diff options
| author | Colin Watson <cjwatson@debian.org> | 2017-01-16 13:53:04 +0000 |
|---|---|---|
| committer | Colin Watson <cjwatson@debian.org> | 2017-10-04 13:54:48 +0100 |
| commit | 922f3a7599d03234b6bb2ffb22a33624e7cf1953 (patch) | |
| tree | 02ddd5fff1b052ae44e3abe85a1eb2651ece4850 /servconf.c | |
| parent | 4847e512c0b94c615b838904a5f139a761bee284 (diff) | |
Remove ssh_host_dsa_key from HostKey default
The client no longer accepts DSA host keys, and servers using the
default HostKey setting should have better host keys available.
Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=2662
Bug-Debian: https://bugs.debian.org/850614
Last-Update: 2017-01-16
Patch-Name: no-dsa-host-key-by-default.patch
Diffstat (limited to 'servconf.c')
| -rw-r--r-- | servconf.c | 2 |
1 files changed, 0 insertions, 2 deletions
diff --git a/servconf.c b/servconf.c index b01464059..5e996cf8f 100644 --- a/servconf.c +++ b/servconf.c | |||
| @@ -205,8 +205,6 @@ fill_default_server_options(ServerOptions *options) | |||
| 205 | /* fill default hostkeys for protocols */ | 205 | /* fill default hostkeys for protocols */ |
| 206 | options->host_key_files[options->num_host_key_files++] = | 206 | options->host_key_files[options->num_host_key_files++] = |
| 207 | _PATH_HOST_RSA_KEY_FILE; | 207 | _PATH_HOST_RSA_KEY_FILE; |
| 208 | options->host_key_files[options->num_host_key_files++] = | ||
| 209 | _PATH_HOST_DSA_KEY_FILE; | ||
| 210 | #ifdef OPENSSL_HAS_ECC | 208 | #ifdef OPENSSL_HAS_ECC |
| 211 | options->host_key_files[options->num_host_key_files++] = | 209 | options->host_key_files[options->num_host_key_files++] = |
| 212 | _PATH_HOST_ECDSA_KEY_FILE; | 210 | _PATH_HOST_ECDSA_KEY_FILE; |