This is the mail archive of the cygwin mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: "Could not load host key: /etc/ssh_host_ecdsa_key"


Corinna Vinschen wrote at about 11:09:57 +0100 on Sunday, February 6, 2011:
 > On Feb  5 22:02, Jeffrey J. Kosowsky wrote:
 > > Jeffrey J. Kosowsky wrote at about 21:54:13 -0500 on Saturday, February 5, 2011:
 > >  > Just loaded a fresh version of Cygwin-1.7 on a new machine and ran
 > >  > ssh-host-config without any problems.
 > >  > 
 > >  > However it keeps failing to start up.
 > >  > The log shows:
 > >  > 	Could not load host key: /etc/ssh_host_ecdsa_key
 > >  > 
 > >  > The config file /etc/sshd_config has the lines:
 > >  > 	#HostKey /etc/ssh_host_dsa_key
 > >  > 	#HostKey /etc/ssh_host_ecdsa_key
 > >  > 
 > >  > This seems quite wrong - both to have the repeated lines and to have
 > >  > the name 'ecdsa' rather than just straight 'dsa'
 > 
 > Do you read the announcements?  Since 5.7, openssh supports ECDSA keys
 > per RFC5656.  Those are stored in the key file using the above name.

Unfortunately, I don't have the luxury of reading the announcements on
all pieces of software loaded on all my computers.. :)

 > > However, I still am curious to the naming and repetition of the
 > > HostKey and it still does generate errors in the log...
 > 
 > sshd tries to load this key by default, but it's missing in your setup,
 > that's why you get a warning from sshd.
 > 
 > Re-run the latest ssh-host-config script from the openssh-5.8p1
 > package.  You'll see a line like
 > 
 >   *** Info: Generating /etc/ssh_host_ecdsa_key
 > 
I ran it on 3 new, fresh, blank installs and in all cases it only
generated the usual 3-key pairs:
		ssh_host_key
		ssh_host_rsa_key
		ssh_host_dsa_key

So perhaps the problem is that ssh-host-config is not generating the
new key.
By the way, I was using 5.7p1-1 which was up to date as of late last
week.

 > Afterwards, just answer "no" to all questions.  Alternatively, you can
 > create the key manually:
 > 
 >   ssh-keygen -t ecdsa -f /etc/ssh_host_ecdsa_key -N ''
 > 
 > In both cases, make sure the files belong to the user running the sshd
 > service:
 > 
 >   chown cygserver /etc/ssh_host_ecdsa_key*
 > 
 > 
 > Corinna
 > 
 > -- 
 > Corinna Vinschen                  Please, send mails regarding Cygwin to
 > Cygwin Project Co-Leader          cygwin AT cygwin DOT com
 > Red Hat
 > 
 > --
 > Problem reports:       http://cygwin.com/problems.html
 > FAQ:                   http://cygwin.com/faq/
 > Documentation:         http://cygwin.com/docs.html
 > Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]