From owner-freebsd-security Fri Mar 8 16: 9:39 2002 Delivered-To: freebsd-security@freebsd.org Received: from lariat.org (lariat.org [12.23.109.2]) by hub.freebsd.org (Postfix) with ESMTP id 70A7837B419 for ; Fri, 8 Mar 2002 16:09:26 -0800 (PST) Received: from mustang.lariat.org (IDENT:ppp0.lariat.org@lariat.org [12.23.109.2]) by lariat.org (8.9.3/8.9.3) with ESMTP id RAA00796; Fri, 8 Mar 2002 17:08:50 -0700 (MST) X-message-flag: Warning! Use of Microsoft Outlook may make your system susceptible to Internet worms and other "malware." Message-Id: <4.3.2.7.2.20020308170716.02b7d820@nospam.lariat.org> X-Sender: brett@nospam.lariat.org X-Mailer: QUALCOMM Windows Eudora Version 4.3.2 Date: Fri, 08 Mar 2002 17:08:44 -0700 To: "Jason Sopko" , From: Brett Glass Subject: RE: openssh 3.1 port broken? In-Reply-To: <000601c1c6ae$69dc29d0$1c00a8c0@thematrixhasyou> References: <20020308114426.29c0d676.damir@voljatel.si> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org At 07:34 AM 3/8/2002, Jason Sopko wrote: >Edit the Makefile in the openssh ports and modify line 106 to the >following: > >${PREFIX}/bin/ssh-keygen -t rsa1 -N "" -f ${PREFIX}/etc/ssh_host_key > >You just need to add '-t rsa1' to the line, that is all that needs >changed. I had the same problem and this worked for me. > >///Jason Better still, if you're replacing the version in the base install, shouldn't you skip the ssh-keygen altogether? Otherwise, every client will receive a message suggesting that your system may have been compromised..... Not reassuring. And some clients make it difficult to update a host key. --Brett To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message