Date: Thu, 16 May 2002 18:03:31 +0400 From: "Dmitry S. Rzhavin" <dima@rt.ru> To: freebsd-questions@FreeBSD.ORG Subject: SSHD keys Message-ID: <3CE3BC33.17FFA526@rt.ru>
next in thread | raw e-mail | index | archive | help
Hi!
I want to generate 4kbit sshd hostkeys.
I looked into /etc/rc.network and found:
# grep /usr/bin/ssh-keygen /etc/rc.network
/usr/bin/ssh-keygen -N "" -f /etc/ssh/ssh_host_key
/usr/bin/ssh-keygen -d -N "" -f /etc/ssh/ssh_host_dsa_key
Hmm, strange, because:
# man ssh-keygen | grep "\-d"
says "Exit 1"
may be something like
*** rc.network,orig Thu May 16 18:02:59 2002
--- rc.network Thu May 16 18:04:07 2002
***************
*** 802,812 ****
[Yy][Ee][Ss])
if [ ! -f /etc/ssh/ssh_host_key ]; then
echo ' creating ssh RSA host key';
! /usr/bin/ssh-keygen -N "" -f /etc/ssh/ssh_host_key
fi
if [ ! -f /etc/ssh/ssh_host_dsa_key ]; then
echo ' creating ssh DSA host key';
! /usr/bin/ssh-keygen -d -N "" -f /etc/ssh/ssh_host_dsa_key
fi
;;
esac
--- 802,812 ----
[Yy][Ee][Ss])
if [ ! -f /etc/ssh/ssh_host_key ]; then
echo ' creating ssh RSA host key';
! /usr/bin/ssh-keygen -b ${sshd_keylength} -t rsa -N "" -f /etc/ssh/ssh_host_key
fi
if [ ! -f /etc/ssh/ssh_host_dsa_key ]; then
echo ' creating ssh DSA host key';
! /usr/bin/ssh-keygen -b ${sshd_keylength} -t dsa -N "" -f /etc/ssh/ssh_host_key
fi
;;
esac
with
sshd_keylength=1024
in /etc/defaults/rc.conf will be good idea?
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3CE3BC33.17FFA526>