Closed ShapeShifter499 closed 5 years ago
I'm also experiencing an issue converting any OpenSSH host keys generated with "# ssh-keygen -A" using "# dropbearconvert openssh dropbear /etc/ssh/ssh_host_rsa_key /etc/dropbear/dropbear_rsa_host_key"
I do not know if the issue I'm having with 'dropbearconvert' failing to convert any of my OpenSSH host keys is a bug with upstream or a bug caused by the changes in the Arch Linux build.
[root@archiso /]# dropbearconvert openssh dropbear /etc/ssh/ssh_host_rsa_key /etc/dropbear/dropbear_rsa_host_key
Error: Unrecognised key type
Error reading key from '/etc/ssh/ssh_host_rsa_key'
And during mkinitcpio generation
[root@archiso /]# mkinitcpio -p linux
==> Building image from preset: /etc/mkinitcpio.d/linux.preset: 'default'
-> -k /boot/vmlinuz-linux -c /etc/mkinitcpio.conf -g /boot/initramfs-linux.img
==> Starting build: 4.18.14-arch1-1-ARCH
-> Running build hook: [base]
-> Running build hook: [autodetect]
-> Running build hook: [modconf]
-> Running build hook: [block]
-> Running build hook: [filesystems]
-> Running build hook: [keyboard]
-> Running build hook: [fsck]
-> Running build hook: [systemd]
-> Running build hook: [systemd-tool]
convert openssh to dropbear host key: /etc/dropbear/dropbear_rsa_host_key
==> ERROR: command failure (1): dropbearconvert openssh dropbear /etc/ssh/ssh_host_rsa_key /etc/dropbear/dropbear_rsa_host_key
Error: Unrecognised key type
Error reading key from '/etc/ssh/ssh_host_rsa_key'
convert openssh to dropbear host key: /etc/dropbear/dropbear_dss_host_key
==> ERROR: command failure (1): dropbearconvert openssh dropbear /etc/ssh/ssh_host_dsa_key /etc/dropbear/dropbear_dss_host_key
Error: Unrecognised key type
Error reading key from '/etc/ssh/ssh_host_dsa_key'
convert openssh to dropbear host key: /etc/dropbear/dropbear_ecdsa_host_key
==> ERROR: command failure (1): dropbearconvert openssh dropbear /etc/ssh/ssh_host_ecdsa_key /etc/dropbear/dropbear_ecdsa_host_key
Error: Unrecognised key type
Error reading key from '/etc/ssh/ssh_host_ecdsa_key'
==> Generating module dependencies
==> Creating gzip-compressed initcpio image: /boot/initramfs-linux.img
==> Image generation successful
==> Building image from preset: /etc/mkinitcpio.d/linux.preset: 'fallback'
-> -k /boot/vmlinuz-linux -c /etc/mkinitcpio.conf -g /boot/initramfs-linux-fallback.img -S autodetect
==> Starting build: 4.18.14-arch1-1-ARCH
-> Running build hook: [base]
-> Running build hook: [modconf]
-> Running build hook: [block]
==> WARNING: Possibly missing firmware for module: aic94xx
==> WARNING: Possibly missing firmware for module: wd719x
-> Running build hook: [filesystems]
-> Running build hook: [keyboard]
-> Running build hook: [fsck]
-> Running build hook: [systemd]
-> Running build hook: [systemd-tool]
==> WARNING: Possibly missing firmware for module: softing_cs
==> WARNING: Possibly missing firmware for module: wcn36xx
==> WARNING: Possibly missing firmware for module: at76c50x_usb
==> WARNING: Possibly missing firmware for module: atmel
==> WARNING: Possibly missing firmware for module: b43
==> WARNING: Possibly missing firmware for module: b43legacy
==> WARNING: Possibly missing firmware for module: ipw2100
==> WARNING: Possibly missing firmware for module: ipw2200
==> WARNING: Possibly missing firmware for module: orinoco_usb
==> WARNING: Possibly missing firmware for module: p54pci
==> WARNING: Possibly missing firmware for module: p54spi
==> WARNING: Possibly missing firmware for module: p54usb
==> WARNING: Possibly missing firmware for module: prism54
==> WARNING: Possibly missing firmware for module: rtl8723ae
==> WARNING: Possibly missing firmware for module: rsi_sdio
==> WARNING: Possibly missing firmware for module: rsi_usb
==> WARNING: Possibly missing firmware for module: zd1201
==> WARNING: Possibly missing firmware for module: zd1211rw
convert openssh to dropbear host key: /etc/dropbear/dropbear_rsa_host_key
==> ERROR: command failure (1): dropbearconvert openssh dropbear /etc/ssh/ssh_host_rsa_key /etc/dropbear/dropbear_rsa_host_key
Error: Unrecognised key type
Error reading key from '/etc/ssh/ssh_host_rsa_key'
convert openssh to dropbear host key: /etc/dropbear/dropbear_dss_host_key
==> ERROR: command failure (1): dropbearconvert openssh dropbear /etc/ssh/ssh_host_dsa_key /etc/dropbear/dropbear_dss_host_key
Error: Unrecognised key type
Error reading key from '/etc/ssh/ssh_host_dsa_key'
convert openssh to dropbear host key: /etc/dropbear/dropbear_ecdsa_host_key
==> ERROR: command failure (1): dropbearconvert openssh dropbear /etc/ssh/ssh_host_ecdsa_key /etc/dropbear/dropbear_ecdsa_host_key
Error: Unrecognised key type
Error reading key from '/etc/ssh/ssh_host_ecdsa_key'
==> Generating module dependencies
==> Creating gzip-compressed initcpio image: /boot/initramfs-linux-fallback.img
==> Image generation successful
[root@archiso /]#
What helped me was to remove the dsa keys and copy the ecdsa in their place. Afterwards the script went through OK.
Not sure if it solves your problem...
@kolcon I've decided to have separate host keys for both openssh and dropbear on my system. This also forced me to make sure openssh and dropbear were on different ports, but since I use the same auth key everything works well enough.
When setting up mkinitcpio-systemd-tool on a new Arch Linux system I get the below error with generating keys. I see an error with dropbear when mkinitcpio triggers a new key generation. It would seem that the maintainer of the Dropbear ssh package in Arch Linux has removed the option for generating 'dss' and 'dsa' keys. You can see the change for 'dss' at https://git.archlinux.org/svntogit/community.git/commit/trunk?h=packages/dropbear&id=76850552f9eea2289d2c016fe574ededfa9222bf near the bottom. I'm not 100% sure where 'dsa' got disabled and if that was a upstream change or if Arch Linux maintainers did that.