Error after upgrade to 2.2-RELEASE: sshd Secure Shell Daemon doesn't start
-
After upgrading to 2.2-RELEASE PFSEnse show this error message:
[ pfSense has started creating missing SSH keys. SSH Startup will be delayed. Please note that reloading the filter rules and changes will be delayed until this operation is completed.]
In Service Status I can see that sshd Secure Shell Daemon is stop. I tryed to restart it but without success.
Now I can't login via ssh.
I generated a new certificate from System > Cert Manager but this doesn't solve the problem.
Can somebody help me?
Thank you.
-
That's not an error and you should just wait till the keys get created as noted in the message. (System > Cert Manager is totally unrelated to SSH keys.)
-
I suspected as much! But the message stay there for more than one week…
-
-
I've the same issue.
I've manually generate the missing certificates
ls -la /etc/ssh total 516 drwxr-xr-x 2 root wheel 512 Feb 7 08:54 . drwxr-xr-x 27 root wheel 4608 Feb 22 22:35 .. -rw-r--r-- 1 root wheel 242153 Jan 22 22:07 moduli -rw-r--r-- 1 root wheel 1647 Jan 22 22:07 ssh_config -rw------- 1 root wheel 668 Feb 7 08:54 ssh_host_dsa_key -rw-r--r-- 1 root wheel 612 Feb 7 08:54 ssh_host_dsa_key.pub -rw------- 1 root wheel 227 Feb 7 08:11 ssh_host_ecdsa_key -rw-r--r-- 1 root wheel 184 Feb 7 08:11 ssh_host_ecdsa_key.pub -rw------- 1 root wheel 419 Feb 7 08:12 ssh_host_ed25519_key -rw-r--r-- 1 root wheel 104 Feb 7 08:12 ssh_host_ed25519_key.pub -rw------- 1 root wheel 1675 Feb 7 08:54 ssh_host_rsa_key -rw-r--r-- 1 root wheel 404 Feb 7 08:54 ssh_host_rsa_key.pub -rw-r--r-- 1 root wheel 445 Feb 22 22:44 sshd_configbut using the start sshd command via web interface doesn't work
I've to start the server by the command
/usr/sbin/sshdAny suggestion?
Thank you in advance
-
I think you should backup your config and reinstall the box from scratch. Restore config after that.
-
SSHD not starting after upgrade due to certificate generation not completing seems to be a common issue. But can usually be resolved one way or another.
https://forum.pfsense.org/index.php?topic=87548.msg481036#msg481036
-
-
The way i solved it.
Connet to pfSense via null-modem cable and Minicom software.
Enter pfSense console.
Check ssh probelm:
/usr/sbin/sshdError messages:
Could not load host key: /etc/ssh/ssh_host_ecdsa_key Could not load host key: /etc/ssh/ssh_host_ed25519_keyGenerate new keys:
cd /etc/ssh ssh-keygen -N '' -t ecdsa -f ssh_host_ecdsa_key ssh-keygen -N '' -t ed25519 -f ssh_host_ed25519_keyStart ssh:
/usr/sbin/sshd -
Thanks orsomannaro
I was able to execute those commands via Diagnostics -> Command Prompt and got it working again.