Installed the Portel Tools OpenSSH for the first time. Using the Co:Z Qiock Install guide.
When I start SSHD, in the temp error log I see:
FOTS2914 zsshGetKeyFromRecord: Certificate validation for key ring 'SSHDAEM/SSHDring' label 'sshdaem-sshd-rsa' failed (53817378). Certificate is expired..
FOTS1438 Could not load host key: SSHDAEM/SSHDring sshdaem-sshd-rsa.
FOTS2378 Disabling protocol version 2. Could not load host key.
FOTS2157 sshd: no hostkeys available -- exiting..
Step 1.8 has you create the SSHD Server keys, which I did (I also deleted the existing ones and recreated).
Step 1.10 has you create the script.
I am guessing the sshd_config needs to be modified, but don't know what to change.
If my guess is correct, what do I need to uncomment out? Otherwise, what might I be missing?
Thanks,
Dennis
Certificate Expired
Re: Certificate Expired
These errors indicate that you have a host key that is loaded into ICSF (that has expired).
This key must be referenced in your /etc/ssh/zos_sshd_config file with a line like:
HostKeyRingLabel="SSHDAEM/SSHDring sshdaem-sshd-rsa"
So, I would remove or comment that line out if you don't want to use this ICSF host key (as it has expired).
This key must be referenced in your /etc/ssh/zos_sshd_config file with a line like:
HostKeyRingLabel="SSHDAEM/SSHDring sshdaem-sshd-rsa"
So, I would remove or comment that line out if you don't want to use this ICSF host key (as it has expired).