Hey guys, good call! yes this is a custom ssh. It's a version that has LPK capabilities (LDAP public keys) included. It is the product of an rpm built from a spec file and tarball that was patched with LPK. [root at LCENT01:~] #rpm -qa | grep ssh openssh-askpass-gnome-5.6p1-7.el5.em2 openssh-askpass-5.6p1-7.el5.em2 openssh-server-5.6p1-7.el5.em2 openssh-5.6p1-7.el5.em2 openssh-debuginfo-5.6p1-7.el5.em2 openssh-clients-5.6p1-7.el5.em2 so yes the speculation that the init script is to blame for this message is to blame for this is a good one. I'm including my init in the hopes that somebody with more experience of / knowledge of init scripts can point me in the right direction. I certainly appreciate your help here. The centos list has gotten me over some pretty brutal humps in the past. best! On Sun, Feb 20, 2011 at 5:42 PM, John R Pierce <pierce at hogranch.com> wrote: > On 02/20/11 2:36 PM, Johnny Hughes wrote: >> Also the following will help determine if you have normal centos >> packages or "something else": >> >> rpm -q initscripts openssh-server >> >> The result should look this for CentOS-5: >> >> initscripts-8.45.30-3.el5.centos >> openssh-server-4.3p2-41.el5_5.1 > > I believe that won't detect if package files have been overwritten by > 'something else'... try... > > # rpm -V initscripts openssh-server > > if all files are unmolested, there should be no output. in my case, > /etc/rc.d/rc.local has been tweaked, so I got... > > # rpm -V initscripts openssh-server > S.5....T c /etc/rc.d/rc.local > > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos > -- GPG me!! gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B -------------- next part -------------- #!/bin/bash # # Init file for OpenSSH server daemon # # chkconfig: 2345 55 25 # description: OpenSSH server daemon # # processname: sshd # config: /etc/ssh/ssh_host_key # config: /etc/ssh/ssh_host_key.pub # config: /etc/ssh/ssh_random_seed # config: /etc/ssh/sshd_config # pidfile: /var/run/sshd.pid # source function library . /etc/rc.d/init.d/functions # pull in sysconfig settings [ -f /etc/sysconfig/sshd ] && . /etc/sysconfig/sshd RETVAL=0 prog="sshd" # Some functions to make the below more readable KEYGEN=/usr/bin/ssh-keygen SSHD=/usr/sbin/sshd RSA1_KEY=/etc/ssh/ssh_host_key RSA_KEY=/etc/ssh/ssh_host_rsa_key DSA_KEY=/etc/ssh/ssh_host_dsa_key PID_FILE=/var/run/sshd.pid do_rsa1_keygen() { if [ ! -s $RSA1_KEY ]; then echo -n $"Generating SSH1 RSA host key: " if $KEYGEN -q -t rsa1 -f $RSA1_KEY -C '' -N '' >&/dev/null; then chmod 600 $RSA1_KEY chmod 644 $RSA1_KEY.pub if [ -x /sbin/restorecon ]; then /sbin/restorecon $RSA1_KEY.pub fi success $"RSA1 key generation" echo else failure $"RSA1 key generation" echo exit 1 fi fi } do_rsa_keygen() { if [ ! -s $RSA_KEY ]; then echo -n $"Generating SSH2 RSA host key: " if $KEYGEN -q -t rsa -f $RSA_KEY -C '' -N '' >&/dev/null; then chmod 600 $RSA_KEY chmod 644 $RSA_KEY.pub if [ -x /sbin/restorecon ]; then /sbin/restorecon $RSA_KEY.pub fi success $"RSA key generation" echo else failure $"RSA key generation" echo exit 1 fi fi } do_dsa_keygen() { if [ ! -s $DSA_KEY ]; then echo -n $"Generating SSH2 DSA host key: " if $KEYGEN -q -t dsa -f $DSA_KEY -C '' -N '' >&/dev/null; then chmod 600 $DSA_KEY chmod 644 $DSA_KEY.pub if [ -x /sbin/restorecon ]; then /sbin/restorecon $DSA_KEY.pub fi success $"DSA key generation" echo else failure $"DSA key generation" echo exit 1 fi fi } do_restart_sanity_check() { $SSHD -t RETVAL=$? if [ ! "$RETVAL" = 0 ]; then failure $"Configuration file or keys are invalid" echo fi } start() { # Create keys if necessary do_rsa1_keygen do_rsa_keygen do_dsa_keygen echo -n $"Starting $prog:" initlog -c "$SSHD $OPTIONS" && success || failure RETVAL=$? [ "$RETVAL" = 0 ] && touch /var/lock/subsys/sshd echo } stop() { echo -n $"Stopping $prog:" killproc $SSHD -TERM RETVAL=$? [ "$RETVAL" = 0 ] && rm -f /var/lock/subsys/sshd echo } reload() { echo -n $"Reloading $prog:" killproc $SSHD -HUP RETVAL=$? echo } case "$1" in start) start ;; stop) stop ;; restart) stop start ;; reload) reload ;; condrestart) if [ -f /var/lock/subsys/sshd ] ; then do_restart_sanity_check if [ "$RETVAL" = 0 ] ; then stop # avoid race sleep 3 start fi fi ;; status) status $SSHD RETVAL=$? ;; *) echo $"Usage: $0 {start|stop|restart|reload|condrestart|status}" RETVAL=1 esac exit $RETVAL