In message <[EMAIL PROTECTED]>, Gerry Maddock writes:
>I have ssh1 on one of my servers, and the other day it was rebooted.
>When it restarted the host key was changed! Checking the logs, I see a
>message that I do not see on any of the other servers when they are
>rebooted:
>HiDsshd[88] log: server listening on port 22.
>HiDsshd[88] log: RSA key generation complete
>
>I have not encountered this before, so I moved the server off the
>network to a "safe" network. I saw no evidence of any connections prior
>to this, and the logs are safe since all servers log to a secure log
>server. Is this a hack, or is this a normal flaw of ssh1?
>
>
sshd generates a new secrecy key about once an hour. The
authentication key is long-lived, and is used to certify the secrecy
key. It's not a flaw, it's a deliberate design feature.
--Steve Bellovin
