diff options
Diffstat (limited to 'debian')
-rw-r--r-- | debian/changelog | 4 | ||||
-rw-r--r-- | debian/openssh-server.postinst | 4 | ||||
-rw-r--r-- | debian/openssh-server.postrm | 1 |
3 files changed, 9 insertions, 0 deletions
diff --git a/debian/changelog b/debian/changelog index c40caf284..b195b6708 100644 --- a/debian/changelog +++ b/debian/changelog | |||
@@ -22,6 +22,10 @@ openssh (1:6.5p1-1) UNRELEASED; urgency=medium | |||
22 | login (closes: #734816). | 22 | login (closes: #734816). |
23 | * Incorporate default path changes from shadow 1:4.0.18.1-8, removing | 23 | * Incorporate default path changes from shadow 1:4.0.18.1-8, removing |
24 | /usr/bin/X11 (closes: #644521). | 24 | /usr/bin/X11 (closes: #644521). |
25 | * Generate ED25519 host keys on fresh installations. Upgraders who wish | ||
26 | to add such host keys should manually add 'HostKey | ||
27 | /etc/ssh/ssh_host_ed25519_key' to /etc/ssh/sshd_config and run | ||
28 | 'ssh-keygen -q -f /etc/ssh/ssh_host_ed25519_key -N "" -t ed25519'. | ||
25 | 29 | ||
26 | -- Colin Watson <cjwatson@debian.org> Sun, 09 Feb 2014 15:52:14 +0000 | 30 | -- Colin Watson <cjwatson@debian.org> Sun, 09 Feb 2014 15:52:14 +0000 |
27 | 31 | ||
diff --git a/debian/openssh-server.postinst b/debian/openssh-server.postinst index 54dbe13a2..91c757db5 100644 --- a/debian/openssh-server.postinst +++ b/debian/openssh-server.postinst | |||
@@ -84,6 +84,7 @@ host_keys_required() { | |||
84 | echo /etc/ssh/ssh_host_rsa_key | 84 | echo /etc/ssh/ssh_host_rsa_key |
85 | echo /etc/ssh/ssh_host_dsa_key | 85 | echo /etc/ssh/ssh_host_dsa_key |
86 | echo /etc/ssh/ssh_host_ecdsa_key | 86 | echo /etc/ssh/ssh_host_ecdsa_key |
87 | echo /etc/ssh/ssh_host_ed25519_key | ||
87 | fi | 88 | fi |
88 | fi | 89 | fi |
89 | } | 90 | } |
@@ -121,6 +122,8 @@ create_keys() { | |||
121 | "$hostkeys" /etc/ssh/ssh_host_dsa_key -t dsa | 122 | "$hostkeys" /etc/ssh/ssh_host_dsa_key -t dsa |
122 | create_key "Creating SSH2 ECDSA key; this may take some time ..." \ | 123 | create_key "Creating SSH2 ECDSA key; this may take some time ..." \ |
123 | "$hostkeys" /etc/ssh/ssh_host_ecdsa_key -t ecdsa | 124 | "$hostkeys" /etc/ssh/ssh_host_ecdsa_key -t ecdsa |
125 | create_key "Creating SSH2 ED25519 key; this may take some time ..." \ | ||
126 | "$hostkeys" /etc/ssh/ssh_host_ed25519_key -t ed25519 | ||
124 | } | 127 | } |
125 | 128 | ||
126 | 129 | ||
@@ -176,6 +179,7 @@ Protocol 2 | |||
176 | HostKey /etc/ssh/ssh_host_rsa_key | 179 | HostKey /etc/ssh/ssh_host_rsa_key |
177 | HostKey /etc/ssh/ssh_host_dsa_key | 180 | HostKey /etc/ssh/ssh_host_dsa_key |
178 | HostKey /etc/ssh/ssh_host_ecdsa_key | 181 | HostKey /etc/ssh/ssh_host_ecdsa_key |
182 | HostKey /etc/ssh/ssh_host_ed25519_key | ||
179 | #Privilege Separation is turned on for security | 183 | #Privilege Separation is turned on for security |
180 | UsePrivilegeSeparation yes | 184 | UsePrivilegeSeparation yes |
181 | 185 | ||
diff --git a/debian/openssh-server.postrm b/debian/openssh-server.postrm index 33191522b..88e28a91e 100644 --- a/debian/openssh-server.postrm +++ b/debian/openssh-server.postrm | |||
@@ -13,6 +13,7 @@ case $1 in | |||
13 | rm -f /etc/ssh/ssh_host_rsa_key /etc/ssh/ssh_host_rsa_key.pub | 13 | rm -f /etc/ssh/ssh_host_rsa_key /etc/ssh/ssh_host_rsa_key.pub |
14 | rm -f /etc/ssh/ssh_host_dsa_key /etc/ssh/ssh_host_dsa_key.pub | 14 | rm -f /etc/ssh/ssh_host_dsa_key /etc/ssh/ssh_host_dsa_key.pub |
15 | rm -f /etc/ssh/ssh_host_ecdsa_key /etc/ssh/ssh_host_ecdsa_key.pub | 15 | rm -f /etc/ssh/ssh_host_ecdsa_key /etc/ssh/ssh_host_ecdsa_key.pub |
16 | rm -f /etc/ssh/ssh_host_ed25519_key /etc/ssh/ssh_host_ed25519_key.pub | ||
16 | rm -f /etc/ssh/sshd_config | 17 | rm -f /etc/ssh/sshd_config |
17 | rm -f /etc/ssh/sshd_not_to_be_run | 18 | rm -f /etc/ssh/sshd_not_to_be_run |
18 | rmdir --ignore-fail-on-non-empty /etc/ssh | 19 | rmdir --ignore-fail-on-non-empty /etc/ssh |