From owner-freebsd-ports Fri Mar 8 8:30:40 2002 Delivered-To: freebsd-ports@freebsd.org Received: from link.saball.com (link.saball.com [65.71.1.11]) by hub.freebsd.org (Postfix) with ESMTP id 1891B37B404; Fri, 8 Mar 2002 08:30:01 -0800 (PST) Received: from [192.168.1.250] (helo=saball.com) by link.saball.com with esmtp (Exim 3.20 #1) id 16jNGI-000229-00; Fri, 08 Mar 2002 10:30:30 -0600 Message-ID: <3C88E707.1040208@saball.com> Date: Fri, 08 Mar 2002 10:29:59 -0600 From: Richard Bejtlich Reply-To: rbejtlich@saball.com Organization: BATC User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:0.9.8) Gecko/20020205 X-Accept-Language: en-us MIME-Version: 1.0 To: dinoex@FreeBSD.org Cc: ports@FreeBSD.org Subject: FreeBSD Port: openssh-3.1 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-freebsd-ports@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hello, I encountered an error when installing this port today: after 'make install'... ... install -c -s -o root -g wheel -m 555 sftp /usr/local/bin install -c -o root -g wheel -m 444 sftp.1.gz /usr/local/man/man1 ===> scard install -c -m 444 -o root -g wheel Ssh.bin /usr/local/libdata/ssh ===> Generating temporary packing list >> Generating an RSA1 secret host key. /usr/local/bin/ssh-keygen -N "" -f /usr/local/etc/ssh_host_key You must specify a key type (-t). Usage: ssh-keygen [options] Options: -b bits Number of bits in the key to create. -c Change comment in private and public key files. -e Convert OpenSSH to IETF SECSH key file. -f filename Filename of the key file. -i Convert IETF SECSH to OpenSSH key file. -l Show fingerprint of key file. -p Change passphrase of private key file. -q Quiet. -y Read private key file and print public key. -t type Specify type of key to create. -B Show bubblebabble digest of key file. -C comment Provide new comment. -N phrase Provide new passphrase. -P phrase Provide old passphrase. *** Error code 1 Stop in /usr/ports/security/openssh. *** Error code 1 Stop in /usr/ports/security/openssh. *** Error code 1 Stop in /usr/ports/security/openssh. --- So, I made this change to the Makefile. The old line is denoted by the # and the new line is above it. All I did was add a -t rsa1 to the line missing it. --- post-install: .if !defined(BATCH) .if !exists(${PREFIX}/etc/ssh_host_key) @${ECHO_MSG} ">> Generating an RSA1 secret host key." ${PREFIX}/bin/ssh-keygen -t rsa1 -N "" -f ${PREFIX}/etc/ssh_host_key # ${PREFIX}/bin/ssh-keygen -N "" -f ${PREFIX}/etc/ssh_host_key .endif .if !exists(${PREFIX}/etc/ssh_host_rsa_key) @${ECHO_MSG} ">> Generating a RSA secret host key." ${PREFIX}/bin/ssh-keygen -t rsa -N "" -f ${PREFIX}/etc/ssh_host_rsa_key .endif .if !exists(${PREFIX}/etc/ssh_host_dsa_key) @${ECHO_MSG} ">> Generating a DSA secret host key." ${PREFIX}/bin/ssh-keygen -t dsa -N "" -f ${PREFIX}/etc/ssh_host_dsa_key .endif .endif --- The ssh-keygen man page says: -t type Specifies the type of the key to create. The possible values are ``rsa1'' for protocol version 1 and ``rsa'' or ``dsa'' for proto- col version 2. The default is ``rsa1''. Is it possible -t must always be specified? Thanks, Richard -- Richard Bejtlich Senior Engineer, Managed Network Security Operations Ball Aerospace & Technologies Corp. 210-734-5070 x109 rbejtlich@saball.com "The most basic question is not what is best, but who shall decide what is best." -- Thomas Sowell To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message