From owner-freebsd-questions@FreeBSD.ORG Fri Jun 6 21:44:29 2014 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 3A7A0599 for ; Fri, 6 Jun 2014 21:44:29 +0000 (UTC) Received: from mail-qa0-x22d.google.com (mail-qa0-x22d.google.com [IPv6:2607:f8b0:400d:c00::22d]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id ECB8122AE for ; Fri, 6 Jun 2014 21:44:28 +0000 (UTC) Received: by mail-qa0-f45.google.com with SMTP id hw13so4758128qab.4 for ; Fri, 06 Jun 2014 14:44:28 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:content-type:content-transfer-encoding; bh=46eL9rBmuXoaVqFS9HGb5xQhceAEB3oAJpxH3O9tLJM=; b=s04jFp3OTQQUBZjSBsfNVkHrTKM4AC7lxP/xfK6cdwR/r7Y2pg0StRBgeRwemcOiXk wfigsE/v5OG7zTtS9NKdnc2qrnKznV7c9nc2GZvSlKsZtkcAReZcGJCtimB8Q5DSnmrz pD3ygxCJCjpYu2BhHknUrRQY9Ae+EaIszx5KL+f9ktsVz8NYg+e3f3xR2RcOS1geY9i4 +7//WTZVkXG6cO1eRaT8UiR5nraD3O69JvI5s36Jn3FD6GXcBJEcmD2wg9DZI7olcpqq c6kR8vS+r6r+0F5DphF1OF00kaQfzWQq54Cl+ggFDY+nLltiH+Bt9bHMnEfY0QOEQpUl itRA== X-Received: by 10.140.28.198 with SMTP id 64mr12324395qgz.49.1402091068155; Fri, 06 Jun 2014 14:44:28 -0700 (PDT) Received: from [192.168.1.12] (pool-173-48-98-44.bstnma.fios.verizon.net. [173.48.98.44]) by mx.google.com with ESMTPSA id r15sm6531397qgr.15.2014.06.06.14.44.27 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Fri, 06 Jun 2014 14:44:27 -0700 (PDT) Message-ID: <5392363B.8090206@gmail.com> Date: Fri, 06 Jun 2014 17:44:27 -0400 From: Kevin Phair User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:24.0) Gecko/20100101 Thunderbird/24.5.0 MIME-Version: 1.0 To: Freebsd Questions Subject: Re: sshd broken after binary upgrade References: <3BC6F354F757BCAAF379EC6C@localhost> In-Reply-To: <3BC6F354F757BCAAF379EC6C@localhost> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 06 Jun 2014 21:44:29 -0000 On 6/6/14, 5:33 PM, Paul Schmehl wrote: > I upgraded a server from 8.3 to 8.4, and now sshd is broken. (The > other server upgraded fine.) I used freebsd-update to upgrade to 8.4 > RELEASE. > > Here's the errors I'm getting: > > # /etc/rc.d/sshd restart > sshd not running? (check /var/run/sshd.pid). > You already have an RSA host key in /etc/ssh/ssh_host_key > Skipping protocol version 1 RSA Key Generation > You already have a DSA host key in /etc/ssh/ssh_host_dsa_key > Skipping protocol version 2 DSA Key Generation > You already have an RSA host key in /etc/ssh/ssh_host_rsa_key > Skipping protocol version 2 RSA Key Generation > Auto configuration failed > 58803:error:0E079065:configuration file routines:DEF_LOAD_BIO:missing > equal > sign:/usr/src/secure/lib/libcrypto/../../../crypto/openssl/crypto/conf/conf_def.c:366:line > 145 > Performing sanity check on sshd configuration. > Auto configuration failed > 58804:error:0E079065:configuration file routines:DEF_LOAD_BIO:missing > equal > sign:/usr/src/secure/lib/libcrypto/../../../crypto/openssl/crypto/conf/conf_def.c:366:line > 145 > /etc/rc.d/sshd: WARNING: failed precmd routine for sshd > > sshd_config looks fine. I replaced /etc/rc.d/sshd with a copy from > the working server, so that's apparently not the problem. Not sure > what's missing. > > Any help would be appreciated. I am connected to the server, but > obviously can't start a new session. > It sounds similar to what this person ran into: https://forums.freebsd.org/viewtopic.php?&t=36372 I've taken to telling freebsd-update to ignore /etc all together; the time spent fixing things I let freebsd-update break in /etc/ seemed to outmatch time required to make any config updates manually.