Date: Sun, 15 Nov 2009 19:21:15 -0500 From: Jon Radel <jon@radel.com> To: Gary Kline <kline@thought.org> Cc: FreeBSD Mailing List <freebsd-questions@freebsd.org> Subject: Re: no sshd on new server... Message-ID: <4B009AFB.2070806@radel.com> In-Reply-To: <20091116010014.f3ca28de.freebsd@edvax.de> References: <20091115234930.GA11465@thought.org> <20091116010014.f3ca28de.freebsd@edvax.de>
next in thread | previous in thread | raw e-mail | index | archive | help
This is a cryptographically signed message in MIME format.
--------------ms020601050003040804040003
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Polytropon wrote:
> On Sun, 15 Nov 2009 15:49:33 -0800, Gary Kline <kline@thought.org> wrote:
>> ok, i have my new server-to-be underway but having problems exec'ing
>> /usr/sbin/sshd. i can ssh out to existing computers, but cannot ssh
>> or scp stuff in. so my question is: how do i create
>> /etc/ssh/ssh_host_dsa_key ? checking around does no good.
>
> Maybe I remember incorrectly, but doesn't sshd create this file
> on its first startup?
>
> Do you have
>
> sshd_enable="YES"
>
> in /etc/rc.conf? Is sshd running, or do you get error messages
> regarding the host DSA key file?
>
>
>
>
This is version specific. If you're really old fashioned (v4, for
example ;-), you can look in /etc/rc.network for a cookbook:
case ${sshd_enable} in
[Yy][Ee][Ss])
if [ -x /usr/bin/ssh-keygen ]; then
if [ ! -f /etc/ssh/ssh_host_key ]; then
echo ' creating ssh1 RSA host key';
/usr/bin/ssh-keygen -t rsa1 -N "" \
-f /etc/ssh/ssh_host_key
fi
if [ ! -f /etc/ssh/ssh_host_rsa_key ]; then
echo ' creating ssh2 RSA host key';
/usr/bin/ssh-keygen -t rsa -N "" \
-f /etc/ssh/ssh_host_rsa_key
fi
if [ ! -f /etc/ssh/ssh_host_dsa_key ]; then
echo ' creating ssh2 DSA host key';
/usr/bin/ssh-keygen -t dsa -N "" \
-f /etc/ssh/ssh_host_dsa_key
fi
fi
;;
esac
or just reboot after setting sshd_enable="YES". In newer versions,
"/etc/rc.d/sshd start" checks if the files exist and creates any of the
3 which don't, or you can force this check and creation with
"/etc/rc.d/sshd keygen". In all cases that I know of, it's just the
ssh-keygen program being run on your behalf.
--
--Jon Radel
jon@radel.com
--------------ms020601050003040804040003
Content-Type: application/x-pkcs7-signature; name="smime.p7s"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="smime.p7s"
Content-Description: S/MIME Cryptographic Signature
MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIJMTCC
AvMwggJcoAMCAQICEB1eDeVYxhAO39zOEnHiAbwwDQYJKoZIhvcNAQEFBQAwYjELMAkGA1UE
BhMCWkExJTAjBgNVBAoTHFRoYXd0ZSBDb25zdWx0aW5nIChQdHkpIEx0ZC4xLDAqBgNVBAMT
I1RoYXd0ZSBQZXJzb25hbCBGcmVlbWFpbCBJc3N1aW5nIENBMB4XDTA5MDIyNTA0MTMyNloX
DTEwMDIyNTA0MTMyNlowXjEOMAwGA1UEBBMFUmFkZWwxEzARBgNVBCoTCkpvbiBUaG9tYXMx
GTAXBgNVBAMTEEpvbiBUaG9tYXMgUmFkZWwxHDAaBgkqhkiG9w0BCQEWDWpvbkByYWRlbC5j
b20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDeT7qtj+euqWr2wXM7OnwrXJe9
Jlc0CGaM69AcTWOFakRY7MUXrqcmF5WjrqrMoagfGjS362eb6787x313ZdLoGuQPh/o2Mqp4
BbSgcnGZRj82SxkUmSN6+2q5ZOOYA6JmfvJwmBuRQ8sHki4GnoSwbIc11a70/z4at5qRi8bb
/RtmJYewnpwXErfuuq0hhVSsYKFPXELzSahlpyC+lUfIdgvLJGxc7eU5QuvtYmuohNjn4k9C
SJinvfjFbkvgbIgtvZxxmcE74NsKTeW2bEwgoCjZlcAD/QMgLE9KGSVn4/LzC/OZwkPKcWKO
CPTNIZK1P+HxaIW4BvvYtjLu2Qx5AgMBAAGjKjAoMBgGA1UdEQQRMA+BDWpvbkByYWRlbC5j
b20wDAYDVR0TAQH/BAIwADANBgkqhkiG9w0BAQUFAAOBgQBT+qFXV8sexrNOJuK8rhVpnCNF
iFslD9Kelhon5Tt1tlTsw+B9F9B8ys9tfV559tzVqE+ULcqnjX2rsaJCwFmn6gyucCN0yGML
h1O4ddsNQmoTOILyBCv/rkfO4tbXJM3si2JDNPZnL/0Rf3FpDTc3U3SnAdqE1a/8PGBTTmay
VDCCAvMwggJcoAMCAQICEB1eDeVYxhAO39zOEnHiAbwwDQYJKoZIhvcNAQEFBQAwYjELMAkG
A1UEBhMCWkExJTAjBgNVBAoTHFRoYXd0ZSBDb25zdWx0aW5nIChQdHkpIEx0ZC4xLDAqBgNV
BAMTI1RoYXd0ZSBQZXJzb25hbCBGcmVlbWFpbCBJc3N1aW5nIENBMB4XDTA5MDIyNTA0MTMy
NloXDTEwMDIyNTA0MTMyNlowXjEOMAwGA1UEBBMFUmFkZWwxEzARBgNVBCoTCkpvbiBUaG9t
YXMxGTAXBgNVBAMTEEpvbiBUaG9tYXMgUmFkZWwxHDAaBgkqhkiG9w0BCQEWDWpvbkByYWRl
bC5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDeT7qtj+euqWr2wXM7Onwr
XJe9Jlc0CGaM69AcTWOFakRY7MUXrqcmF5WjrqrMoagfGjS362eb6787x313ZdLoGuQPh/o2
Mqp4BbSgcnGZRj82SxkUmSN6+2q5ZOOYA6JmfvJwmBuRQ8sHki4GnoSwbIc11a70/z4at5qR
i8bb/RtmJYewnpwXErfuuq0hhVSsYKFPXELzSahlpyC+lUfIdgvLJGxc7eU5QuvtYmuohNjn
4k9CSJinvfjFbkvgbIgtvZxxmcE74NsKTeW2bEwgoCjZlcAD/QMgLE9KGSVn4/LzC/OZwkPK
cWKOCPTNIZK1P+HxaIW4BvvYtjLu2Qx5AgMBAAGjKjAoMBgGA1UdEQQRMA+BDWpvbkByYWRl
bC5jb20wDAYDVR0TAQH/BAIwADANBgkqhkiG9w0BAQUFAAOBgQBT+qFXV8sexrNOJuK8rhVp
nCNFiFslD9Kelhon5Tt1tlTsw+B9F9B8ys9tfV559tzVqE+ULcqnjX2rsaJCwFmn6gyucCN0
yGMLh1O4ddsNQmoTOILyBCv/rkfO4tbXJM3si2JDNPZnL/0Rf3FpDTc3U3SnAdqE1a/8PGBT
TmayVDCCAz8wggKooAMCAQICAQ0wDQYJKoZIhvcNAQEFBQAwgdExCzAJBgNVBAYTAlpBMRUw
EwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEaMBgGA1UEChMRVGhh
