[ale] RE: SSH

Chris Fowler chrisf at computone.com
Wed Dec 29 09:39:30 EST 1999


It seems like I can not start sshd without /etc/ssh_host_key file being
present.

When the file is there sshd starts and generates a 768bit RSA key.  I assume
this would be a public key.

Is it feasible to setup only one ssh_host_key and use it on all systems to
keep from having to distribute the ssh-keygen file to each system and save
some development time?

Thanks,
Chris

-----Original Message-----
 From: Michael H. Warfield [mailto:mhw at wittsend.com]
Sent: Tuesday, December 28, 1999 10:48 PM
To: Chris Fowler
Cc: Michael H. Warfield (E-mail); Louis Zamora
Subject: Re: SSH


On Tue, Dec 28, 1999 at 11:53:25AM -0500, Chris Fowler wrote:
> Michael,

> Louis told me you installed OpenSSH on his cube.  Does that use the
OpenSSL

	No...  I installed ssh 1.2.27 some time ago.  Before OpenSSH was
available.  I need to update that.  Thanks for reminding me.

> library? Does that require a digital certificate license from someone like
> Verisign?  How 

	No.  SSH does not use X.509 certs.  Period.  Verisign has nothing
to do with it.  It can and does use RSA keys, but those are not
certificates.

> does OpenSSH encrypt the data?  Thanks for your input and help.  I'm
looking

	It encrypts it in a mutually agreed upon encryption method.  3DES
is lowest common denominator at this point.  SSH supports Idea but OpenSSH
does not.  Both support 3DES.

> at embedding OpenSSH on some hardware and it is confusing me on if I need
to
> do anything on the outside.

	?!?!?

	I don't quite follow that last bit.

> Chris

	Mike
-- 
 Michael H. Warfield    |  (770) 985-6132   |  mhw at WittsEnd.com
  (The Mad Wizard)      |  (770) 331-2437   |  http://www.wittsend.com/mhw/
  NIC whois:  MHW9      |  An optimist believes we live in the best of all
 PGP Key: 0xDF1DD471    |  possible worlds.  A pessimist is sure of it!
--
To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message body.






More information about the Ale mailing list