From owner-freebsd-security  Mon May  6  8:53: 1 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mailhub.isternet.sk (smtp.isternet.sk [195.72.0.60])
	by hub.freebsd.org (Postfix) with ESMTP id 3843C37B407
	for <freebsd-security@FreeBSD.ORG>; Mon,  6 May 2002 08:52:56 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1])
	by mailhub.isternet.sk (Postfix) with ESMTP id 914D33CC
	for <freebsd-security@FreeBSD.ORG>; Mon,  6 May 2002 17:57:28 +0200 (CEST)
Received: from branoold (urpin.isternet.sk [195.72.0.1])
	by mailhub.isternet.sk (Postfix) with SMTP id 004D43BC
	for <freebsd-security@FreeBSD.ORG>; Mon,  6 May 2002 17:57:26 +0200 (CEST)
Message-ID: <02d301c1f516$63cab840$c28c630a@bb.ubp.sk>
From: "[brano]" <brano@zahrobie.sk>
To: <freebsd-security@FreeBSD.ORG>
References: <OE64AAkjtjsX3Ra5cNt000073cd@hotmail.com>
Subject: openssh problem
Date: Mon, 6 May 2002 17:54:58 +0200
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
X-Virus-Scanned: by AMaViS snapshot-20010714
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

Hi,
I have FreeBSD 4.5-RELEASE
I downloaded newest ports and install openssh (version 3.1)
When I generate new keys for openssh with 4096 bits, I can't connect to
server (if I generate keys with 2048 bits, it's working good)

I modified /etc/rc.network
        case ${sshd_enable} in
        [Yy][Ee][Ss])
                if [ ! -f /etc/ssh/ssh_host_key ]; then
                        echo ' creating ssh RSA host key';
                        /usr/bin/ssh-keygen -t rsa1 -b 4096 -N "" -f
/etc/ssh/ssh_host_key
                fi
                if [ ! -f /etc/ssh/ssh_host_dsa_key ]; then
                        echo ' creating ssh DSA host key';
                        /usr/bin/ssh-keygen -d -b 4096 -N "" -f
/etc/ssh/ssh_host_dsa_key
                fi
                if [ ! -f /etc/ssh/ssh_host_rsa_key ]; then
                        echo ' creating ssh RSA host key';
                        /usr/bin/ssh-keygen -t rsa -b 4096 -N "" -f
/etc/ssh/ssh_host_rsa_key
                fi
                ;;
        esac

I modified /etc/ssh/sshd_config
remove support for ssh1 and allow only ssh2

when I use SecureCRT 3.4.3 or PenguinNet 1.21, I found this error in
/var/log/authlog
May  6 16:31:26 temne sshd[259]: Received disconnect from xxx.xxx.xxx.xxx:
9: Corrupt or nonexistent host key or al
gorithm.^M
I use normal username and password via keyboard, any keys or other
authentication methods.

Have anyone some idea why it doesn't work ?
Thanks
Brano from Slovakia




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message