summaryrefslogtreecommitdiff
path: root/sshd_config.5
diff options
context:
space:
mode:
authorColin Watson <cjwatson@debian.org>2017-01-16 13:53:04 +0000
committerColin Watson <cjwatson@debian.org>2017-03-29 15:32:34 +0100
commit417f561eac9f391661ad23a27f1d711f56566176 (patch)
tree5c722506f7578027cdd1c1e2454d3cc629d5864a /sshd_config.5
parentc210daa1ae77904f57478315e75af3f82a5d69f2 (diff)
Remove ssh_host_dsa_key from HostKey default
The client no longer accepts DSA host keys, and servers using the default HostKey setting should have better host keys available. Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=2662 Bug-Debian: https://bugs.debian.org/850614 Last-Update: 2017-01-16 Patch-Name: no-dsa-host-key-by-default.patch
Diffstat (limited to 'sshd_config.5')
-rw-r--r--sshd_config.57
1 files changed, 3 insertions, 4 deletions
diff --git a/sshd_config.5 b/sshd_config.5
index cc5d9fb0a..0747cc8b5 100644
--- a/sshd_config.5
+++ b/sshd_config.5
@@ -741,11 +741,10 @@ is not to load any certificates.
741Specifies a file containing a private host key 741Specifies a file containing a private host key
742used by SSH. 742used by SSH.
743The defaults are 743The defaults are
744.Pa /etc/ssh/ssh_host_dsa_key , 744.Pa /etc/ssh/ssh_host_rsa_key ,
745.Pa /etc/ssh/ssh_host_ecdsa_key , 745.Pa /etc/ssh/ssh_host_ecdsa_key
746.Pa /etc/ssh/ssh_host_ed25519_key
747and 746and
748.Pa /etc/ssh/ssh_host_rsa_key . 747.Pa /etc/ssh/ssh_host_ed25519_key .
749.Pp 748.Pp
750Note that 749Note that
751.Xr sshd 8 750.Xr sshd 8