RSA versus DSA / Protocol 1 versus Protocol 2

Bob Proulx bob at proulx.com
Mon Feb 25 08:26:07 EST 2002


> that should work.  sshd -d would be useful.

In that case I must have something really stupid in the sshd_config
file to which I am blind.  But it is almost the stock one distributed
with openssh-3.0.2p1.  Here is what I get.

> [root at jenny openssh]# ./sshd -d -p24
> debug1: sshd version OpenSSH_3.0.2p1
> debug1: private host key: #0 type 0 RSA1
> debug1: read PEM private key done: type RSA
> debug1: private host key: #1 type 1 RSA
> debug1: Bind to port 24 on 0.0.0.0.
> Server listening on 0.0.0.0 port 24.
> Generating 768 bit RSA key.
> RSA key generation complete.

[root at joseki /etc]# sshd -d -f sshd_config.hacked
debug1: Seeding random number generator
debug1: sshd version OpenSSH_3.0.2p1
debug1: private host key: #0 type 0 RSA1
debug1: private host key: #1 type 0 RSA1        <----- Should this be RSA?
Disabling protocol version 2. Could not load host key
socket: Invalid argument
debug1: Bind to port 2022 on 0.0.0.0.
Server listening on 0.0.0.0 port 2022.
Generating 768 bit RSA key.
RSA key generation complete.

Hmm..

  cmp /etc/ssh_host_key /etc/ssh_host_rsa_key
  [no differences]

That must be the source of my problem.  Regenerating the rsa2 key to
see if this solves the problem...

That was it!  Problem solved.  Somewhere along the way I had
(apparently) believed that an rsa host key was an rsa host key and
could be 'cp /etc/ssh_host_key /etc/ssh_host_rsa_key' since I had
obviously done that and they were both rsa1 files.  And with nothing
to ever change that key again that is the way that it was.

Thanks
Bob



More information about the openssh-unix-dev mailing list