X-Recipient: archive-cygwin AT delorie DOT com
X-Spam-Check-By: sourceware.org
Date: Sun, 6 Feb 2011 11:09:57 +0100
From: Corinna Vinschen <corinna-cygwin AT cygwin DOT com>
To: cygwin AT cygwin DOT com
Subject: Re: "Could not load host key: /etc/ssh_host_ecdsa_key"
Message-ID: <20110206100957.GB29603@calimero.vinschen.de>
Reply-To: cygwin AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
References: <19790 DOT 3413 DOT 953737 DOT 283323 AT consult DOT pretender> <19790 DOT 3933 DOT 747842 DOT 759650 AT consult DOT pretender>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
In-Reply-To: <19790.3933.747842.759650@consult.pretender>
User-Agent: Mutt/1.5.21 (2010-09-15)
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
Precedence: bulk
List-Id: <cygwin.cygwin.com>
List-Unsubscribe: <mailto:cygwin-unsubscribe-archive-cygwin=delorie DOT com AT cygwin DOT com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com

On Feb  5 22:02, Jeffrey J. Kosowsky wrote:
> Jeffrey J. Kosowsky wrote at about 21:54:13 -0500 on Saturday, February 5, 2011:
>  > Just loaded a fresh version of Cygwin-1.7 on a new machine and ran
>  > ssh-host-config without any problems.
>  > 
>  > However it keeps failing to start up.
>  > The log shows:
>  > 	Could not load host key: /etc/ssh_host_ecdsa_key
>  > 
>  > The config file /etc/sshd_config has the lines:
>  > 	#HostKey /etc/ssh_host_dsa_key
>  > 	#HostKey /etc/ssh_host_ecdsa_key
>  > 
>  > This seems quite wrong - both to have the repeated lines and to have
>  > the name 'ecdsa' rather than just straight 'dsa'

Do you read the announcements?  Since 5.7, openssh supports ECDSA keys
per RFC5656.  Those are stored in the key file using the above name.

> Correction it does start up (my problem was that /var/empty was not
> owned by 'root' which on XP seems to be 'SYSTEM')
> 
> However, I still am curious to the naming and repetition of the
> HostKey and it still does generate errors in the log...

sshd tries to load this key by default, but it's missing in your setup,
that's why you get a warning from sshd.

Re-run the latest ssh-host-config script from the openssh-5.8p1
package.  You'll see a line like

  *** Info: Generating /etc/ssh_host_ecdsa_key

Afterwards, just answer "no" to all questions.  Alternatively, you can
create the key manually:

  ssh-keygen -t ecdsa -f /etc/ssh_host_ecdsa_key -N ''

In both cases, make sure the files belong to the user running the sshd
service:

  chown cygserver /etc/ssh_host_ecdsa_key*


Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Project Co-Leader          cygwin AT cygwin DOT com
Red Hat

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple