diff options
Diffstat (limited to 'debian')
| -rw-r--r-- | debian/changelog | 3 | ||||
| -rw-r--r-- | debian/openssh-server.postinst | 4 | ||||
| -rw-r--r-- | debian/openssh-server.postrm | 1 |
3 files changed, 8 insertions, 0 deletions
diff --git a/debian/changelog b/debian/changelog index 84269b035..a2c0f2479 100644 --- a/debian/changelog +++ b/debian/changelog | |||
| @@ -22,6 +22,9 @@ openssh (1:5.7p1-1) UNRELEASED; urgency=low | |||
| 22 | temporary directories (closes: #357469, although only if you arrange | 22 | temporary directories (closes: #357469, although only if you arrange |
| 23 | for ssh-agent to actually see $TMPDIR since the setgid bit will cause | 23 | for ssh-agent to actually see $TMPDIR since the setgid bit will cause |
| 24 | it to be stripped off). | 24 | it to be stripped off). |
| 25 | * Generate ECDSA host keys. These will only be used on fresh | ||
| 26 | installations or if you manually add 'HostKey | ||
| 27 | /etc/ssh/ssh_host_ecdsa_key' to /etc/ssh/sshd_config. | ||
| 25 | 28 | ||
| 26 | -- Colin Watson <cjwatson@debian.org> Mon, 24 Jan 2011 12:07:24 +0000 | 29 | -- Colin Watson <cjwatson@debian.org> Mon, 24 Jan 2011 12:07:24 +0000 |
| 27 | 30 | ||
diff --git a/debian/openssh-server.postinst b/debian/openssh-server.postinst index 4ed956454..5c4c79d5c 100644 --- a/debian/openssh-server.postinst +++ b/debian/openssh-server.postinst | |||
| @@ -131,6 +131,7 @@ host_keys_required() { | |||
| 131 | if echo "$protocol" | grep 2 >/dev/null; then | 131 | if echo "$protocol" | grep 2 >/dev/null; then |
| 132 | echo /etc/ssh/ssh_host_rsa_key | 132 | echo /etc/ssh/ssh_host_rsa_key |
| 133 | echo /etc/ssh/ssh_host_dsa_key | 133 | echo /etc/ssh/ssh_host_dsa_key |
| 134 | echo /etc/ssh/ssh_host_ecdsa_key | ||
| 134 | fi | 135 | fi |
| 135 | fi | 136 | fi |
| 136 | } | 137 | } |
| @@ -166,6 +167,8 @@ create_keys() { | |||
| 166 | "$hostkeys" /etc/ssh/ssh_host_rsa_key -t rsa | 167 | "$hostkeys" /etc/ssh/ssh_host_rsa_key -t rsa |
| 167 | create_key "Creating SSH2 DSA key; this may take some time ..." \ | 168 | create_key "Creating SSH2 DSA key; this may take some time ..." \ |
| 168 | "$hostkeys" /etc/ssh/ssh_host_dsa_key -t dsa | 169 | "$hostkeys" /etc/ssh/ssh_host_dsa_key -t dsa |
| 170 | create_key "Creating SSH2 ECDSA key; this may take some time ..." \ | ||
| 171 | "$hostkeys" /etc/ssh/ssh_host_ecdsa_key -t ecdsa | ||
| 169 | } | 172 | } |
| 170 | 173 | ||
| 171 | 174 | ||
| @@ -303,6 +306,7 @@ Protocol 2 | |||
| 303 | # HostKeys for protocol version 2 | 306 | # HostKeys for protocol version 2 |
| 304 | HostKey /etc/ssh/ssh_host_rsa_key | 307 | HostKey /etc/ssh/ssh_host_rsa_key |
| 305 | HostKey /etc/ssh/ssh_host_dsa_key | 308 | HostKey /etc/ssh/ssh_host_dsa_key |
| 309 | HostKey /etc/ssh/ssh_host_ecdsa_key | ||
| 306 | #Privilege Separation is turned on for security | 310 | #Privilege Separation is turned on for security |
| 307 | UsePrivilegeSeparation yes | 311 | UsePrivilegeSeparation yes |
| 308 | 312 | ||
diff --git a/debian/openssh-server.postrm b/debian/openssh-server.postrm index 7258d5f99..655c1ae17 100644 --- a/debian/openssh-server.postrm +++ b/debian/openssh-server.postrm | |||
| @@ -48,6 +48,7 @@ case $1 in | |||
| 48 | rm -f /etc/ssh/ssh_host_key /etc/ssh/ssh_host_key.pub | 48 | rm -f /etc/ssh/ssh_host_key /etc/ssh/ssh_host_key.pub |
| 49 | rm -f /etc/ssh/ssh_host_rsa_key /etc/ssh/ssh_host_rsa_key.pub | 49 | rm -f /etc/ssh/ssh_host_rsa_key /etc/ssh/ssh_host_rsa_key.pub |
| 50 | rm -f /etc/ssh/ssh_host_dsa_key /etc/ssh/ssh_host_dsa_key.pub | 50 | rm -f /etc/ssh/ssh_host_dsa_key /etc/ssh/ssh_host_dsa_key.pub |
| 51 | rm -f /etc/ssh/ssh_host_ecdsa_key /etc/ssh/ssh_host_ecdsa_key.pub | ||
| 51 | rm -f /etc/ssh/sshd_config | 52 | rm -f /etc/ssh/sshd_config |
| 52 | rm -f /etc/ssh/sshd_not_to_be_run | 53 | rm -f /etc/ssh/sshd_not_to_be_run |
| 53 | rmdir --ignore-fail-on-non-empty /etc/ssh | 54 | rmdir --ignore-fail-on-non-empty /etc/ssh |