potential sshd gotcha
Konstantin Svist
fry.kun at gmail.com
Tue Jan 22 22:43:12 UTC 2013
On 01/22/2013 02:11 PM, Tom Horsley wrote:
> I spent hours at work today getting sshd to function on
> my desktop which I just switched to booting from the
> fedora 18 partition. I finally discovered this:
>
> [root at zooty ~]# ls -l /etc/ssh
> total 276
> -rw------- 1 root root 245058 Dec 3 11:43 moduli
> -rw-r--r-- 1 root root 2104 Dec 3 11:43 ssh_config
> -r--------. 1 root ssh_keys 668 Dec 5 20:35 ssh_host_dsa_key
> -rw-r--r--. 1 root root 590 Dec 5 20:35 ssh_host_dsa_key.pub
> -r--------. 1 root ssh_keys 963 Dec 5 20:35 ssh_host_key
> -rw-r--r--. 1 root root 627 Dec 5 20:35 ssh_host_key.pub
> -r--------. 1 root ssh_keys 1675 Dec 5 20:35 ssh_host_rsa_key
> -rw-r--r--. 1 root root 382 Dec 5 20:35 ssh_host_rsa_key.pub
> -rw------- 1 root root 4615 Dec 26 14:47 sshd_config
>
> The private key files now want to be group "ssh_keys".
>
> If, like me, you've been copying your /etc/ssh host key files
> from release to release in order to preserve your machine's
> ssh identity, then you may not have the group correct after
> the copy (depending on if you overwrite or replace).
>
> Without the correct group on the hostkey files, every attempt
> at an ssh connection of any kind results in a "connection
> closed" error and much confusion :-).
Thanks, very useful info!
More information about the users
mailing list