diff options
| author | Colin Watson <cjwatson@debian.org> | 2017-01-16 13:53:04 +0000 |
|---|---|---|
| committer | Colin Watson <cjwatson@debian.org> | 2017-03-29 15:32:34 +0100 |
| commit | 417f561eac9f391661ad23a27f1d711f56566176 (patch) | |
| tree | 5c722506f7578027cdd1c1e2454d3cc629d5864a /sshd.8 | |
| parent | c210daa1ae77904f57478315e75af3f82a5d69f2 (diff) | |
Remove ssh_host_dsa_key from HostKey default
The client no longer accepts DSA host keys, and servers using the
default HostKey setting should have better host keys available.
Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=2662
Bug-Debian: https://bugs.debian.org/850614
Last-Update: 2017-01-16
Patch-Name: no-dsa-host-key-by-default.patch
Diffstat (limited to 'sshd.8')
| -rw-r--r-- | sshd.8 | 7 |
1 files changed, 3 insertions, 4 deletions
| @@ -167,11 +167,10 @@ This option must be given if | |||
| 167 | is not run as root (as the normal | 167 | is not run as root (as the normal |
| 168 | host key files are normally not readable by anyone but root). | 168 | host key files are normally not readable by anyone but root). |
| 169 | The default is | 169 | The default is |
| 170 | .Pa /etc/ssh/ssh_host_dsa_key , | 170 | .Pa /etc/ssh/ssh_host_rsa_key , |
| 171 | .Pa /etc/ssh/ssh_host_ecdsa_key , | 171 | .Pa /etc/ssh/ssh_host_ecdsa_key |
| 172 | .Pa /etc/ssh/ssh_host_ed25519_key | ||
| 173 | and | 172 | and |
| 174 | .Pa /etc/ssh/ssh_host_rsa_key . | 173 | .Pa /etc/ssh/ssh_host_ed25519_key . |
| 175 | It is possible to have multiple host key files for | 174 | It is possible to have multiple host key files for |
| 176 | the different host key algorithms. | 175 | the different host key algorithms. |
| 177 | .It Fl i | 176 | .It Fl i |