Issues on sshd host keys

Jesse Armand mnemonic.fx at
Fri Oct 10 20:18:20 EST 2008

> The filename is set prior to being passed to key_load_private(), or You
> would not get the following error message:
> Permissions 0140 for '(null)' are too open.
> It is recommended that your private key files are NOT accessible by others.
> This private key will be ignored.
> bad permissions: ignore key: /path/to/ssh/etc/ssh_host_rsa_key

What do you mean, by the "filename is set" ?

I didn't set any permissions on the files, if there's something to be
set before that, it must be something that was done by the standard

> Is it possible that You tried to compile ssh, applied the patch and then
> tried to recompile ssh without doing a make distclean?

Not exactly, I applied the patch, reautoconf, configure, and make,
everytime I tried to reautoconf / configure, I did make clean, though
not make distclean.

Even though, if I patch the function, by making it to consider the
keys don't have bad permissions, the sshd is still not runnable.

This could be a platform difference or specific situation that only
happens on certain platforms, in this case is arm-apple-darwin, am I
right ?
Though I'm not sure what may cause that, in openssh code.

Or a problem with my built of openssl with libcrypto ?

More information about the openssh-unix-dev mailing list