Date: Thu, 22 Jun 2000 07:42:46 -0400 (EDT) From: "Chris D. Faulhaber" <jedgar@fxp.org> To: Mike Pritchard <mpp@mppsystems.com> Cc: David Malone <dwmalone@maths.tcd.ie>, freebsd-bugs@FreeBSD.ORG Subject: Re: conf/19431: rc.network wants to generate unsupported DSA key for SSH Message-ID: <Pine.BSF.4.21.0006220741270.7508-100000@earth.causticlabs.com> In-Reply-To: <20000622015848.B11875@mppsystems.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 22 Jun 2000, Mike Pritchard wrote:
> On Wed, Jun 21, 2000 at 11:00:04PM -0700, David Malone wrote:
> > On Thu, Jun 22, 2000 at 02:24:33PM +1000, Gregory Bond wrote:
> >
> > > I don't know whether this is a simple bug in rc.network (in which case
> > > the fix is simple), or if DSA is supported in the US version but not the
> > > international version (which seems more likely). In the latter case,
> > > rc.network needs to be more careful about what it attempts to do.
> > > Should it grep USA_RESIDENT out of make.conf? This is ugly, but I can't
> > > think of anything less ugly!
> >
> > I'm building from international crypto sources here, cvsuped indirectly
> > from cvsup.uk.FreeBSD.org and it built a DSA key fine. "ssh-keygen -d"
> > still seems to work too. Are you sure you have recent crypto sources?
>
> I noticed a problem after upgrading a 4.0-something machine to 5.0-current.
> I started getting errors starting sshd, complaining about the DSA host
> key not being present. I suspect that since I already had a ssh_host_key
> present, it didn't try to generate the DSA key.
>
Nope, the DSA host key is checked/created separately from the RSA host key
(all wrapped around a 'case ${sshd_enable}')...see /etc/rc.network.
-----
Chris D. Faulhaber - jedgar@fxp.org - jedgar@FreeBSD.org
--------------------------------------------------------
FreeBSD: The Power To Serve - http://www.FreeBSD.org
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0006220741270.7508-100000>