Problems building host keys on some SPARCs

Robert Dubinski tech at studsys.mscs.mu.edu
Sat Apr 1 06:45:29 EST 2000 

Hey, I get to answer my own question!  This is for the list archives
should anyone else encounter this problem like I did:

On Thu, Feb 17, 2000 at 11:02:44AM -0600, MSCS Technician wrote:
> I've compiled openssh 1.2.2 on Solaris 7/SPARC.  On most hosts, things
> are fine.  I get EGD going, compile openssh, and I can then generate 
> hostkeys as described in the INSTALL file to get things running.  
> 
> On a few hosts though, the keygen fails like this:
> 
> root at sylow:/source/USR_LOCAL/OFFICIAL/OPENSSH/ssh_client# ssh-keygen -b 1024 -f /etc/ssh/ssh_host_key -N ''
> ksh: ssh-keygen: cannot execute
> 
> or fail like this:
> 
> root at sylow:/source/USR_LOCAL/OFFICIAL/OPENSSH/ssh_client# cat build_host_key
> /usr/local/bin/ssh-keygen -b 1024 -f /etc/ssh/ssh_host_key -N ''
> root at sylow:/source/USR_LOCAL/OFFICIAL/OPENSSH/ssh_client# sh build_host_key
> /usr/local/bin/ssh-keygen: syntax error at line 1: `(' unexpected
> 
> These same invokations work fine on most of our other systems.  
> 
> Info on the system above:
> root at sylow:/source/USR_LOCAL/OFFICIAL/OPENSSH/ssh_client# uname -a
> SunOS sylow 5.7 Generic_106541-07 sun4m sparc SUNW,SPARCstation-20
> 
> The only thing different I can see here is that the working systems
> are Ultra class machines, and the non-working ones are SparcStations.

The problem here was the the SSL library wasn't being found.  Clean compiles
on the affected machine brought this to light.  I added the --with-ssl-dir=PATH
directive to OpenSSH's configure, but that was no good.  I then rebuilt the
OpenSSL lib on one of the affected machines, then rebuilt OpenSSH and all is 
now well.

Also for Solaris, I too can verify the /dev/random from the SUNWski package
works great, and is much faster than using the EGD entropy pool was.


-Robb



- Robert S. Dubinski, Comp. Systems Tech for MSCS Dept, Marquette University -
-  Email me: tech at mscs.mu.edu  Home page at: http://www.mscs.mu.edu/~tech    -
-  I can use GPG-encrypted email.  My 1024-bit public key is at my website   -
-  GPG Key fingerprint = 6612 1A01 7A93 D79B 4C89  336E 592B DB76 61FB C156  -

More information about the openssh-unix-dev mailing list