From owner-freebsd-security@FreeBSD.ORG  Thu Mar 27 19:48:49 2003
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id A127337B401
	for <freebsd-security@FreeBSD.ORG>;
	Thu, 27 Mar 2003 19:48:49 -0800 (PST)
Received: from dc.cis.okstate.edu (dc.cis.okstate.edu [139.78.100.219])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 29B2843F85
	for <freebsd-security@FreeBSD.ORG>;
	Thu, 27 Mar 2003 19:48:49 -0800 (PST)
	(envelope-from martin@dc.cis.okstate.edu)
Received: from dc.cis.okstate.edu (localhost.cis.okstate.edu [127.0.0.1])
	by dc.cis.okstate.edu (8.12.6/8.12.6) with ESMTP id h2S3mm5b017428
	for <freebsd-security@FreeBSD.ORG>;
	Thu, 27 Mar 2003 21:48:48 -0600 (CST)
	(envelope-from martin@dc.cis.okstate.edu)
Message-Id: <200303280348.h2S3mm5b017428@dc.cis.okstate.edu>
To: freebsd-security@FreeBSD.ORG
Date: Thu, 27 Mar 2003 21:48:48 -0600
From: Martin McCormick <martin@dc.cis.okstate.edu>
X-Spam-Status: No, hits=0.0 required=5.0
	tests=none
	version=2.50
X-Spam-Level: 
X-Spam-Checker-Version: SpamAssassin 2.50 (1.173-2003-02-20-exp)
Subject: How did I Break ssh?
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Security issues [members-only posting]
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 28 Mar 2003 03:48:50 -0000

	Every attempt to connect to anything from a new FreeBSD
system results in a "host key verification failed."

	ssh 127.0.0.1 even fails this way.

	I started with a new FreeBSD4.7 installation and
un-tarred the contents of another 4.7 system to essentially clone
this one.

	My tar ball purposefully did not have the /etc/ssh
directory in it so as to not overwrite any of the files in the
new installation so I ended up with all the proper key files like
I should.

	I can successfully connect to the system from remote hosts
so sshd is working.  I even regenerated my own host key with
ssh-keygen -tdsa and that worked.

	Is there anywhere else besides my directory and /etc/ssh
I should look to see what got clobbered?

	It worked fine before I unpacked the tar ball.  I even
deliberately deleted all the host keys in /etc/ssh and made it
regenerate new ones.  Other than the expected effect of causing
the remote systems to complain about the host identity changing,
nothing else happened.

Martin McCormick WB5AGZ  Stillwater, OK 
OSU Center for Computing and Information Services Network Operations Group