summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--debian/README.Debian28
-rw-r--r--debian/changelog2
2 files changed, 2 insertions, 28 deletions
diff --git a/debian/README.Debian b/debian/README.Debian
index f37cce4b0..00dfea13d 100644
--- a/debian/README.Debian
+++ b/debian/README.Debian
@@ -49,34 +49,6 @@ incorrect, and feel strongly enough to want to argue about it, then
49send email to debian-ssh@lists.debian.org. I will close bug reports 49send email to debian-ssh@lists.debian.org. I will close bug reports
50claiming the default is incorrect. 50claiming the default is incorrect.
51 51
52SSH now uses protocol 2 by default
53----------------------------------
54
55This means all your keyfiles you used for protocol version 1 need to
56be re-generated. The server keys are done automatically, but for RSA
57authentication, please read the ssh-keygen manpage.
58
59If you have an automatically generated configuration file, and decide
60at a later stage that you do want to support protocol version 1 (not
61recommended, but note that the ssh client shipped with Debian potato
62only supported protocol version 1), then you need to do the following:
63
64Change /etc/ssh/sshd_config such that:
65Protocol 2
66becomes:
67Protocol 2,1
68Also add the line:
69HostKey /etc/ssh/ssh_host_key
70
71If you do not already have an RSA1 host key in /etc/ssh/ssh_host_key,
72you will need to generate one. To do so, run this command as root:
73
74 ssh-keygen -f /etc/ssh/ssh_host_key -N '' -t rsa1
75
76As of openssh-server 1:4.1p1-2, the option to support protocol version 1
77is no longer available via debconf. You must edit the configuration file
78instead.
79
80X11 Forwarding 52X11 Forwarding
81-------------- 53--------------
82 54
diff --git a/debian/changelog b/debian/changelog
index b195b6708..5dc215554 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -26,6 +26,8 @@ openssh (1:6.5p1-1) UNRELEASED; urgency=medium
26 to add such host keys should manually add 'HostKey 26 to add such host keys should manually add 'HostKey
27 /etc/ssh/ssh_host_ed25519_key' to /etc/ssh/sshd_config and run 27 /etc/ssh/ssh_host_ed25519_key' to /etc/ssh/sshd_config and run
28 'ssh-keygen -q -f /etc/ssh/ssh_host_ed25519_key -N "" -t ed25519'. 28 'ssh-keygen -q -f /etc/ssh/ssh_host_ed25519_key -N "" -t ed25519'.
29 * Drop long-obsolete "SSH now uses protocol 2 by default" section from
30 README.Debian.
29 31
30 -- Colin Watson <cjwatson@debian.org> Sun, 09 Feb 2014 15:52:14 +0000 32 -- Colin Watson <cjwatson@debian.org> Sun, 09 Feb 2014 15:52:14 +0000
31 33