Author: Brad Cox
Date: 09-12-02 13:41
I'm running freebsd on a box colocated with Interland on the opposite coast, so the complication here is that I can't endanger the existing ssh install while enabling openssh.
Problem is that sftp clients connect, then hang once the password is provided, without reporting anything in /var/log/messages. The complication in diagnosing this is that I'm not sure which ssh config files and executables are in play, not which daemon (sshd or openssh's equivalent) is executing. With both ssh and openssh installed, it is very confusing to know what's going on, particularly since /usr/local/etc contains a ssh sub directory with several config files/keys, while the same files appear in the parent directory (/usr/local/etc), presumably from earlier install attempts.
To simplify things, I moved ssh* and sftp* from /usr/local/etc and /usr/local/bin to backup directories and reinstalled opensh as follows:
bash-2.04# pkg_add openssh-3.5.tgz
pkg_add: command '[ -f /usr/local/etc/ssh_host_rsa_key ] && [ ! -f /usr/local/etc/ssh/ssh_host_rsa_key ] && ln /usr/local/etc/ssh_host_rsa_key /usr/local/etc/ssh/ssh_host_rsa_key' failed
pkg_add: command '[ -f /usr/local/etc/ssh_host_rsa_key.pub ] && [ ! -f /usr/local/etc/ssh/ssh_host_rsa_key.pub ] && ln /usr/local/etc/ssh_host_rsa_key.pub /usr/local/etc/ssh/ssh_host_rsa_key.pub' failed
pkg_add: command '[ ! -f /usr/local/etc/ssh/ssh_config ] && cp /usr/local/etc/ssh/ssh_config-dist /usr/local/etc/ssh/ssh_config' failed
pkg_add: command '[ ! -f /usr/local/etc/ssh/sshd_config ] && cp /usr/local/etc/ssh/sshd_config-dist /usr/local/etc/ssh/sshd_config' failed
>> Generating a secret RSA host key.
Generating public/private rsa key pair.
Your identification has been saved in /usr/local/etc/ssh/ssh_host_rsa_key.
Your public key has been saved in /usr/local/etc/ssh/ssh_host_rsa_key.pub.
The key fingerprint is:
sshd:*:22:22::0:0:sshd privilege separation:/usr/local/empty:/nonexistent
I've no idea what is causing the above errors, nor what to do about them. Since the indicated files do exist in /usr/local/etc/ssh, I'm assuming for now that these errors are spurious.
My current assumption is that the installation was successful, but that sftp connection attempts are failing because the old nonopen sshd is still running. I can't endanger this because I need it to connect to this machine.
Can someone provide suggestions about how to proceed?
PS: /usr/local/etc/ssh/sshd_config and /etc/ssh/sshd_config both contain
Subsystem sftp /usr/local/libexec/sftp-server