10-29-2002
Regen keys
Hi there
I think you may need to regenerate your SSH keys - in my version I do :
/usr/local/bin/ssh-keygen -t rsa1 -f /usr/local/etc/ssh_host_key -N ""
/usr/local/bin/ssh-keygen -t dsa -f /usr/local/etc/ssh_host_dsa_key -N ""
/usr/local/bin/ssh-keygen -t rsa -f /usr/local/etc/ssh_host_rsa_key -N ""
This will ask if you want to overwrite your keys - say yes, then restart sshd. Should resolve your new ssl installation. If this doesn't work then get back to me.....
./B
8 More Discussions You Might Find Interesting
1. Solaris
ERROR OpenSSL version mismatch. Built against 908070, you have 9080bf^M
2009.11.20 15:23:25 ERROR Connection closed^M
i am new in solaris,i not have great know in this operative system
Help me how i can fixed this, in the machine has installed Solaris
Machine hardware: ... (1 Reply)
Discussion started by: saurio
1 Replies
2. UNIX for Advanced & Expert Users
All,
I am new to openssl and I have not been able to figure out exactly how to use it. What I need to do is to create a shell script which FTPS's (SFTP is not allowed on my project) a file to a mainframe. The mainframe will not initiate a session with my server.
Question. Are the packages... (7 Replies)
Discussion started by: MichaelInDC
7 Replies
3. Solaris
Hi Peeps,
Having trouble compiling openssl 0.9.8r on Solaris 10 x86. The make test fails when running the shatests (segmentation faults). There is a PROBLEM file that references a file called values.c. Anyone know whereabouts in the source tree you put this file as the file doesn't tell you... (2 Replies)
Discussion started by: callmebob
2 Replies
4. AIX
Gurus,
As per audit recommendation i have installed openssl.base 0.9.8.803 and upgraded openssl from 9.7l to 9.8 as prerequisits. But post these installation ssh fails with below error message.
exec(): 0509-036 Cannot load program ssh because of the following errors:
0509-150 ... (3 Replies)
Discussion started by: newaix
3 Replies
5. Shell Programming and Scripting
I am running a openssl command like this:
openssl s_client -showcerts -connect $fqdn:$portand the result is some ridiculous amount of stuff but i only want to cut out part of the certificate chain. How do i do that? (2 Replies)
Discussion started by: shade917
2 Replies
6. Solaris
Hello
I'm relatively new to technologies like Apache & ssl but have some years
experience with Unix. My question concerns the version of OpenSSL which is
genuinely being used on our server & how is that set.
The server is running Solaris 10. I'll show output from various commands:
... (1 Reply)
Discussion started by: CHoggarth
1 Replies
7. Shell Programming and Scripting
Hi,
I am using openssl as below for encryption of a string ( foo) and I have to pass the password twice for the same.
echo 'foo' | openssl aes-256-cbc -a -salt
enter aes-256-cbc encryption password:
Verifying - enter aes-256-cbc encryption password:... (2 Replies)
Discussion started by: 46019
2 Replies
8. Cybersecurity
I just started playing around with Unix's OpenSSL utility. I can't seem to get the hang of it, and the man page isn't helping much. I wanted to experiment with file encryption, so I created a dummy text file with one line of text and tried to encrypt it using DES. I used the following command:
... (2 Replies)
Discussion started by: Ultrix
2 Replies
LEARN ABOUT MOJAVE
ssh-keysign
SSH-KEYSIGN(8) BSD System Manager's Manual SSH-KEYSIGN(8)
NAME
ssh-keysign -- ssh helper program for host-based authentication
SYNOPSIS
ssh-keysign
DESCRIPTION
ssh-keysign is used by ssh(1) to access the local host keys and generate the digital signature required during host-based authentication.
ssh-keysign is disabled by default and can only be enabled in the global client configuration file /etc/ssh/ssh_config by setting
EnableSSHKeysign to ``yes''.
ssh-keysign is not intended to be invoked by the user, but from ssh(1). See ssh(1) and sshd(8) for more information about host-based authen-
tication.
FILES
/etc/ssh/ssh_config
Controls whether ssh-keysign is enabled.
/etc/ssh/ssh_host_dsa_key
/etc/ssh/ssh_host_ecdsa_key
/etc/ssh/ssh_host_ed25519_key
/etc/ssh/ssh_host_rsa_key
These files contain the private parts of the host keys used to generate the digital signature. They should be owned by root, read-
able only by root, and not accessible to others. Since they are readable only by root, ssh-keysign must be set-uid root if host-
based authentication is used.
/etc/ssh/ssh_host_dsa_key-cert.pub
/etc/ssh/ssh_host_ecdsa_key-cert.pub
/etc/ssh/ssh_host_ed25519_key-cert.pub
/etc/ssh/ssh_host_rsa_key-cert.pub
If these files exist they are assumed to contain public certificate information corresponding with the private keys above.
SEE ALSO
ssh(1), ssh-keygen(1), ssh_config(5), sshd(8)
HISTORY
ssh-keysign first appeared in OpenBSD 3.2.
AUTHORS
Markus Friedl <markus@openbsd.org>
BSD
February 17, 2016 BSD