d3RlIENvbnN1bHRpbmcxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2VydmljZXMgRGl2aXNp
b24xJDAiBgNVBAMTG1RoYXd0ZSBQZXJzb25hbCBGcmVlbWFpbCBDQTErMCkGCSqGSIb3DQEJ
ARYccGVyc29uYWwtZnJlZW1haWxAdGhhd3RlLmNvbTAeFw0wMzA3MTcwMDAwMDBaFw0xMzA3
MTYyMzU5NTlaMGIxCzAJBgNVBAYTAlpBMSUwIwYDVQQKExxUaGF3dGUgQ29uc3VsdGluZyAo
UHR5KSBMdGQuMSwwKgYDVQQDEyNUaGF3dGUgUGVyc29uYWwgRnJlZW1haWwgSXNzdWluZyBD
QTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAxKY8VXNV+065yplaHmjAdQRwnd/p/6Me
7L3N9VvyGna9fww6YfK/Uc4B1OVQCjDXAmNaLIkVcI7dyfArhVqqP3FWy688Cwfn8R+RNiQq
E88r1fOCdz0Dviv+uxg+B79AgAJk16emu59l0cUqVIUPSAR/p7bRPGEEQB5kGXJgt/sCAwEA
AaOBlDCBkTASBgNVHRMBAf8ECDAGAQH/AgEAMEMGA1UdHwQ8MDowOKA2oDSGMmh0dHA6Ly9j
cmwudGhhd3RlLmNvbS9UaGF3dGVQZXJzb25hbEZyZWVtYWlsQ0EuY3JsMAsGA1UdDwQEAwIB
BjApBgNVHREEIjAgpB4wHDEaMBgGA1UEAxMRUHJpdmF0ZUxhYmVsMi0xMzgwDQYJKoZIhvcN
AQEFBQADgYEASIzRUIPqCy7MDaNmrGcPf6+svsIXoUOWlJ1/TCG4+DYfqi2fNi/A9BxQIJNw
PP2t4WFiw9k6GX6EsZkbAMUaC4J0niVQlGLH2ydxVyWN3amcOY6MIE9lX5Xa9/eH1sYITq72
6jTlEBpbNU1341YheILcIRk13iSx0x1G/11fZU8xggNkMIIDYAIBATB2MGIxCzAJBgNVBAYT
AlpBMSUwIwYDVQQKExxUaGF3dGUgQ29uc3VsdGluZyAoUHR5KSBMdGQuMSwwKgYDVQQDEyNU
aGF3dGUgUGVyc29uYWwgRnJlZW1haWwgSXNzdWluZyBDQQIQHV4N5VjGEA7f3M4SceIBvDAJ
BgUrDgMCGgUAoIIBwzAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEP
Fw0wOTExMTYwMDIxMTVaMCMGCSqGSIb3DQEJBDEWBBRgqT/1RjwcOsIbVSbDVSfLcx0SPzBS
BgkqhkiG9w0BCQ8xRTBDMAoGCCqGSIb3DQMHMA4GCCqGSIb3DQMCAgIAgDANBggqhkiG9w0D
AgIBQDAHBgUrDgMCBzANBggqhkiG9w0DAgIBKDCBhQYJKwYBBAGCNxAEMXgwdjBiMQswCQYD
VQQGEwJaQTElMCMGA1UEChMcVGhhd3RlIENvbnN1bHRpbmcgKFB0eSkgTHRkLjEsMCoGA1UE
AxMjVGhhd3RlIFBlcnNvbmFsIEZyZWVtYWlsIElzc3VpbmcgQ0ECEB1eDeVYxhAO39zOEnHi
AbwwgYcGCyqGSIb3DQEJEAILMXigdjBiMQswCQYDVQQGEwJaQTElMCMGA1UEChMcVGhhd3Rl
IENvbnN1bHRpbmcgKFB0eSkgTHRkLjEsMCoGA1UEAxMjVGhhd3RlIFBlcnNvbmFsIEZyZWVt
YWlsIElzc3VpbmcgQ0ECEB1eDeVYxhAO39zOEnHiAbwwDQYJKoZIhvcNAQEBBQAEggEAjLlX
XsYoRUh0ukEvTLKekeVd9hYb5TOb6GzsWe4Jggx2dMdjWEgInT1lR0811I+r7NH90Q12wlUd
DvaHhCf8wkPc28N96oTkFhTQ35ECfT6vXB7YK8do0rSmiFgXAeenIml7T8q3+ivyQ/GRRx7i
pqBjuuyYWmwiebufBBjHQZCO6HL31fBFmMR/k9vtOhi37MMbUUwIi/rluD0/2FgwP9kv9bYx
TR9D9+Cv7wQDgfbP81MiYXZlVeNDNDwLEEIxhVv8q8OzPaoppPtWiSeVDp2CN0HNw9amJnE0
JU/mfWQCbRX9reJ1G0RDc5MdXexN8qKKFLkfpYFtboFe/aTbJwAAAAAAAA==
--------------ms020601050003040804040003--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4B009AFB.2070806>