revision 1.53.2.39.2.1
diff -u -r1.53.2.39.2.1 rc.conf
--- etc/defaults/rc.conf	14 Sep 2001 17:32:25 -0000	1.53.2.39.2.1
+++ etc/defaults/rc.conf	18 Jan 2002 03:53:09 -0000
@@ -165,6 +165,7 @@
 sshd_enable="NO"                # Enable sshd
 sshd_program="/usr/sbin/sshd"	# path to sshd, if you want a different
one.
 sshd_flags=""                   # Additional flags for sshd.
+ssh_keygen_program="/usr/bin/ssh-keygen"	# path to ssh-keygen
 
 ### Network Time Services options: ###
 timed_enable="NO"		# Run the time daemon (or NO).


CURRENT:
Index: rc.network
===================================================================
RCS file: /home/ncvs/src/etc/rc.network,v
retrieving revision 1.119
diff -u -r1.119 rc.network
--- rc.network	13 Dec 2001 04:21:18 -0000	1.119
+++ rc.network	18 Jan 2002 03:24:28 -0000
@@ -829,11 +829,13 @@
 	[Yy][Ee][Ss])
 		if [ ! -f /etc/ssh/ssh_host_key ]; then
 			echo ' creating ssh RSA host key';
-			/usr/bin/ssh-keygen -N "" -f /etc/ssh/ssh_host_key
+			${ssh_keygen_program:-/usr/bin/ssh-keygen} -N "" \
+						-f /etc/ssh/ssh_host_key
 		fi
 		if [ ! -f /etc/ssh/ssh_host_dsa_key ]; then
 			echo ' creating ssh DSA host key';
-			/usr/bin/ssh-keygen -d -N "" -f /etc/ssh/ssh_host_dsa_key
+			${ssh_keygen_program:-/usr/bin/ssh-keygen} -d -N "" \
+						-f /etc/ssh/ssh_host_dsa_key
 		fi
 		;;
 	esac
Index: defaults/rc.conf
===================================================================
RCS file: /home/ncvs/src/etc/defaults/rc.conf,v
retrieving revision 1.136
diff -u -r1.136 rc.conf
--- defaults/rc.conf	29 Dec 2001 19:42:54 -0000	1.136
+++ defaults/rc.conf	18 Jan 2002 03:11:09 -0000
@@ -155,6 +155,7 @@
 sshd_enable="NO"		# Enable sshd
 sshd_program="/usr/sbin/sshd"	# path to sshd, if you want a different
one.
 sshd_flags=""			# Additional flags for sshd.
+ssh_keygen_program="/usr/bin/ssh-keygen"	# path to ssh-keygen
 
 ### Network daemon (NFS) Need all portmap_enable="YES" ###
 amd_enable="NO"			# Run amd service with $amd_flags (or NO).

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200201180445.g0I4j9J01281>