Date: Thu, 01 Mar 2001 16:59:48 +1100 From: Tony Landells <ahl@austclear.com.au> To: "Peter C. Lai" <sirmoo@cowbert.2y.net> Cc: freebsd-security@FreeBSD.ORG Subject: Re: sshd weirdness Message-ID: <200103010559.QAA01865@tungsten.austclear.com.au> In-Reply-To: Message from "Peter C. Lai" <sirmoo@cowbert.2y.net> of "Thu, 01 Mar 2001 00:43:37 CDT." <000801c0a212$90619840$1e9e6389@137.99.156.23>
next in thread | previous in thread | raw e-mail | index | archive | help
Ummm, I could be wrong, but most of this seems consistent with what you did... > Now, because i had built world with OpenSSH 2.3.0, i no longer needed the > ssh 1.x port, so i deleted it using pkg_delete -f. The uptime on the box had > been several weeks. Fine. > I reboot the machine to use the new kernel, and 1. sshd is NOT running, > because in rc.conf, sshd_enable is set to OFF for some reason, and 2. when i > try to ssh in from a location on the same subnet, I am told the fingerprint > has changed. sshd_enable is set to OFF because you removed the package, I would assume... > Furthermore, because i deleted the ssh port, /usr/local/etc/rc.d/sshd.sh got > removed, which is expected. No, this is the bit that's wrong. This is the startup script for OpenSSH, and should not have been removed. > I didn't know if "SSHD_ENABLED" was already set to "NO". Since this controls whether sshd 1.x is running, it would have been changed when you removed the package. > could my deleting the port have anything to do with OpenSSH starting? Maybe, but you seem to have misunderstood which settings are for which SSH. > I checked /etc/ssh and all the keys have not been modified with a new > timestamp. That's because they belong to the version 1.x ssh, which you don't run any more. Look in /usr/local/etc for OpenSSH files. > this is puzzling... Not particularly... Tony -- Tony Landells <ahl@austclear.com.au> Senior Network Engineer Ph: +61 3 9677 9319 Australian Clearing Services Pty Ltd Fax: +61 3 9677 9355 Level 4, Rialto North Tower 525 Collins Street Melbourne VIC 3000 Australia To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200103010559.QAA01865>