Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 8 Mar 2002 23:55:37 -0500
From:      "Peter C. Lai" <sirmoo@cowbert.2y.net>
To:        Brett Glass <brett@lariat.org>
Cc:        Jason Sopko <jason@sopko.net>, freebsd-security@FreeBSD.ORG
Subject:   Re: openssh 3.1 port broken?
Message-ID:  <20020308235536.B10178@cowbert.2y.net>
In-Reply-To: <4.3.2.7.2.20020308170716.02b7d820@nospam.lariat.org>; from brett@lariat.org on Fri, Mar 08, 2002 at 05:08:44PM -0700
References:  <20020308114426.29c0d676.damir@voljatel.si> <000601c1c6ae$69dc29d0$1c00a8c0@thematrixhasyou> <4.3.2.7.2.20020308170716.02b7d820@nospam.lariat.org>
next in thread | previous in thread | raw e-mail | index | archive | help 

On Fri, Mar 08, 2002 at 05:08:44PM -0700, Brett Glass wrote:
> At 07:34 AM 3/8/2002, Jason Sopko wrote:
>   
> >Edit the Makefile in the openssh ports and modify line 106 to the
> >following:
> >
> >${PREFIX}/bin/ssh-keygen -t rsa1 -N "" -f ${PREFIX}/etc/ssh_host_key
> >
> >You just need to add '-t rsa1' to the line, that is all that needs
> >changed. I had the same problem and this worked for me. 
> >
> >///Jason
> 
> Better still, if you're replacing the version in the base install,
> shouldn't you skip the ssh-keygen altogether? Otherwise, every
> client will receive a message suggesting that your system may
> have been compromised..... Not reassuring. And some clients make
> it difficult to update a host key.
> 
> --Brett
> 
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message

and furthermore, if you actually used the old keys for any
scripts, they'll be broken. Always back up your
keypairs onto floppies.

-- 
Peter C. Lai
University of Connecticut
Dept. of Residential Life | Programmer
Dept. of Molecular and Cell Biology | Undergraduate Research Assistant
http://cowbert.2y.net/
860.427.4542 (Room)
860.486.1899 (Lab)
203.206.3784 (Cellphone)

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020308235536.B10178>