From 3a6784c065ca6513444f81d073874ff8118c6380 Mon Sep 17 00:00:00 2001 From: Arne Fitzenreiter Date: Sat, 24 Oct 2015 12:07:29 +0200 Subject: [PATCH] ssh: preferre ecdsa cipher again. Previous we had not configured it so the ssh default order was used. Now we define it to disable dsa so we had to give the correct order but in the example cfg rsa is prefered. Signed-off-by: Arne Fitzenreiter --- config/rootfiles/core/94/update.sh | 7 ++++--- lfs/openssh | 7 ++++--- 2 files changed, 8 insertions(+), 6 deletions(-) diff --git a/config/rootfiles/core/94/update.sh b/config/rootfiles/core/94/update.sh index a9c24a5f83..99aa04659c 100644 --- a/config/rootfiles/core/94/update.sh +++ b/config/rootfiles/core/94/update.sh @@ -48,9 +48,10 @@ telinit u # Update SSH configuration sed -i /etc/ssh/sshd_config \ -e 's/^#PermitRootLogin yes$/PermitRootLogin yes/' \ - -e 's|^#\?HostKey /etc/ssh/ssh_host_rsa_key$|HostKey /etc/ssh/ssh_host_rsa_key|' \ - -e 's|^#\?HostKey /etc/ssh/ssh_host_ecdsa_key$|HostKey /etc/ssh/ssh_host_ecdsa_key|' \ - -e 's|^#\?HostKey /etc/ssh/ssh_host_ed25519_key$|HostKey /etc/ssh/ssh_host_ed25519_key|' \ + -e 's|^#\?HostKey /etc/ssh/ssh_host_dsa_key$||' \ + -e 's|^#\?HostKey /etc/ssh/ssh_host_ecdsa_key$||' \ + -e 's|^#\?HostKey /etc/ssh/ssh_host_ed25519_key$||' \ + -e 's|^#\?HostKey /etc/ssh/ssh_host_rsa_key$|HostKey /etc/ssh/ssh_host_ecdsa_key\nHostKey /etc/ssh/ssh_host_ed25519_key\nHostKey /etc/ssh/ssh_host_rsa_key|' \ # Move away old and unsupported keys mv -f /etc/ssh/ssh_host_dsa_key{,.old} diff --git a/lfs/openssh b/lfs/openssh index 1178d6ff06..0bba1ecd9c 100644 --- a/lfs/openssh +++ b/lfs/openssh @@ -91,9 +91,10 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) -e 's/^#\?LogLevel INFO .*$$/LogLevel INFO/' \ -e 's/^#\?AllowTcpForwarding .*$$/AllowTcpForwarding no/' \ -e 's/^#\?PermitRootLogin .*$$/PermitRootLogin yes/' \ - -e 's|^#\?HostKey /etc/ssh/ssh_host_rsa_key$$|HostKey /etc/ssh/ssh_host_rsa_key|' \ - -e 's|^#\?HostKey /etc/ssh/ssh_host_ecdsa_key$$|HostKey /etc/ssh/ssh_host_ecdsa_key|' \ - -e 's|^#\?HostKey /etc/ssh/ssh_host_ed25519_key$$|HostKey /etc/ssh/ssh_host_ed25519_key|' \ + -e 's|^#\?HostKey /etc/ssh/ssh_host_dsa_key$$||' \ + -e 's|^#\?HostKey /etc/ssh/ssh_host_ecdsa_key$$||' \ + -e 's|^#\?HostKey /etc/ssh/ssh_host_ed25519_key$$||' \ + -e 's|^#\?HostKey /etc/ssh/ssh_host_rsa_key$$|HostKey /etc/ssh/ssh_host_ecdsa_key\nHostKey /etc/ssh/ssh_host_ed25519_key\nHostKey /etc/ssh/ssh_host_rsa_key|' \ /etc/ssh/sshd_config @rm -rf $(DIR_APP) @$(POSTBUILD) -- 2.39.5