Date: Mon, 31 Aug 2015 15:39:44 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-ports-bugs@FreeBSD.org Subject: [Bug 202792] security/openssh-portable tries to generate obselete key type at startup. Message-ID: <bug-202792-13@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=202792 Bug ID: 202792 Summary: security/openssh-portable tries to generate obselete key type at startup. Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Severity: Affects Many People Priority: --- Component: Individual Port(s) Assignee: bdrewery@FreeBSD.org Reporter: chrysalis@chrysalisnet.org Flags: maintainer-feedback?(bdrewery@FreeBSD.org) Assignee: bdrewery@FreeBSD.org ssh-keygen will now refuse to create one of the keys specified in the rc.d script showing this output at a restart. Generating public/private rsa1 key pair. Saving key "/usr/local/etc/ssh/ssh_host_key" failed: unknown or unsupported key type You already have a DSA host key in /usr/local/etc/ssh/ssh_host_dsa_key Skipping protocol version 2 DSA Key Generation You already have a RSA host key in /usr/local/etc/ssh/ssh_host_rsa_key Skipping protocol version 2 RSA Key Generation You already have a Elliptic Curve DSA host key in /usr/local/etc/ssh/ssh_host_ecdsa_key Skipping protocol version 2 Elliptic Curve DSA Key Generation You already have a Elliptic Curve ED25519 host key in /usr/local/etc/ssh/ssh_host_ed25519_key Skipping protocol version 2 Elliptic Curve ED25519 Key Generation Performing sanity check on openssh configuration. Stopping openssh. Waiting for PIDS: 72833. Generating public/private rsa1 key pair. Saving key "/usr/local/etc/ssh/ssh_host_key" failed: unknown or unsupported key type You already have a DSA host key in /usr/local/etc/ssh/ssh_host_dsa_key Skipping protocol version 2 DSA Key Generation You already have a RSA host key in /usr/local/etc/ssh/ssh_host_rsa_key Skipping protocol version 2 RSA Key Generation You already have a Elliptic Curve DSA host key in /usr/local/etc/ssh/ssh_host_ecdsa_key Skipping protocol version 2 Elliptic Curve DSA Key Generation You already have a Elliptic Curve ED25519 host key in /usr/local/etc/ssh/ssh_host_ed25519_key Skipping protocol version 2 Elliptic Curve ED25519 Key Generation Performing sanity check on openssh configuration. Starting openssh. If one key is missing it tries to regenerate "all" keys hence the mess. The fix is to edit the rc.d script from openssh_keygen() { if [ -f /usr/local/etc/ssh/ssh_host_key -a \ -f /usr/local/etc/ssh/ssh_host_dsa_key -a \ -f /usr/local/etc/ssh/ssh_host_rsa_key -a \ -f /usr/local/etc/ssh/ssh_host_ecdsa_key -a \ -f /usr/local/etc/ssh/ssh_host_ed25519_key ]; then return 0 fi to openssh_keygen() { if [ -f /usr/local/etc/ssh/ssh_host_dsa_key -a \ -f /usr/local/etc/ssh/ssh_host_rsa_key -a \ -f /usr/local/etc/ssh/ssh_host_ecdsa_key -a \ -f /usr/local/etc/ssh/ssh_host_ed25519_key ]; then return 0 fi not sure if this is related to bug 202169 so filed a new report. -- You are receiving this mail because: You are the assignee for the bug.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-202792-13>