unexpected behaviour in OpenSSH_3.7.1

Siegmar Gross Siegmar.Gross at informatik.fh-fulda.de
Tue Oct 7 03:24:42 EST 2003


Hi,

we have installed OpenSSH_3.7.1 in /usr/local. In our environment all
machines mount /usr/local via NFS and automounter from a server. Because
every machine should use its own keys (otherwise we had to export the
directory with root priviledges so that every machine could read the
private keys from /usr/local/etc/ssh), we created the keys in /etc/ssh
and modified the configuration files appropriately. We wanted to use
hostbased authentication.


tyr fd1026 62 ssh -v
OpenSSH_3.7.1p1, SSH protocols 1.5/2.0, OpenSSL 0.9.7c 30 Sep 2003

tyr fd1026 63 ps -aef | grep ssh
    root  4924     1  0 17:53:10 ?        0:00 /usr/local/sbin/sshd -f 
/usr/local/etc/ssh/sshd_config -p 22
    

tyr fd1026 64 alias ssh
ssh -q -F /usr/local/etc/ssh/ssh_config


tyr fd1026 65 cd /usr/local/etc/ssh
tyr ssh 66 grep ssh_host *config
sshd_config:HostKey /etc/ssh/ssh_host_key
sshd_config:HostKey /etc/ssh/ssh_host_rsa_key
sshd_config:HostKey /etc/ssh/ssh_host_dsa_key

tyr ssh 67 grep ssh_known *config
ssh_config:GlobalKnownHostsFile2 /usr/local/etc/ssh/ssh_known_hosts2
sshd_config:#   /usr/local/etc/ssh/ssh_known_hosts


Now we created ~/.shosts and tried a connection. Unfortunately we always
had to present a password. Debugging ssh and sshd didn't solve the problem.
At least we tried to insert some links into /usr/local/etc/ssh

ssh_host_dsa_key -> /etc/ssh/ssh_host_dsa_key
ssh_host_dsa_key.pub -> /etc/ssh/ssh_host_dsa_key.pub
ssh_host_key -> /etc/ssh/ssh_host_key
ssh_host_key.pub -> /etc/ssh/ssh_host_key.pub
ssh_host_rsa_key -> /etc/ssh/ssh_host_rsa_key
ssh_host_rsa_key.pub -> /etc/ssh/ssh_host_rsa_key.pub

With these links OpenSSH behaves as expected. We don't understand why these
links are necessary. Doesn't OpenSSH interpret the configuration files as
expected or have we made a mistake? Please let me know if you are interested
in the configuration files or any other information. I would be grateful if
somebody can give us a hint which solves our confusion.


Kind regards

Siegmar


##############################################################################
#                                                                            #
# Fachhochschule Fulda         University of Applied Sciences                #
# FB Angewandte Informatik     Department of Applied Computer Sciences       #
#                                                                            #
# Prof. Dr. Siegmar Gross      Tel.: +49 (661) 9640 - 333                    #
#                              Fax:  +49 (661) 9640 - 349                    #
# Marquardstr. 35              WWW:  http://www.fh-fulda.de/~gross           #
#                              E-Mail: siegmar.gross at informatik.fh-fulda.de  #
# D-36039 Fulda                        sgross at acm.org                        #
#                                                                            #
##############################################################################




More information about the openssh-unix-dev mailing list