potential sshd gotcha
Tom Horsley
horsley1953 at gmail.com
Tue Jan 22 22:11:30 UTC 2013
I spent hours at work today getting sshd to function on
my desktop which I just switched to booting from the
fedora 18 partition. I finally discovered this:
[root at zooty ~]# ls -l /etc/ssh
total 276
-rw------- 1 root root 245058 Dec 3 11:43 moduli
-rw-r--r-- 1 root root 2104 Dec 3 11:43 ssh_config
-r--------. 1 root ssh_keys 668 Dec 5 20:35 ssh_host_dsa_key
-rw-r--r--. 1 root root 590 Dec 5 20:35 ssh_host_dsa_key.pub
-r--------. 1 root ssh_keys 963 Dec 5 20:35 ssh_host_key
-rw-r--r--. 1 root root 627 Dec 5 20:35 ssh_host_key.pub
-r--------. 1 root ssh_keys 1675 Dec 5 20:35 ssh_host_rsa_key
-rw-r--r--. 1 root root 382 Dec 5 20:35 ssh_host_rsa_key.pub
-rw------- 1 root root 4615 Dec 26 14:47 sshd_config
The private key files now want to be group "ssh_keys".
If, like me, you've been copying your /etc/ssh host key files
from release to release in order to preserve your machine's
ssh identity, then you may not have the group correct after
the copy (depending on if you overwrite or replace).
Without the correct group on the hostkey files, every attempt
at an ssh connection of any kind results in a "connection
closed" error and much confusion :-).
More information about the users
mailing list