ssh-keygen key generation failed

Support for security such as Firewalls and securing linux
Post Reply
dbhosttexas
Posts: 11
Joined: 2014/09/23 20:59:25

ssh-keygen key generation failed

Post by dbhosttexas » 2014/09/23 21:03:55

When I run ssh-keygen I get the following error.

rsc_generate_private_key: key generation failed.

I am running CentOS 7 64 bit patched up on VMWare Player (My wife will KILL me if I wipe Windows off the laptop!)

I have run ssh-keygen on physical boxes and KVM based VMs with no problem. I am assuming this is a VMWare related problem, but what do I need to do to fix it?

gerald_clark
Posts: 10642
Joined: 2005/08/05 15:19:54
Location: Northern Illinois, USA

Re: ssh-keygen key generation failed

Post by gerald_clark » 2014/09/24 00:26:21

One possible cause on a VM is a lack of entropy.

fabriziobertocci
Posts: 1
Joined: 2014/10/15 20:38:34

Re: ssh-keygen key generation failed

Post by fabriziobertocci » 2014/10/15 20:44:50

Had exactly the same problem. It took me a while but I found the culprit here.
Probably the real reason of the failure was related to the lack of entropy caused by low performance of the VM.

In my case my laptop have Virtualization disabled in the BIOS settings.

Check your BIOS settings, and see if you can find something related to Virtualization and enable it. Automatically VirtualBox or VMWare should take advantage of the advanced features of your CPU, then when you'll start your Linux VM it will generate correctly the keys and start sshd.

Another reason (still related) could be that your CPU does not have support for virtualization (typical on older machines). In this case there's not much you can do...

Regards,
Fabrizio

aks
Posts: 2925
Joined: 2014/09/20 11:22:14

Re: ssh-keygen key generation failed

Post by aks » 2014/10/16 17:42:57

Entropy can be generated over time with things like moving the mouse clicking things etc..

It's effectivley "randomness".

Regards

gerald_clark
Posts: 10642
Joined: 2005/08/05 15:19:54
Location: Northern Illinois, USA

Re: ssh-keygen key generation failed

Post by gerald_clark » 2014/10/16 20:24:42

But VMs don't have mice and keyboards, and the virtual interface to the host's mouse/keyboard may not generate entropy.

aks
Posts: 2925
Joined: 2014/09/20 11:22:14

Re: ssh-keygen key generation failed

Post by aks » 2014/10/17 16:30:12

All my VMs (KVM, XEN and VMware) have a mouse and keyboard attached.

gerald_clark
Posts: 10642
Joined: 2005/08/05 15:19:54
Location: Northern Illinois, USA

Re: ssh-keygen key generation failed

Post by gerald_clark » 2014/10/17 17:11:13

No, the mouse and keyboard are attached to the host.
Your VMs have a virtual interface through the host.

aks
Posts: 2925
Joined: 2014/09/20 11:22:14

Re: ssh-keygen key generation failed

Post by aks » 2014/10/18 16:53:01

Not in any of my VMs - I have virtualised keyboard and mouse controllers.

scottro
Forum Moderator
Posts: 2434
Joined: 2007/09/03 21:18:09
Location: NYC
Contact:

Re: ssh-keygen key generation failed

Post by scottro » 2014/10/18 18:33:22

Not sure if this will help, but I remember running into a similar issue (though VMs weren't involved)

http://www.howtoforge.com/helping-the-r ... bian-lenny

or something similar was what I used. (I feel as if I found the solution on an ArchLinux forum,but it had to do with rng-tools)
New users should check the FAQ and Read Me First pages

User avatar
WhatsHisName
Posts: 1546
Joined: 2005/12/19 20:21:43
Location: /earth/usa/nj

Re: ssh-keygen key generation failed

Post by WhatsHisName » 2014/10/18 20:30:31

scottro: Yes, configuring rngd to use /dev/urandom instead of /dev/hwrandom should help (see rngd manpage).

After installing either rng-utils (EL5) or rng-tools (EL6/7), you can manually run "rngd -r /dev/urandom" or insert "/sbin/rngd -r /dev/urandom" into /etc/rc.d/rc.local for a more long term fix.

Post Reply

Return to “CentOS 7 - Security Support”