Date: Sun, 19 Jul 1998 16:10:01 -0700 (PDT) From: Matthew Hunt <mph@pobox.com> To: freebsd-ports@FreeBSD.ORG Subject: Re: ports/7323: "make install" of ssh blows away host key pair Message-ID: <199807192310.QAA10280@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR ports/7323; it has been noted by GNATS. From: Matthew Hunt <mph@pobox.com> To: brian@hyperreal.org, freebsd-gnats-submit@FreeBSD.ORG Cc: Subject: Re: ports/7323: "make install" of ssh blows away host key pair Date: Sun, 19 Jul 1998 19:08:55 -0400 On Sun, Jul 19, 1998 at 02:34:15PM -0700, brian@hyperreal.org wrote: > >Description: > When conducting a /usr/ports based install of ssh, a "make install" > obliterates any preexisting host keys. A "make install" should instead > look for any pre-existing keys and use them, or at least prompt to ask > if the user wishes to make new keys. Are you certain? I frequently install from /usr/ports/security/ssh (basically, each time there's a new version) and while it might have killed the host key in ages past, that hasn't happened to me in a very long time. Observe the following post-install bit: post-install: @if [ ! -f ${PREFIX}/etc/ssh_host_key ]; then \ echo "Generating a secret host key..."; \ ${PREFIX}/bin/ssh-keygen -f ${PREFIX}/etc/ssh_host_key -N ""; \ fi That is, it generates a new host key only if there isn't one already there. Also, etc/ssh_host_key does not appear in pkg/PLIST, meaning that the host key should stick around even if you pkg_delete the ssh package that you have installed. -- Matthew Hunt <mph@pobox.com> * Stay close to the Vorlon. http://www.pobox.com/~mph/pgp.key for PGP public key 0x67203349. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199807192310.QAA10280>