[SOLVED] sshd won't start

4r45tzero0 · 2012-07-04 01:17:05

hi
i have problem , and i don't know what can i do . so please guide me .
i install openssh , and i changed protocol line to protocol 2 but it can't run

[root@4r45tzero0 ~]#/etc/rc.d/sshd start
:: Starting Secure Shell Daemon                            [BUSY]
Could not load host key: /etc/ssh/ssh_host_rsa_key
Could not load host key: /etc/ssh/ssh_host_dsa_key
Could not load host key: /etc/ssh/ssh_host_ecdsa_key
Disabling protocol version 2. Could not load host key
sshd: no hostkeys available -- exiting.                   [FAIL]

Last edited by 4r45tzero0 (2012-07-12 16:10:23)

Trilby · 2012-07-04 02:05:47

That's a pretty clear error message. Have you generated a key?

jasonwryan · 2012-07-04 02:10:53

Please post your sshd_config

4r45tzero0 · 2012-07-04 10:45:39

hi
yes i generated key with this command

 ssh-keygen -b 521 -t ecdsa -C"$(id -un)@$(hostname)-$(date --rfc-3339=date)"

and this is my sshd_config
https://gist.github.com/3046672

hiciu · 2012-07-04 11:14:35

4r45tzero0 wrote:

Could not load host key: /etc/ssh/ssh_host_rsa_key
Could not load host key: /etc/ssh/ssh_host_dsa_key
Could not load host key: /etc/ssh/ssh_host_ecdsa_key

These keys should be generated by "ssh-keygen -A" in /etc/rc.d/sshd. It should work out of box.

Could you check if they exists? (important things: -rw------- and owner root)

$ ls -la /etc/ssh/ssh_host_rsa_key
-rw------- 1 root root 1675 2012-06-14 23:14 /etc/ssh/ssh_host_rsa_key

Try to run sshd with strace:

sudo strace -f -v -e open rc.d start sshd

You will get a lot of text (you can use '-o /tmp/ssh_log' to save it; man strace). Somewhere near bottom will be something similar to this:

[pid  7006] open("/etc/ssh/ssh_host_rsa_key", O_RDONLY) = 3
[pid  7006] open("/etc/ssh/ssh_host_dsa_key", O_RDONLY) = 3
[pid  7006] open("/etc/ssh/ssh_host_ecdsa_key", O_RDONLY) = 3

Post your output if you get something different.

jasonwryan · 2012-07-04 17:44:11

4r45tzero0 wrote:

and this is my sshd_config
https://gist.github.com/3046672

Your hostkey entries are commented out...

Zancarius · 2012-07-04 18:18:48

jasonwryan wrote:

Your hostkey entries are commented out...

They are by default. AFAIK, HostKey is intended to change their location from the defaults.

jasonwryan · 2012-07-04 19:01:01

Zancarius wrote:

jasonwryan wrote:
Your hostkey entries are commented out...
They are by default. AFAIK, HostKey is intended to change their location from the defaults.

You are right. I have them uncommented in all my (working) sshd_configs, but I set that up some time ago now...

4r45tzero0 · 2012-07-04 19:33:35

so , what should i do ?

Last edited by 4r45tzero0 (2012-07-04 19:35:39)

Zancarius · 2012-07-05 18:10:05

jasonwryan wrote:

I have them uncommented in all my (working) sshd_configs, but I set that up some time ago now...

I know how that goes! I have a few configs sitting around that have evolved over a period of 6+ years.

Admittedly, when I made the switch to Arch, I ended up accepting most defaults, because I decided that the Arch Way of keeping things simple was probably better for me in the long run. I still have a few samba/sshd tweaks carried over, though.

4r45tzero0 wrote:

so , what should i do ?

Don't forget that hiciu also suggested running strace and posting the results of that. It might be a good start. Failing that, you could follow jasonwryan's implicit advice and try uncommenting the entries in sshd_config. I suspect that won't change anything, but you won't know if you don't at least try.

Failing that, as suggested earlier, you should check the permissions of your host keys. If they're readable by anyone other than the user sshd(8) is being run as (typically root), sshd will not start. From the man page for sshd_config(5):

HostKey
Specifies a file containing a private host key used by SSH. The default is /etc/ssh/ssh_host_key for protocol version 1, and /etc/ssh/ssh_host_dsa_key, /etc/ssh/ssh_host_ecdsa_key and /etc/ssh/ssh_host_rsa_key for protocol version 2. Note that sshd(8) will refuse to use a file if it is group/world-accessible. It is possible to have multiple host key files. ``rsa1'' keys are used for version 1 and ``dsa'', ``ecdsa'' or ``rsa'' are used for version 2 of the SSH protocol.

Last edited by Zancarius (2012-07-05 18:13:32)

MoonSwan · 2012-07-05 18:55:18

I used DuckDuckGo to find this answer , and I used it myself a few days ago on a Debian system, so I know for a fact that this works, http://answers.oreilly.com/topic/62-how … host-keys/

Hope this helps.

4r45tzero0 · 2012-07-08 10:10:44

output of strace
https://gist.github.com/3070277

Leonid.I · 2012-07-08 16:44:03

4r45tzero0 wrote:

hi
yes i generated key with this command
 ssh-keygen -b 521 -t ecdsa -C"$(id -un)@$(hostname)-$(date --rfc-3339=date)"
and this is my sshd_config
https://gist.github.com/3046672

I am surprised that noone reads boot scripts and man pages anymore. You can get the hint what's wrong with your setup from man ssh-keygen.

Bottom line: do not mess with host keys -- openssh is samrt enough to take care of it. Quick solution:
1. # pacman -Rsn openssh && rm -vfr /etc/ssh && pacman -S openssh && /etc/rc.d/sshd start
2. # vim /etc/ssh/sshd_config
3. # /etc/rc.d/sshd restart

4r45tzero0 · 2012-07-12 16:13:48

Thanks all of you guys for helping me

Arch Linux

#1 2012-07-04 01:17:05

[SOLVED] sshd won't start

#2 2012-07-04 02:05:47

Re: [SOLVED] sshd won't start

#3 2012-07-04 02:10:53

Re: [SOLVED] sshd won't start

#4 2012-07-04 10:45:39

Re: [SOLVED] sshd won't start

#5 2012-07-04 11:14:35

Re: [SOLVED] sshd won't start

#6 2012-07-04 17:44:11

Re: [SOLVED] sshd won't start

#7 2012-07-04 18:18:48

Re: [SOLVED] sshd won't start

#8 2012-07-04 19:01:01

Re: [SOLVED] sshd won't start

#9 2012-07-04 19:33:35

Re: [SOLVED] sshd won't start

#10 2012-07-05 18:10:05

Re: [SOLVED] sshd won't start

#11 2012-07-05 18:55:18

Re: [SOLVED] sshd won't start

#12 2012-07-08 10:10:44

Re: [SOLVED] sshd won't start

#13 2012-07-08 16:44:03

Re: [SOLVED] sshd won't start

#14 2012-07-12 16:13:48

Re: [SOLVED] sshd won't start

Board footer