summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDarren Tucker <dtucker@zip.com.au>2017-12-01 16:55:35 +1100
committerDarren Tucker <dtucker@zip.com.au>2017-12-01 16:55:35 +1100
commit79226e5413c5b0fda3511351a8511ff457e306d8 (patch)
tree07cf5dc0dbbbd03e96e6ce2bb32622569d4a4b39
parent2937dd02c572a12f33d5c334d518f6cbe0b645eb (diff)
Remove RSA1 host key generation.
SSH1 support is now gone, remove SSH1 key generation. Patch from eb at emlix.com.
Diffstat
-rw-r--r--Makefile.in3
-rwxr-xr-xcontrib/redhat/sshd.init1
-rwxr-xr-xcontrib/redhat/sshd.init.old17
-rwxr-xr-xopensshd.init.in4
4 files changed, 0 insertions, 25 deletions
diff --git a/Makefile.in b/Makefile.in
index c52ce191f..2f6f9818e 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -375,9 +375,6 @@ host-key: ssh-keygen$(EXEEXT)
375 fi 375 fi
376 376
377host-key-force: ssh-keygen$(EXEEXT) ssh$(EXEEXT) 377host-key-force: ssh-keygen$(EXEEXT) ssh$(EXEEXT)
378 if ./ssh -Q protocol-version | grep '^1$$' >/dev/null; then \
379 ./ssh-keygen -t rsa1 -f $(DESTDIR)$(sysconfdir)/ssh_host_key -N ""; \
380 fi
381 ./ssh-keygen -t dsa -f $(DESTDIR)$(sysconfdir)/ssh_host_dsa_key -N "" 378 ./ssh-keygen -t dsa -f $(DESTDIR)$(sysconfdir)/ssh_host_dsa_key -N ""
382 ./ssh-keygen -t rsa -f $(DESTDIR)$(sysconfdir)/ssh_host_rsa_key -N "" 379 ./ssh-keygen -t rsa -f $(DESTDIR)$(sysconfdir)/ssh_host_rsa_key -N ""
383 ./ssh-keygen -t ed25519 -f $(DESTDIR)$(sysconfdir)/ssh_host_ed25519_key -N "" 380 ./ssh-keygen -t ed25519 -f $(DESTDIR)$(sysconfdir)/ssh_host_ed25519_key -N ""
diff --git a/contrib/redhat/sshd.init b/contrib/redhat/sshd.init
index 40c8dfd9f..8ee5fcd3b 100755
--- a/contrib/redhat/sshd.init
+++ b/contrib/redhat/sshd.init
@@ -40,7 +40,6 @@ start()
40 # Create keys if necessary 40 # Create keys if necessary
41 /usr/bin/ssh-keygen -A 41 /usr/bin/ssh-keygen -A
42 if [ -x /sbin/restorecon ]; then 42 if [ -x /sbin/restorecon ]; then
43 /sbin/restorecon /etc/ssh/ssh_host_key.pub
44 /sbin/restorecon /etc/ssh/ssh_host_rsa_key.pub 43 /sbin/restorecon /etc/ssh/ssh_host_rsa_key.pub
45 /sbin/restorecon /etc/ssh/ssh_host_dsa_key.pub 44 /sbin/restorecon /etc/ssh/ssh_host_dsa_key.pub
46 /sbin/restorecon /etc/ssh/ssh_host_ecdsa_key.pub 45 /sbin/restorecon /etc/ssh/ssh_host_ecdsa_key.pub
diff --git a/contrib/redhat/sshd.init.old b/contrib/redhat/sshd.init.old
index 0deb6080e..8a30f7da4 100755
--- a/contrib/redhat/sshd.init.old
+++ b/contrib/redhat/sshd.init.old
@@ -24,7 +24,6 @@ prog="sshd"
24# Some functions to make the below more readable 24# Some functions to make the below more readable
