openssh reading only SOME ssh1 hostkeys from ssh.com ssh
Ben Lindstrom
mouring at etoh.eviladmin.org
Sat Jun 7 16:39:57 EST 2003
On Sat, 7 Jun 2003, Darren Tucker wrote:
> Phil Dibowitz wrote:
> > However, on a few hosts, openssh has been unable to read the old rsa1
> > key and has claimed:
> >
> > debug1: Unsupported cipher 1 used in key file /etc/ssh/ssh_host_key.
> > Could not load host key: /etc/ssh/ssh_host_key
> >
> > Does anyone know why it is that openssh has this problem only sometimes,
> > and if there is a way to fix it?
>
> I think that's because those keys are encrypted with IDEA, which OpenSSH
> does not support for patent reasons. You can use ssh-keygen *from
> commercial ssh* to convert the keys.
>
That would be my first reaction also, but why would someone put a
passphrase on the ssh_host_key? That does not seem to be a useful
thing to do.
It would be useful to see the key in question (even if I know it may not
be pratical) so we don't have to guess why.
But I agree with Mr Tucker. You may want to see if you can strip
any passphrases from the keys in question.
- Ben
More information about the openssh-unix-dev
mailing list