ssh can't load host keys

Hello,

Today, I came in and found a Kerio firewall warning
that someone from Australia (other side of world)
tried to connect the the sshd process (part of
cygwin). No problem, just deny access. Then I
tried to run "top" and the command was not recognized.
That's weird. xterms don't give me the expected
popup menus when I control-click. I checked the task
manager, and no weird processes except maybe crypserv
and regsvc, both of which can be disabled according
Black Viper (I'll do that as soon as I figure out how).

But the missing "top" was strange enough that I
wiped out the entire c:\cygwin tree and reinstalled
it from scratch. Just to be safe. After quite a
few hours, I had my cygwin environment partway back
to normal, with the top command working.

I stuck with a problem getting sshd to work, following
http://tech.erdelynet.com/cygwin-sshd.html. The
problem starts when I run "ssh-host-config -y". I get
the message

   cygrunsrv: Error installing a service:
         OpenService: Win32 error 1073:
   The specified service already exists.
   Host configuration finished. Have fun!

Funny how I get a cygrunsrv error even though I
haven't reached the cyrunsrv step yet.

I tried rebooting and seeing if sshd was running, and
it wasn't. I ran msconfig, and sure enough, the
services tab shows sshd as a service. But the task
manager shows no sshd. I also checked the Windows
Scheduled Tasks in the Control Panel, which does indeed
launch sshd:

   C:\Cygwin\bin\bash.exe
      --login -i -c "cygrunsrv -S sshd"

So the task exists as a service insofar as
it is *allowed* to act as a service, but
it certainly hadn't been launched. I tried
looking at /var/log/sshd.log:

   Could not load host key: /etc/ssh_host_key
   Could not load host key: /etc/ssh_host_rsa_key
   Could not load host key: /etc/ssh_host_dsa_key
   Disabling protocol version 1. Could not load host key
   Disabling protocol version 2. Could not load host key
   sshd: no hostkeys available -- exiting.

These error messages repeat a few times because I
rebooted a few times. I thought it must be because the
files don't exist, but they do:

-rw-r--r-- 1 Administ mkpasswd 1049 Jun 20 06:07 ssh_config
-rw------- 1 Administ mkpasswd 668 Jun 20 04:08 ssh_host_dsa_key
-rw-r--r-- 1 Administ mkpasswd 608 Jun 20 04:08 ssh_host_dsa_key.pub
-rw------- 1 Administ mkpasswd 533 Jun 20 04:08 ssh_host_key
-rw-r--r-- 1 Administ mkpasswd 337 Jun 20 04:08 ssh_host_key.pub
-rw------- 1 Administ mkpasswd 887 Jun 20 04:08 ssh_host_rsa_key
-rw-r--r-- 1 Administ mkpasswd 228 Jun 20 04:08 ssh_host_rsa_key.pub

I thought the permissions must be tight, so I reinstalled
OpenSSH and repeated "ssh-host-config -y", with the same
outcome (that is, the permissions were the same).

I tried launching "cygrunsrv -S sshd" directly from the
bash command line to see if it got me any closer to a
working sshd process. Instead, I got:

   cygrunsrv: Error starting a service:
      QueryServiceStatus: Win32 error 1062:
      The service has not been started.

Now I'm out of ideas. Thanks if someone could suggest
something. I should add that prior to wiping out c:\Cygwin,
I had to create /etc/passwd using "makepasswd -l". I also
removed the administrator entry from /etc/passwd so as to
allow external access to be limited in power. It worked
fine. It's only now that I reinstalled cygwin and openssh
that I find /etc/passwd already exists without me having
to create it. So I just went in and removed the adminstrator
entry like before.

Speak of the devil. Someone has suggested on the
cygwin mailing list to examine the windows event log to
help debug nonstarting sshd. I will look at it, but
quite unsure of whether I will find the cause that way,
as the log files aren't very friendly to read. Though
apparently, it has the required details to sleuth out
these problems.

Thanks in advance for any ideas.

--
Fred Ma, fma@doe.carleton.ca
Carleton University, Dept. of Electronics
1125 Colonel By Drive, Ottawa, Ontario
Canada, K1S 5B6
--
List Information: http://tech.erdelynet.com/mailman/listinfo/ssh-l/
List Archives:    http://erdelynet.com/archive/ssh-l/
To Unsubscribe: Go to http://tech.erdelynet.com/mailman/listinfo/ssh-l/ and enter your email address at the bottom to "Edit Options". If you don't know your password, have it emailed to you. Then unsubscribe.