Why Do I Get A Repeating Error Message After Setting The Password?
Prev Chapter 1. General Information Next

Why Do I Get A Repeating Error Message After Setting The Password?

Note

Starting with the 1.2.0 release of the Network Security Toolkit the nstpasswd script will perform some basic sanity checks. It will now force you to specify a different password if attempt to set a password with a invalid length or invalid characters. If you keep your passwords in the range of 6-31 characters and avoid the characters { '%', '-', '\' and '/' }, you should be OK.

We have had some users boot the Network Security Toolkit ISO, set a short (4 character password), log in, and then see a repeating sequence of error messages resembling:

Figure 1.1. Failed to Generate New DSA Key


                     Linux Network Security Toolkit (NST)
                    http://www.networksecuritytoolkit.org/
==========================(Linux Kernel: 2.4.20-31.9)==========================
Welcome to the Linux Network Security Toolkit (NST). This bootable ISO CD is
based on RedHat 9.0 Linux. The toolkit is designed to provide easy access to
best-of-breed Open Source Network Security Applications and should run on most
x86 platforms.

Default NST boot 5.0s: desktop (CDROM SCSI + USB + DHCP-Client + SSHD + HTTPD)
===============================================================================

  [<^F-1> Main] [<^F-2> Configs] [<^F-3> Options] [<^F-4> Help] [<^F-5> Specs]

HIT SPACE BAR TO DISABLE AUTO-BOOT!   NST(v1.0.6): Fri Aug 27 13:18:08 UTC 2004

boot: server NST_PCMCIA 1
Loading vmlnznst.....................
Loading initrdr9.gz.............

... lots more output as it boots ...

You have booted from the public NST ISO image.
You must now specify the root password for this NST session.
Read the FAQ or Using guide if you want to avoid this.
New NST Password: test 2
Retype new password: test
Successfully updated password for 'root' in /etc/shadow
Successfully updated password for 'root' in /etc/httpd/conf/htuser.nst
***ERROR*** failed to generate new DSA keys: '/root/.ssh/id_dsa' for user authes
***ERROR*** failed to generate new DSA keys: '/root/.ssh/id_dsa' for user authes
***ERROR*** failed to generate new DSA keys: '/root/.ssh/id_dsa' for user authes 

... The above error message repeats forever... 3

1

I specified that I wanted to boot my laptop as a server to allow me to capture the boot screen data over a serial port. Since it is a laptop, I included the NST_PCMCIA option to make sure the PCMCIA drivers will be loaded as well. NOTE: Starting with release 1.5.0, the NST_PCMCIA option is no longer required in this situation.

2

The password isn't actually echoed, I just show test here as an example of a bad password (one that is too short).

3

The error messages continue forever. You should reboot (or turn off) the machine at this point.

The short answer to this problem is to choose a password that is at least 6 characters long and to use the standard alphanumeric character sets.

The long answer is that when the Network Security Toolkit boots, it uses the nstpasswd command to set MANY different system related passwords. So, if you try to specify a password that is not long enough, or contains characters which are unacceptable to any of the associated system processes, there will be problems. Passwords that are at least 6 characters long and only contain alphanumeric characters always seem to work (you might want to try running the pwgen utility included in the Network Security Toolkit distribution for some randomly generated suggestions).

Prev Up Next
What is the password? Home How can I Avoid Setting the Password Each Time It Boots?