Problem with sshd host key checking, for my own build with custom prefix

Jesse Armand mnemonic.fx at gmail.com
Wed Oct 8 12:30:56 EST 2008 

Hello openssh developers,

I was builiding openssh-4.7p, and it builds successfully with my own
prefix (--prefix=/path/to/sshd).
The problem is when I execute sshd, it warns about permission being too open:

hostname:/path root# /path/to/sshd -t -f /path/to/sshd_config
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0534 for '(null)' are too open.
It is recommended that your private key files are NOT accessible by others.
This private key will be ignored.
bad permissions: ignore key: /path/to/ssh_host_key
Could not load host key: /path/to/ssh_host_key
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0536 for '(null)' are too open.
It is recommended that your private key files are NOT accessible by others.
This private key will be ignored.
bad permissions: ignore key: /path/to/ssh_host_rsa_key
Could not load host key: /path/to/ssh_host_rsa_key
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@         WARNING: UNPROTECTED PRIVATE KEY FILE!          @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0532 for '(null)' are too open.
It is recommended that your private key files are NOT accessible by others.
This private key will be ignored.
bad permissions: ignore key: /path/to/ssh_host_dsa_key
Could not load host key: /path/to/ssh_host_dsa_key
Disabling protocol version 1. Could not load host key
sshd: no hostkeys available -- exiting.

This is the host keys file permissions:
-rw------- 1 root wheel  672 Oct  7 10:11 ssh_host_dsa_key
-rw-r--r-- 1 root wheel  609 Oct  7 10:11 ssh_host_dsa_key.pub
-rw------- 1 root wheel  982 Oct  7 10:11 ssh_host_key
-rw-r--r-- 1 root wheel  646 Oct  7 10:11 ssh_host_key.pub
-rw------- 1 root wheel 1675 Oct  7 10:11 ssh_host_rsa_key
-rw-r--r-- 1 root wheel  401 Oct  7 10:11 ssh_host_rsa_key.pub

Does anybody knows what went wrong?

Other than that why does the sshd checks for host keys in
/path/to/ssh, instead of /path/to/ssh/etc, which is the give
sysconfdir ?
So I have to manually copy everything to the parent directory.


Jesse Armand
----------------------------------------
(http://jessearm.blogspot.com)

More information about the openssh-unix-dev mailing list