When you start the SSH service, you are prompted could not load host key:/etc/ssh/ssh_host_rsa_key

Source: Internet
Author: User

When you enable the SSH service, you will sometimes see the following prompt:

[email protected]:~#/etc/init.d/ssh Start
* Starting OpenBSD Secure Shell server sshd
Could not load host key:/etc/ssh/ssh_host_rsa_key
Could not load host key:/etc/ssh/ssh_host_dsa_key



There are two tips for Could not load host key:/etc/ssh/ssh_host_rsa_key and Could not load host key:/etc/ssh/ssh_host_dsa_key, if you are connecting from a client is not successful when you go to the server. This is due to the need to have RSA or DSA key authentication in the SSH connection protocol. Therefore, we can use the Ssh-keygen program on the server side to generate a pair of public/private key pairs

Run the following command:


[Email protected]:/etc/ssh# ssh-keygen-t rsa-b 2048-f/etc/ssh/ssh_host_rsa_key
Generating public/private RSA key pair.
Enter passphrase (empty for no passphrase): #直接回车即可
Enter same Passphrase again:
Your identification has been saved In/etc/ssh/ssh_host_rsa_key.
Your public key has been saved in/etc/ssh/ssh_host_rsa_key.pub.
The key fingerprint is:
3b:a4:b8:df:a9:15:d1:62:df:d5:d1:41:50:59:4a:96 [email protected]
The key ' s Randomart image is:
+--[RSA 2048]----+
| .***|
|   . oe+o|
|   + . O. |
| . + .   . |
| S.    . |
| . o O |
| . . +        |
| . o O |
| .. o.o |
+-----------------+


In the Ssh-keygen command above, the-t option indicates the type of encryption used to generate the key, the RSA is selected, and the-B option represents the bit, followed by an integer that represents the number of encrypted bits, the higher the value, the higher the encryption strength; the-f option followed by the key file name to be generated. According to the Sshd_config configuration file under the/etc/ssh directory, the RSA key default identification file name is Ssh_host_rsa_key.

After the command executes successfully, you will see two files generated under/etc/ssh: Ssh_host_rsa_key and Ssh_host_rsa_key.pub, which is the private key and the second is the public key. In this way, when the connection with Putty, the first will be prompted to the server side of the encryption fingerprint has been modified, if the trust point Yes to continue, otherwise disconnected, here is of course choose to trust Yes. Thereafter, the client encrypts the data with the public key and sends it to the server, and the server decrypts it with the private key after it receives the data.

When you start the SSH service, you are prompted could not load host key:/etc/ssh/ssh_host_rsa_key

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.