Reloading host keys without sshd restart - SSH

This is a discussion on Reloading host keys without sshd restart - SSH ; Hi, I'm trying to figure out which versions of OpenSSH automatically reload server keys (/etc/ssh/ssh_host_{dsa,rsa,}_key) when you change them without restarting the sshd daemon. I already know that 4.5p1 on GNU/Linux does automatically reload them, whereas 3.7.1p2 on HP-UX does ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: Reloading host keys without sshd restart

  1. Reloading host keys without sshd restart

    Hi,

    I'm trying to figure out which versions of OpenSSH automatically
    reload server keys (/etc/ssh/ssh_host_{dsa,rsa,}_key) when you change
    them without restarting the sshd daemon.

    I already know that 4.5p1 on GNU/Linux does automatically reload them,
    whereas 3.7.1p2 on HP-UX does not.

    I was searching through the source code of 4.5p1 trying to figure out,
    where the reload happens, so that I could grep through all the other
    sources, but I can't figure out, where exactly does it happen.

    To me it seems, like the server keys are loaded just once in the
    main() function of sshd.c to the structure sensitive_data and are
    stored there ever since. Therefore I don't understand the 4.5p1
    behavior.

    Thanks very much for any help

    Ondra Novak


  2. Re: Reloading host keys without sshd restart

    >>>>> "ondrew" == ondrew writes:

    ondrew> Hi, I'm trying to figure out which versions of OpenSSH
    ondrew> automatically reload server keys
    ondrew> (/etc/ssh/ssh_host_{dsa,rsa,}_key) when you change them
    ondrew> without restarting the sshd daemon.

    ondrew> I already know that 4.5p1 on GNU/Linux does automatically
    ondrew> reload them, whereas 3.7.1p2 on HP-UX does not.

    ondrew> I was searching through the source code of 4.5p1 trying to
    ondrew> figure out, where the reload happens, so that I could grep
    ondrew> through all the other sources, but I can't figure out, where
    ondrew> exactly does it happen.

    ondrew> To me it seems, like the server keys are loaded just once in
    ondrew> the main() function of sshd.c to the structure sensitive_data
    ondrew> and are stored there ever since. Therefore I don't understand
    ondrew> the 4.5p1 behavior.

    ondrew> Thanks very much for any help

    ondrew> Ondra Novak

    More recent versions of OpenSSH re-exec themselves for each connection.

    --
    Richard Silverman
    res@qoxp.net


+ Reply to Thread