Problems with SSH Upgrade
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi
Firts: the potato upgrade works perfectly for me.
But I upgraded a woodybox (kernel 2.4.18-686) to
ssh_1%3a3.3p1-0.0woody4_i386.deb .
When restarting sshd by the init script the following error message
is droped
Disabling protocol version 2. Could not load host key
Restarting OpenBSD Secure Shell server: sshdDisabling protocol
version 2. Could not load host key
Reading man sshd all key files needed are generated
ls -la /etc/ssh gives
- -rw-r--r-- 1 root root 1114 Jun 24 21:34 ssh_config
- -rw-r--r-- 1 root root 893 Jul 17 2001
ssh_config.dpkg-old
- -rw------- 1 root root 668 Jul 17 2001
ssh_host_dsa_key
- -rw-r--r-- 1 root root 602 Jul 17 2001
ssh_host_dsa_key.pub
- -rw------- 1 root root 527 Jun 26 06:25 ssh_host_key
- -rw-r--r-- 1 root root 331 Jul 17 2001
ssh_host_key.pub
- -rw------- 1 root root 883 Mar 10 22:48
ssh_host_rsa_key
- -rw-r--r-- 1 root root 222 Mar 10 22:48
ssh_host_rsa_key.pub
- -rw-r--r-- 1 root root 1271 Jul 17 2001 sshd_config
I can still connect to the machine via ssh protocol 1, but forcing
protocol 2 gives:
ssh -2 hostname
Protocol major versions differ: 2 vs. 1
I tried to generate new keys using
cd
ssh-keygen -f /etc/ssh/ssh_host_rsa_key -t rsa -N ''
ssh-keygen -f /etc/ssh/ssh_host_dsa_key -t dsa -N ''
But this also didn't help.
Any hints? I also attachted the sshd_conf file.
Thanks Hendrik
- --
PGP ID 21F0AC0265C92061
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.3 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE9GadmIfCsAmXJIGERAjbuAJ0VV+3/MnUKHMeOUaxv1rDOpiqXoACfTdPo
Nn8yQiykaQZOGOGuHE5VmLI=
=rTmT
-----END PGP SIGNATURE-----
# This is ssh server systemwide configuration file.
Port 22
#Protocol 2,1
#ListenAddress 0.0.0.0
#ListenAddress ::
HostKey /etc/ssh/ssh_host_key
ServerKeyBits 768
LoginGraceTime 600
KeyRegenerationInterval 3600
PermitRootLogin yes
#
# Don't read ~/.rhosts and ~/.shosts files
IgnoreRhosts yes
# Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication
#IgnoreUserKnownHosts yes
StrictModes yes
X11Forwarding yes
X11DisplayOffset 10
PrintMotd yes
KeepAlive yes
# Logging
SyslogFacility AUTH
LogLevel INFO
#obsoletes QuietMode and FascistLogging
RhostsAuthentication no
#
# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
RhostsRSAAuthentication no
#
RSAAuthentication yes
# To disable tunneled clear text passwords, change to no here!
PasswordAuthentication yes
PermitEmptyPasswords no
# Uncomment to disable s/key passwords
#SkeyAuthentication no
#KbdInteractiveAuthentication yes
# To change Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#AFSTokenPassing no
#KerberosTicketCleanup no
# Kerberos TGT Passing does only work with the AFS kaserver
#KerberosTgtPassing yes
#CheckMail no
#UseLogin no
# Uncomment if you want to enable sftp
#Subsystem sftp /usr/lib/sftp-server
#MaxStartups 10:30:60
Reply to: