From: Arne Fitzenreiter Date: Sat, 24 Oct 2015 10:07:29 +0000 (+0200) Subject: ssh: preferre ecdsa cipher again. X-Git-Tag: v2.17-core95~36^2 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=refs%2Fheads%2Fcore94;p=ipfire-2.x.git ssh: preferre ecdsa cipher again. Previous we had not configured it so the ssh default order was used. Now we define it to disable dsa so we had to give the correct order but in the example cfg rsa is prefered. Signed-off-by: Arne Fitzenreiter --- diff --git a/config/rootfiles/core/94/update.sh b/config/rootfiles/core/94/update.sh index a9c24a5f83..99aa04659c 100644 --- a/config/rootfiles/core/94/update.sh +++ b/config/rootfiles/core/94/update.sh @@ -48,9 +48,10 @@ telinit u # Update SSH configuration sed -i /etc/ssh/sshd_config \ -e 's/^#PermitRootLogin yes$/PermitRootLogin yes/' \ - -e 's|^#\?HostKey /etc/ssh/ssh_host_rsa_key$|HostKey /etc/ssh/ssh_host_rsa_key|' \ - -e 's|^#\?HostKey /etc/ssh/ssh_host_ecdsa_key$|HostKey /etc/ssh/ssh_host_ecdsa_key|' \ - -e 's|^#\?HostKey /etc/ssh/ssh_host_ed25519_key$|HostKey /etc/ssh/ssh_host_ed25519_key|' \ + -e 's|^#\?HostKey /etc/ssh/ssh_host_dsa_key$||' \ + -e 's|^#\?HostKey /etc/ssh/ssh_host_ecdsa_key$||' \ + -e 's|^#\?HostKey /etc/ssh/ssh_host_ed25519_key$||' \ + -e 's|^#\?HostKey /etc/ssh/ssh_host_rsa_key$|HostKey /etc/ssh/ssh_host_ecdsa_key\nHostKey /etc/ssh/ssh_host_ed25519_key\nHostKey /etc/ssh/ssh_host_rsa_key|' \ # Move away old and unsupported keys mv -f /etc/ssh/ssh_host_dsa_key{,.old} diff --git a/lfs/openssh b/lfs/openssh index 1178d6ff06..0bba1ecd9c 100644 --- a/lfs/openssh +++ b/lfs/openssh @@ -91,9 +91,10 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) -e 's/^#\?LogLevel INFO .*$$/LogLevel INFO/' \ -e 's/^#\?AllowTcpForwarding .*$$/AllowTcpForwarding no/' \ -e 's/^#\?PermitRootLogin .*$$/PermitRootLogin yes/' \ - -e 's|^#\?HostKey /etc/ssh/ssh_host_rsa_key$$|HostKey /etc/ssh/ssh_host_rsa_key|' \ - -e 's|^#\?HostKey /etc/ssh/ssh_host_ecdsa_key$$|HostKey /etc/ssh/ssh_host_ecdsa_key|' \ - -e 's|^#\?HostKey /etc/ssh/ssh_host_ed25519_key$$|HostKey /etc/ssh/ssh_host_ed25519_key|' \ + -e 's|^#\?HostKey /etc/ssh/ssh_host_dsa_key$$||' \ + -e 's|^#\?HostKey /etc/ssh/ssh_host_ecdsa_key$$||' \ + -e 's|^#\?HostKey /etc/ssh/ssh_host_ed25519_key$$||' \ + -e 's|^#\?HostKey /etc/ssh/ssh_host_rsa_key$$|HostKey /etc/ssh/ssh_host_ecdsa_key\nHostKey /etc/ssh/ssh_host_ed25519_key\nHostKey /etc/ssh/ssh_host_rsa_key|' \ /etc/ssh/sshd_config @rm -rf $(DIR_APP) @$(POSTBUILD)