question about sshd_config

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

I am still a bit of a newb when it comes to sshd security, but I am
attempting to set up a public-key based sshd server for my internal
server network.
The config is as follows:
Port 22
Protocol 2
HostKey /root/CA/sshd_rsa.key
SyslogFacility AUTHPRIV
LogLevel INFO
LoginGraceTime 40s
PermitRootLogin yes
StrictModes no
MaxAuthTries 4
PubkeyAuthentication yes
AuthorizedKeysFile /etc/ssh/int_auth_keys
PasswordAuthentication no
ChallengeResponseAuthentication no
GSSAPIAuthentication yes
GSSAPICleanupCredentials yes
UsePAM yes
AllowTCPForwarding yes
X11Forwarding yes
X11DisplayOffset 10
X11UseLocalhost yes
PrintMotd yes
PrintLastLog yes
TCPKeepAlive yes
UsePrivilegeSeparation yes
Compression delayed
ClientAliveInterval 0
ClientAliveCountMax 5
PermitTunnel yes
Banner /etc/ssh/banner
Subsystem sftp   /usr/libexec/openssh/sftp-server
Most of it comes from the stock FC5 sshd_config.  When I try to start
the server it whines about not being able to load /root/CA/sshd_rsa.key
 even though the file exists and is a RSA PRIVATE KEY.
Did I use the wrong command to generate it? ( it was `openssl genrsa
-out <file> 2048` IIRC)
Are there any special tools for generating this key that I could use?

Site Timeline