openssh reading only SOME ssh1 hostkeys from ssh

Ben Lindstrom mouring at
Sat Jun 7 16:39:57 EST 2003

On Sat, 7 Jun 2003, Darren Tucker wrote:

> Phil Dibowitz wrote:
> > However, on a few hosts, openssh has been unable to read the old rsa1
> > key and has claimed:
> >
> >    debug1: Unsupported cipher 1 used in key file /etc/ssh/ssh_host_key.
> >    Could not load host key: /etc/ssh/ssh_host_key
> >
> > Does anyone know why it is that openssh has this problem only sometimes,
> > and if there is a way to fix it?
> I think that's because those keys are encrypted with IDEA, which OpenSSH
> does not support for patent reasons.  You can use ssh-keygen *from
> commercial ssh* to convert the keys.

That would be my first reaction also, but why would someone put a
passphrase on the ssh_host_key?  That does not seem to be a useful
thing to do.

It would be useful to see the key in question (even if I know it may not
be pratical) so we don't have to guess why.

But I agree with Mr Tucker.  You may want to see if you can strip
any passphrases from the keys in question.

- Ben

More information about the openssh-unix-dev mailing list