SSH Server - Failed $CRYPTO_POLICY

Hello,

One of my server it is stuck!

Code: [Select]

● sshd.service - OpenSSH server daemon
   Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled; vendor preset: enabled)
   Active: activating (auto-restart) (Result: exit-code) since Tue 2024-10-01 23:27:07 EEST; 36s ago
     Docs: man:sshd(8)
           man:sshd_config(5)
  Process: 6233 ExecStart=/usr/sbin/sshd -D $OPTIONS $CRYPTO_POLICY (code=exited, status=1/FAILURE)
 Main PID: 6233 (code=exited, status=1/FAILURE)

Oct 01 23:27:07 srv1.localhost systemd[1]: sshd.service: Main process exited, code=exited, status=1/FAILURE
Oct 01 23:27:07 srv1.localhost systemd[1]: sshd.service: Failed with result 'exit-code'.
Oct 01 23:27:07 srv1.localhost systemd[1]: Failed to start OpenSSH server daemon.

SSH Server      Failed       Report Issue

Do you get some errors associated with sshd in /var/log/messages ?

Did you modify

Code: [Select]

/etc/ssh/sshd_config recently ?

Show whole output of "systemctl status sshd.service" and "journalctl -xe".

only 22 port, from 22 to custom one..

Maybe incorrect syntax within /etc/ssh/ssd_config?
Is your custom port open in the CSF firewall?

Did you check /var/log/messages ?

Also, do you use some security addons like SELinux ? What does "sestatus" show ? Run it as root in shell.

*sestatus*: disabled


I solv the problem,

In /var/log/messages i found this log:

Failed to start OpenSSH server deamon
Unable to load host key

After that i type this command:

/usr/bin/ssh-keygen -A

RESTULT was:

ssh-keygen: generating new host key: RSA DSA ECDSA ED...

after that reboot host, and works

 

Excellent !

REMINDER (for all users): The skills "read logs" and "read docs" increases the possibility to fix the problem up to 90% )