Date: Sun, 15 Nov 2009 19:21:15 -0500 From: Jon Radel <jon@radel.com> To: Gary Kline <kline@thought.org> Cc: FreeBSD Mailing List <freebsd-questions@freebsd.org> Subject: Re: no sshd on new server... Message-ID: <4B009AFB.2070806@radel.com> In-Reply-To: <20091116010014.f3ca28de.freebsd@edvax.de> References: <20091115234930.GA11465@thought.org> <20091116010014.f3ca28de.freebsd@edvax.de>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --]
Polytropon wrote:
> On Sun, 15 Nov 2009 15:49:33 -0800, Gary Kline <kline@thought.org> wrote:
>> ok, i have my new server-to-be underway but having problems exec'ing
>> /usr/sbin/sshd. i can ssh out to existing computers, but cannot ssh
>> or scp stuff in. so my question is: how do i create
>> /etc/ssh/ssh_host_dsa_key ? checking around does no good.
>
> Maybe I remember incorrectly, but doesn't sshd create this file
> on its first startup?
>
> Do you have
>
> sshd_enable="YES"
>
> in /etc/rc.conf? Is sshd running, or do you get error messages
> regarding the host DSA key file?
>
>
>
>
This is version specific. If you're really old fashioned (v4, for
example ;-), you can look in /etc/rc.network for a cookbook:
case ${sshd_enable} in
[Yy][Ee][Ss])
if [ -x /usr/bin/ssh-keygen ]; then
if [ ! -f /etc/ssh/ssh_host_key ]; then
echo ' creating ssh1 RSA host key';
/usr/bin/ssh-keygen -t rsa1 -N "" \
-f /etc/ssh/ssh_host_key
fi
if [ ! -f /etc/ssh/ssh_host_rsa_key ]; then
echo ' creating ssh2 RSA host key';
/usr/bin/ssh-keygen -t rsa -N "" \
-f /etc/ssh/ssh_host_rsa_key
fi
if [ ! -f /etc/ssh/ssh_host_dsa_key ]; then
echo ' creating ssh2 DSA host key';
/usr/bin/ssh-keygen -t dsa -N "" \
-f /etc/ssh/ssh_host_dsa_key
fi
fi
;;
esac
or just reboot after setting sshd_enable="YES". In newer versions,
"/etc/rc.d/sshd start" checks if the files exist and creates any of the
3 which don't, or you can force this check and creation with
"/etc/rc.d/sshd keygen". In all cases that I know of, it's just the
ssh-keygen program being run on your behalf.
--
--Jon Radel
jon@radel.com
[-- Attachment #2 --]
0 *H
01
0 +�0 *H
�� 100\
^
Xq0
*H
�0b1
0 UZA1%0#U
Thawte Consulting (Pty) Ltd.1,0*U#Thawte Personal Freemail Issuing CA0
090225041326Z
100225041326Z0^10
URadel10U*
Jon Thomas10UJon Thomas Radel1
0 *H
jon@radel.com0"0
*H
��0
�O箩js;:|+\&W4f
McjDX&̡ 4g;}we62xrqF?6K#zjdf~pC.l5ծ>f%!T`O\BIe Gv
$l\9BbkOBHnKl-q;
MlL (ٕ ,OJ%g
Cqb!?hض2
y�*0(0U
0
jon@radel.com0
U
0�0
*H
��SWW
ƳN&⼮i#E[%Ҟ';uT}|m}^yըO-ʧ}BY
p#tc
Su
Bj8+G$bC4g/qi
77Stڄկ<`SNfT00\
^
Xq0
*H
�0b1
0 UZA1%0#U
Thawte Consulting (Pty) Ltd.1,0*U#Thawte Personal Freemail Issuing CA0
090225041326Z
100225041326Z0^10
URadel10U*
Jon Thomas10UJon Thomas Radel1
0 *H
jon@radel.com0"0
*H
��0
�O箩js;:|+\&W4f
McjDX&̡ 4g;}we62xrqF?6K#zjdf~pC.l5ծ>f%!T`O\BIe Gv
$l\9BbkOBHnKl-q;
MlL (ٕ ,OJ%g
Cqb!?hض2
y�*0(0U
0
jon@radel.com0
U
0�0
*H
��SWW
ƳN&⼮i#E[%Ҟ';uT}|m}^yըO-ʧ}BY
p#tc
Su
Bj8+G$bC4g/qi
77Stڄկ<`SNfT0?0
0
*H
�01
0 UZA10U
Western Cape10U Cape Town10U
Thawte Consulting1(0&U
Certification Services Division1$0"UThawte Personal Freemail CA1+0) *H
personal-freemail@thawte.com0
030717000000Z
130716235959Z0b1
0 UZA1%0#U
Thawte Consulting (Pty) Ltd.1,0*U#Thawte Personal Freemail Issuing CA00
*H
��0�Ħ<UsUNʙZ
hup
[v
:aQP
0cZ,p+Z?qV˯<
6$*+w=+>@dקe*TH<a@
dr`�00U
0�0CU
<0:08642http://crl.thawte.com/ThawtePersonalFreemailCA.crl0
U
0)U
"0
0
10UPrivateLabel2-1380
*H
��HP
.
fgCL!6 -6/
P p<ab:~�
t%Pb'qW%ݩ9 Oe_N4[5MwV!x!5$
F]_eO1d0`0v0b1
0 UZA1%0#U
Thawte Consulting (Pty) Ltd.1,0*U#Thawte Personal Freemail Issuing CA
^
Xq0 +�0 *H
1
*H
0
*H
1
091116002115Z0# *H
1`?F<
:U&U's
?0R *H
1E0C0
*H
0*H
�0
*H
@0+0
*H
(0 +71x0v0b1
0 UZA1%0#U
Thawte Consulting (Pty) Ltd.1,0*U#Thawte Personal Freemail Issuing CA
^
Xq0
*H
1xv0b1
0 UZA1%0#U
Thawte Consulting (Pty) Ltd.1,0*U#Thawte Personal Freemail Issuing CA
^
Xq0
*H
��W^(EHtA/L]3lY
vtcXH=eGO5ԏ
vU
'C}ߑ}>\
+hҴX"i{Oʷ+CG
⦠cZl"yArE:QL=?X0?/1M CS"aveUC4<
B1[ó=)V'7A֦&q4%O}dmuDCs
]M mn^'������
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4B009AFB.2070806>