I have ssh1 on one of my servers, and the other day it was rebooted.
When it restarted the host key was changed! Checking the logs, I see a
message that I do not see on any of the other servers when they are
rebooted:
HiDsshd[88] log: server listening on port 22.
HiDsshd[88] log: RSA key generation complete
I have not encountered this before, so I moved the server off the
network to a "safe" network. I saw no evidence of any connections prior
to this, and the logs are safe since all servers log to a secure log
server. Is this a hack, or is this a normal flaw of ssh1?
