diff options
| author | Colin Watson <cjwatson@debian.org> | 2017-01-16 13:53:04 +0000 |
|---|---|---|
| committer | Colin Watson <cjwatson@debian.org> | 2017-10-04 13:54:48 +0100 |
| commit | 922f3a7599d03234b6bb2ffb22a33624e7cf1953 (patch) | |
| tree | 02ddd5fff1b052ae44e3abe85a1eb2651ece4850 /sshd_config.5 | |
| parent | 4847e512c0b94c615b838904a5f139a761bee284 (diff) | |
Remove ssh_host_dsa_key from HostKey default
The client no longer accepts DSA host keys, and servers using the
default HostKey setting should have better host keys available.
Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=2662
Bug-Debian: https://bugs.debian.org/850614
Last-Update: 2017-01-16
Patch-Name: no-dsa-host-key-by-default.patch
Diffstat (limited to 'sshd_config.5')
| -rw-r--r-- | sshd_config.5 | 7 |
1 files changed, 3 insertions, 4 deletions
diff --git a/sshd_config.5 b/sshd_config.5 index 16be4f628..ef520680f 100644 --- a/sshd_config.5 +++ b/sshd_config.5 | |||
| @@ -749,11 +749,10 @@ is not to load any certificates. | |||
| 749 | Specifies a file containing a private host key | 749 | Specifies a file containing a private host key |
| 750 | used by SSH. | 750 | used by SSH. |
| 751 | The defaults are | 751 | The defaults are |
| 752 | .Pa /etc/ssh/ssh_host_dsa_key , | 752 | .Pa /etc/ssh/ssh_host_rsa_key , |
| 753 | .Pa /etc/ssh/ssh_host_ecdsa_key , | 753 | .Pa /etc/ssh/ssh_host_ecdsa_key |
| 754 | .Pa /etc/ssh/ssh_host_ed25519_key | ||
| 755 | and | 754 | and |
| 756 | .Pa /etc/ssh/ssh_host_rsa_key . | 755 | .Pa /etc/ssh/ssh_host_ed25519_key . |
| 757 | .Pp | 756 | .Pp |
| 758 | Note that | 757 | Note that |
| 759 | .Xr sshd 8 | 758 | .Xr sshd 8 |