Could not load host key: /etc/ssh/ssh_host_ed25519_key in /var/log/auth.log
You can generate the missing hostkey via:
ssh-keygen -A
ed25519 is a bit faster and more secure. It's not necessary and, aside from logspam, this doesn't have that much effect. You could, indeed, comment out HostKey /etc/ssh/ssh_host_ed25519_key, without much effect. But, at the same time, `ed25519 is a good host-key format to support.
Related videos on Youtube
15 : 25
06 : 51
01 : 55
03 : 54
01 : 26
17 : 23
04 : 51
01 : 25 : 55
aidan
Updated on September 18, 2022Comments
-
aidan over 1 year
I have an Ubuntu 14.04 instance running on AWS.
I was browsing the auth logs (
/var/log/auth.log*), and noticed the following line appearing:Could not load host key: /etc/ssh/ssh_host_ed25519_keyThis line appears between 1k-10k times a day, presumably due to failed hack attempts.
In researching this problem, I came up with a number of questions.
What is the effect of the absence of this key? I can still log in fine with the key provided by AWS. Is it forcing the security of my SSH connections to be downgraded? Has it been disabled on purpose because of security concerns?
I've seen some people suggest that the key wasn't generated correctly during installation, and that I need to regenerate the key with
dpkg-reconfigureorssh-keygen.Alternatively, I've also seen people recommend just commenting out the line:
HostKey /etc/ssh/ssh_host_ed25519_keyin/etc/ssh/sshd_config -
Alan almost 7 yearsAfter that, I also had to restart the ssh service: sudo service ssh restart
-
HeatfanJohn about 6 yearsI had empty files for
dsa,ecdsaanded25519that I had to delete forssh-keygen -Ato do anything