25KEYGEN=/usr/bin/ssh-keygen 25KEYGEN=/usr/bin/ssh-keygen
26SSHD=/usr/sbin/sshd 26SSHD=/usr/sbin/sshd
27RSA1_KEY=/etc/ssh/ssh_host_key
28RSA_KEY=/etc/ssh/ssh_host_rsa_key 27RSA_KEY=/etc/ssh/ssh_host_rsa_key
29DSA_KEY=/etc/ssh/ssh_host_dsa_key 28DSA_KEY=/etc/ssh/ssh_host_dsa_key
30PID_FILE=/var/run/sshd.pid 29PID_FILE=/var/run/sshd.pid
@@ -61,21 +60,6 @@ my_failure() {
61 ;; 60 ;;
62 esac 61 esac
63} 62}
64do_rsa1_keygen() {
65 if [ ! -s $RSA1_KEY ]; then
66 echo -n "Generating SSH1 RSA host key: "
67 if $KEYGEN -q -t rsa1 -f $RSA1_KEY -C '' -N '' >&/dev/null; then
68 chmod 600 $RSA1_KEY
69 chmod 644 $RSA1_KEY.pub
70 my_success "RSA1 key generation"
71 echo
72 else
73 my_failure "RSA1 key generation"
74 echo
75 exit 1
76 fi
77 fi
78}
79do_rsa_keygen() { 63do_rsa_keygen() {
80 if [ ! -s $RSA_KEY ]; then 64 if [ ! -s $RSA_KEY ]; then
81 echo -n "Generating SSH2 RSA host key: " 65 echo -n "Generating SSH2 RSA host key: "
@@ -119,7 +103,6 @@ do_restart_sanity_check() {
119case "$1" in 103case "$1" in
120 start) 104 start)
121 # Create keys if necessary 105 # Create keys if necessary
122 do_rsa1_keygen;
123 do_rsa_keygen; 106 do_rsa_keygen;
124 do_dsa_keygen; 107 do_dsa_keygen;
125 108
diff --git a/opensshd.init.in b/opensshd.init.in
index 3908566b7..99e5a51ab 100755
--- a/opensshd.init.in
+++ b/opensshd.init.in
@@ -17,7 +17,6 @@ PIDFILE=$piddir/sshd.pid
17PidFile=`grep "^PidFile" ${sysconfdir}/sshd_config | tr "=" " " | awk '{print $2}'` 17PidFile=`grep "^PidFile" ${sysconfdir}/sshd_config | tr "=" " " | awk '{print $2}'`
18[ X$PidFile = X ] || PIDFILE=$PidFile 18[ X$PidFile = X ] || PIDFILE=$PidFile
19SSH_KEYGEN=$prefix/bin/ssh-keygen 19SSH_KEYGEN=$prefix/bin/ssh-keygen
20HOST_KEY_RSA1=$sysconfdir/ssh_host_key
21HOST_KEY_DSA=$sysconfdir/ssh_host_dsa_key 20HOST_KEY_DSA=$sysconfdir/ssh_host_dsa_key
22HOST_KEY_RSA=$sysconfdir/ssh_host_rsa_key 21HOST_KEY_RSA=$sysconfdir/ssh_host_rsa_key
23@COMMENT_OUT_ECC@HOST_KEY_ECDSA=$sysconfdir/ssh_host_ecdsa_key 22@COMMENT_OUT_ECC@HOST_KEY_ECDSA=$sysconfdir/ssh_host_ecdsa_key
@@ -25,9 +24,6 @@ HOST_KEY_ED25519=$sysconfdir/ssh_host_ed25519_key
25 24
26 25
27checkkeys() { 26checkkeys() {
28@COMMENT_OUT_RSA1@ if [ ! -f $HOST_KEY_RSA1 ]; then
29@COMMENT_OUT_RSA1@ ${SSH_KEYGEN} -t rsa1 -f ${HOST_KEY_RSA1} -N ""
30@COMMENT_OUT_RSA1@ fi
31 if [ ! -f $HOST_KEY_DSA ]; then 27 if [ ! -f $HOST_KEY_DSA ]; then
32 ${SSH_KEYGEN} -t dsa -f ${HOST_KEY_DSA} -N "" 28 ${SSH_KEYGEN} -t dsa -f ${HOST_KEY_DSA} -N ""
33 fi 29 fi
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-18 11:36:22 +0000