unexpected behaviour in OpenSSH_3.7.1

Wendy Palm wendyp at cray.com
Tue Oct 7 03:39:45 EST 2003


we tried using links to the keys as well and it failed.
i didn't get into the code to see why, i just know that
when we took out the links and copied the files instead,
it worked fine for our particular configuration.
take that part out of the equation and see where you
are then.

Siegmar Gross wrote:

> Hi,
> 
> we have installed OpenSSH_3.7.1 in /usr/local. In our environment all
> machines mount /usr/local via NFS and automounter from a server. Because
> every machine should use its own keys (otherwise we had to export the
> directory with root priviledges so that every machine could read the
> private keys from /usr/local/etc/ssh), we created the keys in /etc/ssh
> and modified the configuration files appropriately. We wanted to use
> hostbased authentication.
> 
> 
> tyr fd1026 62 ssh -v
> OpenSSH_3.7.1p1, SSH protocols 1.5/2.0, OpenSSL 0.9.7c 30 Sep 2003
> 
> tyr fd1026 63 ps -aef | grep ssh
>     root  4924     1  0 17:53:10 ?        0:00 /usr/local/sbin/sshd -f 
> /usr/local/etc/ssh/sshd_config -p 22
>     
> 
> tyr fd1026 64 alias ssh
> ssh -q -F /usr/local/etc/ssh/ssh_config
> 
> 
> tyr fd1026 65 cd /usr/local/etc/ssh
> tyr ssh 66 grep ssh_host *config
> sshd_config:HostKey /etc/ssh/ssh_host_key
> sshd_config:HostKey /etc/ssh/ssh_host_rsa_key
> sshd_config:HostKey /etc/ssh/ssh_host_dsa_key
> 
> tyr ssh 67 grep ssh_known *config
> ssh_config:GlobalKnownHostsFile2 /usr/local/etc/ssh/ssh_known_hosts2
> sshd_config:#   /usr/local/etc/ssh/ssh_known_hosts
> 
> 
> Now we created ~/.shosts and tried a connection. Unfortunately we always
> had to present a password. Debugging ssh and sshd didn't solve the problem.
> At least we tried to insert some links into /usr/local/etc/ssh
> 
> ssh_host_dsa_key -> /etc/ssh/ssh_host_dsa_key
> ssh_host_dsa_key.pub -> /etc/ssh/ssh_host_dsa_key.pub
> ssh_host_key -> /etc/ssh/ssh_host_key
> ssh_host_key.pub -> /etc/ssh/ssh_host_key.pub
> ssh_host_rsa_key -> /etc/ssh/ssh_host_rsa_key
> ssh_host_rsa_key.pub -> /etc/ssh/ssh_host_rsa_key.pub
> 
> With these links OpenSSH behaves as expected. We don't understand why these
> links are necessary. Doesn't OpenSSH interpret the configuration files as
> expected or have we made a mistake? Please let me know if you are interested
> in the configuration files or any other information. I would be grateful if
> somebody can give us a hint which solves our confusion.
> 
> 
> Kind regards
> 
> Siegmar
> 
> 
> ##############################################################################
> #                                                                            #
> # Fachhochschule Fulda         University of Applied Sciences                #
> # FB Angewandte Informatik     Department of Applied Computer Sciences       #
> #                                                                            #
> # Prof. Dr. Siegmar Gross      Tel.: +49 (661) 9640 - 333                    #
> #                              Fax:  +49 (661) 9640 - 349                    #
> # Marquardstr. 35              WWW:  http://www.fh-fulda.de/~gross           #
> #                              E-Mail: siegmar.gross at informatik.fh-fulda.de  #
> # D-36039 Fulda                        sgross at acm.org                        #
> #                                                                            #
> ##############################################################################
> 
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> http://www.mindrot.org/mailman/listinfo/openssh-unix-dev
> 


-- 
wendy palm
Cray Open Software Development, Cray Inc.
wendyp at cray.com, 651-605-9154




More information about the openssh-unix-dev mailing list