From fcece9746ba57dc1a03a5be0367f3f0f2f219f02 Mon Sep 17 00:00:00 2001 From: Colin Watson Date: Wed, 28 Apr 2010 22:09:13 +0100 Subject: Drop IDEA key check; I don't think it works properly any more due to textual changes in error output, it's only relevant for direct upgrades from truly ancient versions, and it breaks upgrades if /etc/ssh/ssh_host_key can't be loaded (closes: #579570). --- debian/changelog | 4 ++++ debian/openssh-server.postinst | 15 --------------- 2 files changed, 4 insertions(+), 15 deletions(-) diff --git a/debian/changelog b/debian/changelog index ec6547a36..ba4da7c50 100644 --- a/debian/changelog +++ b/debian/changelog @@ -2,6 +2,10 @@ openssh (1:5.5p1-3) UNRELEASED; urgency=low * Discard error messages while checking whether rsh, rlogin, and rcp alternatives exist (closes: #579285). + * Drop IDEA key check; I don't think it works properly any more due to + textual changes in error output, it's only relevant for direct upgrades + from truly ancient versions, and it breaks upgrades if + /etc/ssh/ssh_host_key can't be loaded (closes: #579570). -- Colin Watson Mon, 26 Apr 2010 23:37:41 +0100 diff --git a/debian/openssh-server.postinst b/debian/openssh-server.postinst index d415f3f0d..325af4ef4 100644 --- a/debian/openssh-server.postinst +++ b/debian/openssh-server.postinst @@ -22,20 +22,6 @@ fix_doc_symlink() { fi } -check_idea_key() { - # check for old host_key files using IDEA, which openssh does not - # support - if [ -f /etc/ssh/ssh_host_key ] ; then - cp -a /etc/ssh/ssh_host_key /etc/ssh/ssh_host_key.check_idea - if ssh-keygen -p -N '' -f /etc/ssh/ssh_host_key.check_idea 2>&1 | \ - grep -q 'unknown cipher' 2>/dev/null; then - mv /etc/ssh/ssh_host_key /etc/ssh/ssh_host_key.old - mv /etc/ssh/ssh_host_key.pub /etc/ssh/ssh_host_key.pub.old - fi - rm -f /etc/ssh/ssh_host_key.check_idea - fi -} - get_config_option() { option="$1" @@ -465,7 +451,6 @@ commit_mv_conffile () { fix_doc_symlink create_sshdconfig -check_idea_key create_keys vulnerable_host_keys fix_statoverride -- cgit v1.2.3