no sshd on new server...

Jon Radel jon at
Mon Nov 16 00:21:26 UTC 2009

Polytropon wrote:
> On Sun, 15 Nov 2009 15:49:33 -0800, Gary Kline <kline at> wrote:
>> 	ok, i have my new server-to-be underway but having problems exec'ing
>> 	/usr/sbin/sshd.  i can ssh out to existing computers, but cannot ssh
>> 	or scp stuff in.  so my question is:  how do i create
>> 	/etc/ssh/ssh_host_dsa_key ?  checking around does no good.
> Maybe I remember incorrectly, but doesn't sshd create this file
> on its first startup?
> Do you have
> 	sshd_enable="YES"
> in /etc/rc.conf? Is sshd running, or do you get error messages
> regarding the host DSA key file?

This is version specific.  If you're really old fashioned (v4, for 
example ;-), you can look in /etc/ for a cookbook:

         case ${sshd_enable} in
                 if [ -x /usr/bin/ssh-keygen ]; then
                         if [ ! -f /etc/ssh/ssh_host_key ]; then
                                 echo ' creating ssh1 RSA host key';
                                 /usr/bin/ssh-keygen -t rsa1 -N "" \
                                         -f /etc/ssh/ssh_host_key
                         if [ ! -f /etc/ssh/ssh_host_rsa_key ]; then
                                 echo ' creating ssh2 RSA host key';
                                 /usr/bin/ssh-keygen -t rsa -N "" \
                                         -f /etc/ssh/ssh_host_rsa_key
                         if [ ! -f /etc/ssh/ssh_host_dsa_key ]; then
                                 echo ' creating ssh2 DSA host key';
                                 /usr/bin/ssh-keygen -t dsa -N "" \
                                         -f /etc/ssh/ssh_host_dsa_key

or just reboot after setting sshd_enable="YES".  In newer versions, 
"/etc/rc.d/sshd start" checks if the files exist and creates any of the 
3 which don't, or you can force this check and creation with 
"/etc/rc.d/sshd keygen".  In all cases that I know of, it's just the 
ssh-keygen program being run on your behalf.


--Jon Radel
jon at
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3283 bytes
Desc: S/MIME Cryptographic Signature
Url :

More information about the freebsd-questions mailing list