Date: Thu, 22 Jun 2000 14:24:33 +1000 (EST) From: Gregory Bond <gnb@itga.com.au> To: FreeBSD-gnats-submit@freebsd.org Subject: conf/19431: rc.network wants to generate unsupported DSA key for SSH Message-ID: <200006220424.OAA00436@hellcat.itga.com.au>
next in thread | raw e-mail | index | archive | help
>Number: 19431 >Category: conf >Synopsis: rc.network wants to generate unsupported DSA key for SSH >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Wed Jun 21 21:30:00 PDT 2000 >Closed-Date: >Last-Modified: >Originator: Gregory Bond >Release: FreeBSD 4.0-STABLE i386 >Organization: ITG Australia Limited >Environment: 4.0-Stable, CVSup'd with crypto from internat.FreeBSD.org >Description: If enable_sshd is set in rc.conf, then rc.network will check if the host keys are present, and create them if not. It tries to create two host keys, an ordinary one and a DSA one. My ssh-keygen (build from a buildworld with the international crypto source but no other known tweaks) doesn't have the required -d option for generating DSA keys. This makes the boot give somewhat odd error messages. >How-To-Repeat: make update && make world && reboot >Fix: I don't know whether this is a simple bug in rc.network (in which case the fix is simple), or if DSA is supported in the US version but not the international version (which seems more likely). In the latter case, rc.network needs to be more careful about what it attempts to do. Should it grep USA_RESIDENT out of make.conf? This is ugly, but I can't think of anything less ugly! >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200006220424.OAA00436>