X-Recipient:	archive-cygwin AT delorie DOT com
X-SWARE-Spam-Status:	No, hits=3.1 required=5.0 tests=BAYES_00,BOTNET,RCVD_IN_DNSWL_NONE
X-Spam-Check-By:	sourceware.org
From:	"Jeffrey J. Kosowsky" <cygwin AT kosowsky DOT org>
MIME-version:	1.0
Message-id:	<19790.46345.325392.221706@consult.pretender>
Date:	Sun, 06 Feb 2011 09:49:45 -0500
To:	cygwin AT cygwin DOT com
Subject:	Re: "Could not load host key: /etc/ssh_host_ecdsa_key"
In-reply-to:	<20110206100957.GB29603@calimero.vinschen.de>
References:	<19790 DOT 3413 DOT 953737 DOT 283323 AT consult DOT pretender> <19790 DOT 3933 DOT 747842 DOT 759650 AT consult DOT pretender> <20110206100957 DOT GB29603 AT calimero DOT vinschen DOT de>
X-IsSubscribed:	yes
Mailing-List:	contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Id:	<cygwin.cygwin.com>
List-Unsubscribe:	<mailto:cygwin-unsubscribe-archive-cygwin=delorie DOT com AT cygwin DOT com>
List-Subscribe:	<mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive:	<http://sourceware.org/ml/cygwin/>
List-Post:	<mailto:cygwin AT cygwin DOT com>
List-Help:	<mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender:	cygwin-owner AT cygwin DOT com
Mail-Followup-To:	cygwin AT cygwin DOT com
Delivered-To:	mailing list cygwin AT cygwin DOT com

Corinna Vinschen wrote at about 11:09:57 +0100 on Sunday, February 6, 2011:
 > On Feb  5 22:02, Jeffrey J. Kosowsky wrote:
 > > Jeffrey J. Kosowsky wrote at about 21:54:13 -0500 on Saturday, February 5, 2011:
 > >  > Just loaded a fresh version of Cygwin-1.7 on a new machine and ran
 > >  > ssh-host-config without any problems.
 > >  > 
 > >  > However it keeps failing to start up.
 > >  > The log shows:
 > >  > 	Could not load host key: /etc/ssh_host_ecdsa_key
 > >  > 
 > >  > The config file /etc/sshd_config has the lines:
 > >  > 	#HostKey /etc/ssh_host_dsa_key
 > >  > 	#HostKey /etc/ssh_host_ecdsa_key
 > >  > 
 > >  > This seems quite wrong - both to have the repeated lines and to have
 > >  > the name 'ecdsa' rather than just straight 'dsa'
 > 
 > Do you read the announcements?  Since 5.7, openssh supports ECDSA keys
 > per RFC5656.  Those are stored in the key file using the above name.

Unfortunately, I don't have the luxury of reading the announcements on
all pieces of software loaded on all my computers.. :)

 > > However, I still am curious to the naming and repetition of the
 > > HostKey and it still does generate errors in the log...
 > 
 > sshd tries to load this key by default, but it's missing in your setup,
 > that's why you get a warning from sshd.
 > 
 > Re-run the latest ssh-host-config script from the openssh-5.8p1
 > package.  You'll see a line like
 > 
 >   *** Info: Generating /etc/ssh_host_ecdsa_key
 > 
I ran it on 3 new, fresh, blank installs and in all cases it only
generated the usual 3-key pairs:
		ssh_host_key
		ssh_host_rsa_key
		ssh_host_dsa_key

So perhaps the problem is that ssh-host-config is not generating the
new key.
By the way, I was using 5.7p1-1 which was up to date as of late last
week.

 > Afterwards, just answer "no" to all questions.  Alternatively, you can
 > create the key manually:
 > 
 >   ssh-keygen -t ecdsa -f /etc/ssh_host_ecdsa_key -N ''
 > 
 > In both cases, make sure the files belong to the user running the sshd
 > service:
 > 
 >   chown cygserver /etc/ssh_host_ecdsa_key*
 > 
 > 
 > Corinna
 > 
 > -- 
 > Corinna Vinschen                  Please, send mails regarding Cygwin to
 > Cygwin Project Co-Leader          cygwin AT cygwin DOT com
 > Red Hat
 > 
 > --
 > Problem reports:       http://cygwin.com/problems.html
 > FAQ:                   http://cygwin.com/faq/
 > Documentation:         http://cygwin.com/docs.html
 > Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple

- Raw text -