The build bug: DESTDIR=$SOMEDIR does not work: mkdir ${HOME}/tools/openssh/openssh-5.0p1/_i/usr/local/etc ${HOME}/tools/openssh/openssh-5.0p1/_i/usr/local/sbin/sshd -t -f ${HOME}/tools/openssh/openssh-5.0p1/_i/usr/local/etc/sshd_config Could not load host key: /usr/local/etc/ssh_host_rsa_key Could not load host key: /usr/local/etc/ssh_host_dsa_key Disabling protocol version 2. Could not load host key sshd: no hostkeys available -- exiting. make: [check-config] Error 1 (ignored) (the current version is rooted in /usr, not /usr/local, and these files live in /etc/ssh.) ============= Anyway, the problem that starts it all: http://www.linuxquestions.org/questions/linux-networking-3/connection-refused-on-remoteforward-ed-port-652472/#post3198878 basically, the "RemoteForward" is not working as expected. It works with my client side daemon running 0.9.8c and 0.9.8e (as reported by "ssh", not "sshd"), but not with 0.9.8g. On the server side, I invoke: /usr/bin/ssh -v -q -g -R ${PORT}:localhost:22 -n \ -o BatchMode=yes -o StrictHostKeyChecking=no <home-mach> The only user allowed to ssh in has a shell that does nothing except keep the connection open. On my home machine, I then attempt: ssh -X -p ${PORT} <work-uname>@localhost The result (with "-vv'): OpenSSH_5.0p1, OpenSSL 0.9.8g 19 Oct 2007 debug1: Reading configuration data ${HOME}/.ssh/config debug2: ssh_connect: needpriv 0 debug1: Connecting to localhost [127.0.0.1] port ${PORT}. debug1: connect to address 127.0.0.1 port ${PORT}: Connection refused debug1: Connecting to localhost [::1] port ${PORT}. debug1: connect to address ::1 port ${PORT}: Connection refused ssh: connect to host localhost port ${PORT}: Connection refused =========== Help, please? :)
DESTDIR doesn't replace doing a ./configure --prefix=/path/you/want/ DESTDIR just allows you to do a "make install" into a different place than what the --prefix has defined. - Ben On Mon, 30 Jun 2008, Bruce Korb wrote:> The build bug: DESTDIR=$SOMEDIR does not work: > > mkdir ${HOME}/tools/openssh/openssh-5.0p1/_i/usr/local/etc > ${HOME}/tools/openssh/openssh-5.0p1/_i/usr/local/sbin/sshd -t -f > ${HOME}/tools/openssh/openssh-5.0p1/_i/usr/local/etc/sshd_config > Could not load host key: /usr/local/etc/ssh_host_rsa_key > Could not load host key: /usr/local/etc/ssh_host_dsa_key > Disabling protocol version 2. Could not load host key > sshd: no hostkeys available -- exiting. > make: [check-config] Error 1 (ignored) > > (the current version is rooted in /usr, not /usr/local, and these > files live in /etc/ssh.) > > =============> > Anyway, the problem that starts it all: > > http://www.linuxquestions.org/questions/linux-networking-3/connection-refused-on-remoteforward-ed-port-652472/#post3198878 > > basically, the "RemoteForward" is not working as expected. > It works with my client side daemon running 0.9.8c and 0.9.8e > (as reported by "ssh", not "sshd"), but not with 0.9.8g. On the > server side, I invoke: > > /usr/bin/ssh -v -q -g -R ${PORT}:localhost:22 -n \ > -o BatchMode=yes -o StrictHostKeyChecking=no <home-mach> > > The only user allowed to ssh in has a shell that does nothing except > keep the connection open. > > On my home machine, I then attempt: > > ssh -X -p ${PORT} <work-uname>@localhost > > The result (with "-vv'): > OpenSSH_5.0p1, OpenSSL 0.9.8g 19 Oct 2007 > debug1: Reading configuration data ${HOME}/.ssh/config > debug2: ssh_connect: needpriv 0 > debug1: Connecting to localhost [127.0.0.1] port ${PORT}. > debug1: connect to address 127.0.0.1 port ${PORT}: Connection refused > debug1: Connecting to localhost [::1] port ${PORT}. > debug1: connect to address ::1 port ${PORT}: Connection refused > ssh: connect to host localhost port ${PORT}: Connection refused > > > ===========> > Help, please? :) > _______________________________________________ > openssh-unix-dev mailing list > openssh-unix-dev at mindrot.org > https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev >
On Tue, Jul 1, 2008 at 2:01 AM, Bruce Korb <bruce.korb at gmail.com> wrote:> The build bug: DESTDIR=$SOMEDIR does not work: > > mkdir ${HOME}/tools/openssh/openssh-5.0p1/_i/usr/local/etc > ${HOME}/tools/openssh/openssh-5.0p1/_i/usr/local/sbin/sshd -t -f > ${HOME}/tools/openssh/openssh-5.0p1/_i/usr/local/etc/sshd_config > Could not load host key: /usr/local/etc/ssh_host_rsa_key > Could not load host key: /usr/local/etc/ssh_host_dsa_key > Disabling protocol version 2. Could not load host key > sshd: no hostkeys available -- exiting. > make: [check-config] Error 1 (ignored)That looks like the install worked but the "sshd -t" test failed because sshd did not have permission to read the keys that it's configured to use (via --prefix or --sysconfdir as Ben mentioned). Try "make install-nokeys DESTDIR=foo" instead. [...]> It works with my client side daemon running 0.9.8c and 0.9.8e > (as reported by "ssh", not "sshd"), but not with 0.9.8g.Those are versions of the OpenSSL library that OpenSSH uses. What are the versions of ssh and sshd?> On the server side, I invoke: > > /usr/bin/ssh -v -q -g -R ${PORT}:localhost:22 -n \ > -o BatchMode=yes -o StrictHostKeyChecking=no <home-mach>The output of this command would be interesting (particularly with "-vvv") to see if the remote forwarding request was actually accepted by the server. You could also add "-o ExitOnForwardFailure=yes" to make sure that the tunnel is established.> The only user allowed to ssh in has a shell that does nothing except > keep the connection open.[...] My guess is that the server (ie the thing running sshd) has "AllowTcpForwarding no" in its sshd_config. -- Darren Tucker (dtucker at zip.com.au) GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.
Apparently Analagous Threads
- [Bug 1463] New: Running nohup sleep 70 & and then exiting shell, hangs ssh
- RemoteForward and dynamically allocated listen port
- [Bug 3140] New: support a token for XDG_RUNTIME_DIR
- [Bug 3609] New: Support the special ${RANDOM} environment variable
- [Bug 3648] New: ssh client blocks itself by leaving unix domain socket alive after user