[bug-notifications] [openssh_client 0004874]: Hostbased authentication per ssh from the host doesn´t work after update openssh to 5.8p2

Mantis Bug Tracker noreply at opencsw.org
Fri Dec 16 20:27:38 CET 2011


A NOTE has been added to this issue. 
====================================================================== 
https://www.opencsw.org/mantis/view.php?id=4874 
====================================================================== 
Reported By:                rrossi
Assigned To:                yann
====================================================================== 
Project:                    openssh_client
Issue ID:                   4874
Category:                   packaging
Reproducibility:            always
Severity:                   major
Priority:                   normal
Status:                     feedback
====================================================================== 
Date Submitted:             2011-12-02 13:17 CET
Last Modified:              2011-12-16 20:27 CET
====================================================================== 
Summary:                    Hostbased authentication  per ssh  from the host
doesn´t work after update  openssh to 5.8p2
Description: 
After upgrade openssh to Version 5.8.p2 Server config and Server Keys are
migrated  from /opt/csw/etc/ssh/ to /etc/opt/csw/ssh .


Hostbased Authentification from this host doesn´t work any more.

Error Output by ssh -vvv    no more client hostkeys for hostbased
authentication.



For hostbased Authentification the Server Keys from Client are needed. 

Problem 
Client Binary ssh searches the keys in /opt/csw/etc/ssh
(strings /opt/csw/bin/ssh | grep ssh_hosts
The couldn´t find it anymore in  /opt/csw/etc/ssh/

pls chang this to the new path to the server-keys


Workaround:

cp ssh_host*keys from /etc/opt/csw/ssh to /opt/csw/etc/ssh






====================================================================== 

---------------------------------------------------------------------- 
 (0009505) yann (manager) - 2011-12-16 20:27
 https://www.opencsw.org/mantis/view.php?id=4874#c9505 
---------------------------------------------------------------------- 
Do you use pkg-get or pkgutil ?

It seems pkg-get/pkgutil doesn't remove the previous openssh package before
installing the new one.

If you use pkg-get, you should better use pkgutil.

If not, could you do a manual update by using directly pkgrm and pkgadd ?



More information about the bug-notifications mailing list