- (djm) [contrib/caldera/ssh-host-keygen contrib/suse/rc.sshd]

Make example scripts generate keys with default sizes rather than fixed, non-default 1024 bits; patch from imorgan AT nas.nasa.gov
author: Damien Miller <djm@mindrot.org> 2008-11-03 20:16:01 +1100
committer: Damien Miller <djm@mindrot.org> 2008-11-03 20:16:01 +1100
commit: 85dec7346395fcc14887a8cff91b81dc4d2e5304 (patch)
tree: 4bdabab72507a1a82e1b17704518d517721d797e
parent: f4b39538f45a6d8487fff3cf6b9e80e1293da06d (diff)
3 files changed, 12 insertions, 9 deletions
diff --git a/ChangeLog b/ChangeLog
index f581613d3..d2f3b1841 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -106,6 +106,9 @@
   - stevesk@cvs.openbsd.org 2008/11/03 02:44:41
     [readconf.c]
     fix comment
+ - (djm) [contrib/caldera/ssh-host-keygen contrib/suse/rc.sshd]
+   Make example scripts generate keys with default sizes rather than fixed,
+   non-default 1024 bits; patch from imorgan AT nas.nasa.gov
 20080906
 - (dtucker) [config.guess config.sub] Update to latest versions from
@@ -4840,4 +4843,4 @@
   OpenServer 6 and add osr5bigcrypt support so when someone migrates
   passwords between UnixWare and OpenServer they will still work. OK dtucker@
-$Id: ChangeLog,v 1.5125 2008/11/03 08:28:21 djm Exp $
+$Id: ChangeLog,v 1.5126 2008/11/03 09:16:01 djm Exp $
diff --git a/contrib/caldera/ssh-host-keygen b/contrib/caldera/ssh-host-keygen
index 3c5c17182..86382ddfb 100755
--- a/contrib/caldera/ssh-host-keygen
+++ b/contrib/caldera/ssh-host-keygen
@@ -1,6 +1,6 @@
 #! /bin/sh
 #
-# $Id: ssh-host-keygen,v 1.2 2003/11/21 12:48:57 djm Exp $
+# $Id: ssh-host-keygen,v 1.3 2008/11/03 09:16:01 djm Exp $
 #
 # This script is normally run only *once* for a given host
 # (in a given period of time) -- on updates/upgrades/recovery
@@ -15,16 +15,16 @@ if [ -f $keydir/ssh_host_key -o \
             -f $keydir/ssh_host_key.pub ]; then
  echo "You already have an SSH1 RSA host key in $keydir/ssh_host_key."
 else
-  echo "Generating 1024 bit SSH1 RSA host key."
+  echo "Generating SSH1 RSA host key."
-  $keygen -b 1024 -t rsa1 -f $keydir/ssh_host_key -C '' -N ''
+  $keygen -t rsa1 -f $keydir/ssh_host_key -C '' -N ''
 fi
 if [ -f $keydir/ssh_host_rsa_key -o \
             -f $keydir/ssh_host_rsa_key.pub ]; then
  echo "You already have an SSH2 RSA host key in $keydir/ssh_host_rsa_key."
 else
-  echo "Generating 1024 bit SSH2 RSA host key."
+  echo "Generating SSH2 RSA host key."
-  $keygen -b 1024 -t rsa -f $keydir/ssh_host_rsa_key -C '' -N ''
+  $keygen -t rsa -f $keydir/ssh_host_rsa_key -C '' -N ''
 fi
 if [ -f $keydir/ssh_host_dsa_key -o \
diff --git a/contrib/suse/rc.sshd b/contrib/suse/rc.sshd
index 573960bfa..4d4880d7e 100644
--- a/contrib/suse/rc.sshd
+++ b/contrib/suse/rc.sshd
@@ -45,17 +45,17 @@ case "$1" in
    start)
        if ! test -f /etc/ssh/ssh_host_key ; then
            echo Generating /etc/ssh/ssh_host_key.
-            ssh-keygen -t rsa1 -b 1024 -f /etc/ssh/ssh_host_key -N ''
+            ssh-keygen -t rsa1 -f /etc/ssh/ssh_host_key -N ''
        fi
        if ! test -f /etc/ssh/ssh_host_dsa_key ; then
            echo Generating /etc/ssh/ssh_host_dsa_key.
            
-            ssh-keygen -t dsa -b 1024 -f /etc/ssh/ssh_host_dsa_key -N ''
+            ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key -N ''
        fi
        if ! test -f /etc/ssh/ssh_host_rsa_key ; then
            echo Generating /etc/ssh/ssh_host_rsa_key.
            
-            ssh-keygen -t rsa -b 1024 -f /etc/ssh/ssh_host_rsa_key -N ''
+            ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key -N ''
        fi
        echo -n "Starting SSH daemon"
        ## Start daemon with startproc(8). If this fails
author	Damien Miller <djm@mindrot.org>	2008-11-03 20:16:01 +1100
committer	Damien Miller <djm@mindrot.org>	2008-11-03 20:16:01 +1100
commit	85dec7346395fcc14887a8cff91b81dc4d2e5304 (patch)
tree	4bdabab72507a1a82e1b17704518d517721d797e
parent	f4b39538f45a6d8487fff3cf6b9e80e1293da06d (diff)