Site Navigation

Date:      Thu, 17 Jan 2002 20:30:02 -0800 (PST)
From:      Mike Makonnen <mike_makonnen@yahoo.com>
To:        freebsd-bugs@FreeBSD.org
Subject:   Re: misc/34003: Hardcoded path for ssh-keygen in /etc/rc.network
Message-ID:  <200201180430.g0I4U2175589@freefall.freebsd.org>

---

next in thread | raw e-mail | index | archive | help

---

The following reply was made to PR misc/34003; it has been noted by GNATS.

From: Mike Makonnen <mike_makonnen@yahoo.com>
To: "David P. Discher" <dpd@dpdtech.com>
Cc: freebsd-gnats-submit@freebsd.org
Subject: Re: misc/34003: Hardcoded path for ssh-keygen in /etc/rc.network
Date: Thu, 17 Jan 2002 20:27:55 -0800

 On Thu, 17 Jan 2002 11:37:44 -0800 (PST)
 "David P. Discher" <dpd@dpdtech.com> wrote:
 
 > >Environment:
 > FreeBSD seven.dpdtech.com 4.4-RELEASE FreeBSD 4.4-RELEASE #0: Thu Jan
 17 12:23:54 CST 2002    
 root@seven.dpdtech.com:/build/src/sys/compile/borg_fbsd44_20020117a 
 i386
 > 
 > >Description:
 > I found this awhile back, in the /etc/rc.network file, the path to
 ssh-keygen is hardcoded to /usr/bin/ssh-keygen.  The causes problems
 when trying to upgrade to new versions of OpenSSH from the ports
 collections.   This seems to be a slight oversight.
 > 
 snip..
 > 2.  Change the rc.conf  $sshd_program, to $sshd_prefix.  Then change
 /etc/rc and rc.network to use $sshd_prefix/sbin/sshd and
 $sshd_path/bin/ssh-keygen  or simliar.    
 
 I think the best way to handle this is with a separate
 $ssh_keygen_program line. If you're going to do it, might as well go all
 the way. Since you are using 4.4 Release I have included a diff against
 that release, and in case someone thinks this is worthy of commiting,
 I've also included a patch against -current (the delta between -4.x and
 -current is too big for only one set of diffs).
 
 David, please note that you will have to overide the value of
 ssh_keygen_program in your local /etc/rc.conf.
 
 
 cheers,
 mike makonnen
 
 4.4-RELEASE:
 Index: etc/rc.network
 ===================================================================
 RCS file: /home/ncvs/src/etc/rc.network,v
 retrieving revision 1.74.2.23
 diff -u -r1.74.2.23 rc.network
 --- etc/rc.network	17 Aug 2001 07:26:38 -0000	1.74.2.23
 +++ etc/rc.network	18 Jan 2002 03:54:49 -0000
 @@ -744,11 +744,13 @@
  	[Yy][Ee][Ss])
  		if [ ! -f /etc/ssh/ssh_host_key ]; then
  			echo ' creating ssh RSA host key';
 -			/usr/bin/ssh-keygen -N "" -f /etc/ssh/ssh_host_key
 +			${ssh_keygen_program:-/usr/bin/ssh-keygen} -N "" \
 +						-f /etc/ssh/ssh_host_key
  		fi
  		if [ ! -f /etc/ssh/ssh_host_dsa_key ]; then
  			echo ' creating ssh DSA host key';
 -			/usr/bin/ssh-keygen -d -N "" -f /etc/ssh/ssh_host_dsa_key
 +			${ssh_keygen_program:-/usr/bin/ssh-keygen} -d -N "" \
 +						-f /etc/ssh/ssh_host_dsa_key
  		fi
  		;;
  	esac
 Index: etc/defaults/rc.conf
 ===================================================================
 RCS file: /home/ncvs/src/etc/defaults/rc.conf,v
 retrieving revision 1.53.2.39.2.1
 diff -u -r1.53.2.39.2.1 rc.conf
 --- etc/defaults/rc.conf	14 Sep 2001 17:32:25 -0000	1.53.2.39.2.1
 +++ etc/defaults/rc.conf	18 Jan 2002 03:53:09 -0000
 @@ -165,6 +165,7 @@
  sshd_enable="NO"                # Enable sshd
  sshd_program="/usr/sbin/sshd"	# path to sshd, if you want a different
 one.
  sshd_flags=""                   # Additional flags for sshd.
 +ssh_keygen_program="/usr/bin/ssh-keygen"	# path to ssh-keygen
  
  ### Network Time Services options: ###
  timed_enable="NO"		# Run the time daemon (or NO).
 
 
 CURRENT:
 Index: rc.network
 ===================================================================
 RCS file: /home/ncvs/src/etc/rc.network,v
 retrieving revision 1.119
 diff -u -r1.119 rc.network
 --- rc.network	13 Dec 2001 04:21:18 -0000	1.119
 +++ rc.network	18 Jan 2002 03:24:28 -0000
 @@ -829,11 +829,13 @@
  	[Yy][Ee][Ss])
  		if [ ! -f /etc/ssh/ssh_host_key ]; then
  			echo ' creating ssh RSA host key';
 -			/usr/bin/ssh-keygen -N "" -f /etc/ssh/ssh_host_key
 +			${ssh_keygen_program:-/usr/bin/ssh-keygen} -N "" \
 +						-f /etc/ssh/ssh_host_key
  		fi
  		if [ ! -f /etc/ssh/ssh_host_dsa_key ]; then
  			echo ' creating ssh DSA host key';
 -			/usr/bin/ssh-keygen -d -N "" -f /etc/ssh/ssh_host_dsa_key
 +			${ssh_keygen_program:-/usr/bin/ssh-keygen} -d -N "" \
 +						-f /etc/ssh/ssh_host_dsa_key
  		fi
  		;;
  	esac
 Index: defaults/rc.conf
 ===================================================================
 RCS file: /home/ncvs/src/etc/defaults/rc.conf,v
 retrieving revision 1.136
 diff -u -r1.136 rc.conf
 --- defaults/rc.conf	29 Dec 2001 19:42:54 -0000	1.136
 +++ defaults/rc.conf	18 Jan 2002 03:11:09 -0000
 @@ -155,6 +155,7 @@
  sshd_enable="NO"		# Enable sshd
  sshd_program="/usr/sbin/sshd"	# path to sshd, if you want a different
 one.
  sshd_flags=""			# Additional flags for sshd.
 +ssh_keygen_program="/usr/bin/ssh-keygen"	# path to ssh-keygen
  
  ### Network daemon (NFS) Need all portmap_enable="YES" ###
  amd_enable="NO"			# Run amd service with $amd_flags (or NO).

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200201180430.g0I4U2175589>

Legal Notices | © 1995-2024 The FreeBSD Project. All rights reserved.

Contact