Do you have a question? Post it now! No Registration Necessary. Now with pictures!
- Posted on
- OpenSSH RSA-DSA file reading problem
- Brown Dwarf
September 19, 2003, 6:13 pm
rate this thread
I am quite new to ssh so please fogive me for these basic
I downloaded and compiled OpenSSH files and trying to test it
now. After doing a "make install", I find a few ssh_xxxx files are
copied to my /usr/local/etc folder. This includes the ssh_config file,
dsa and rsa key files. There were NO errors while compiling or
installing. I am testing on a Solaris machine.
Now, when I run "ssh -d -d -d", it prints the following error.
"Not a RSA1 key file /usr/local/etc/ssh_host_key_rsa". The same
message for DSA too. Then it generates a new key every time.
I looked in to the code (authfile.c) and it looks like after
opening DSA and RSA key files, it tries to compire the first line of
the file with "SSH PRIVATE KEY FILE FORMAT 1.1" string. This is true
for "ssh_host_keys" file. But in ssh_host_key_rsa and ssh_host_key_dsa
files the first line is "-----BEGIN RSA PRIVATE FILE-----" and
"-----BEGING DSA PRIVATE FILE-----" respectively.
So, why does it still trying to compire with "SSH PRIVATE KEY
FILE FORMAT 1.1" string ?? What do I miss here ??
Please shed some light.
Re: OpenSSH RSA-DSA file reading problem
That's a harmless warning. The code first attempts to load the key
as SSH v1, if it can't you get that warning, then it tries as SSH v2.
The message is a legacy of OpenSSH's history as an SSH1-only
implementation (and, strictly, it's correct since the file isn't a
SSH v1 RSA key).
That's messages like these?
Generating 768 bit RSA key.
RSA key generation complete.
That's not a host key, that's an "ephemeral server key" and it's
perfectly normal. The SSH v1 protocol requires it, and it's generated
anew every time the server is started (and periodically, by default
every hour). Ignore the message (or disable SSH v1, then you won't
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
- » X11 connections via SSH; password messages not seen
- — Next thread in » Secure Shell Forum
- » What's fd 8? Why extra "read(8, 0xFFBEEA17, 1) (sleeping...)"
- — Previous thread in » Secure Shell Forum
- » ssh on command line: force using a group size (prime size) of 1024 (and no...
- — Newest thread in » Secure Shell Forum