Issues on sshd host keys
Jesse Armand
mnemonic.fx at gmail.com
Thu Oct 9 20:01:14 EST 2008
Hello openssh-unix-dev list members,
This is related to my previous post, but I need to ask specific questions.
I'm building openssh with iPhone Toolchain
(http://wikee.iphwn.org/howto:toolchain_on_leopard_aspen) for iPhone
2.1 firmware.
This is not an iPhone mailing list, but probably anyone with deep
knowledge of openssh could give a hint.
So this is what I do:
1. I patch the files using Saurik's patches from
http://svn.telesphoreo.org/trunk/data/openssh
1. I added the appropriate CFLAGS and LDFLAGS for arm-apple-darwin.
2. I changed the path on configure.ac to point to my own build of
libcrypto.a (using http://svn.telesphoreo.org/trunk/data/openssl, with
the same methods).
3. I did autoconf
4. configure --prefix=/path/to/ssh --host=arm-apple-darwin
5. make
6. Since there are some things that have to be done on iPhone in the
makefile script, I did make install on iPhone.
7. when it got to the point of:
root# /path/to/ssh/sshd -t -f /path/to/ssh/etc/sshd_config
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: UNPROTECTED PRIVATE KEY FILE! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0140 for '(null)' are too open.
It is recommended that your private key files are NOT accessible by others.
This private key will be ignored.
bad permissions: ignore key: /path/to/ssh/etc/ssh_host_rsa_key
Could not load host key: /path/to/ssh/etc/ssh_host_rsa_key
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@ WARNING: UNPROTECTED PRIVATE KEY FILE! @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
Permissions 0136 for '(null)' are too open.
It is recommended that your private key files are NOT accessible by others.
This private key will be ignored.
bad permissions: ignore key: /path/to/ssh/etc/ssh_host_dsa_key
Could not load host key: /path/to/ssh/etc/ssh_host_dsa_key
Disabling protocol version 2. Could not load host key
sshd: no hostkeys available -- exiting.
I'm confused as to why it's pointing to a NULL file ?
Jesse Armand
----------------------------------------
(http://jessearm.blogspot.com)
More information about the openssh-unix-dev
mailing list