OpenSSH RSA-DSA file reading problem

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
Hello All,
      I am quite new to ssh so please fogive me for these basic

      I downloaded and compiled OpenSSH files and trying to test it
now. After doing a "make install", I find a few ssh_xxxx files are
copied to my /usr/local/etc folder. This includes the ssh_config file,
dsa and rsa key files. There were NO errors while compiling or
installing. I am testing on a Solaris machine.

      Now, when I run "ssh -d -d -d", it prints the following error.
"Not a RSA1 key file /usr/local/etc/ssh_host_key_rsa". The same
message for DSA too. Then it generates a new key every time.

      I looked in to the code (authfile.c) and it looks like after
opening DSA and RSA key files, it tries to compire the first line of
the file with "SSH PRIVATE KEY FILE FORMAT 1.1" string. This is true
for "ssh_host_keys" file. But in ssh_host_key_rsa and ssh_host_key_dsa
files the first line is "-----BEGIN RSA PRIVATE FILE-----" and
"-----BEGING DSA PRIVATE FILE-----" respectively.

       So, why does it still trying to compire with "SSH PRIVATE KEY
FILE FORMAT 1.1" string ?? What do I miss here ??

Please shed some light.


Re: OpenSSH RSA-DSA file reading problem

Quoted text here. Click to load it

That's a harmless warning.  The code first attempts to load the key
as SSH v1, if it can't you get that warning, then it tries as SSH v2.
The message is a legacy of OpenSSH's history as an SSH1-only
implementation (and, strictly, it's correct since the file isn't a
SSH v1 RSA key).

Quoted text here. Click to load it

That's messages like these?
Generating 768 bit RSA key.
RSA key generation complete.

That's not a host key, that's an "ephemeral server key" and it's
perfectly normal.  The SSH v1 protocol requires it, and it's generated
anew every time the server is started (and periodically, by default
every hour).  Ignore the message (or disable SSH v1, then you won't
see it).

Darren Tucker (dtucker at
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
    Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.

Re: OpenSSH RSA-DSA file reading problem (Brown Dwarf) wrote in message
Quoted text here. Click to load it

Thank you Darren, that was helpful.

Site Timeline