From 417f561eac9f391661ad23a27f1d711f56566176 Mon Sep 17 00:00:00 2001 From: Colin Watson Date: Mon, 16 Jan 2017 13:53:04 +0000 Subject: Remove ssh_host_dsa_key from HostKey default The client no longer accepts DSA host keys, and servers using the default HostKey setting should have better host keys available. Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=2662 Bug-Debian: https://bugs.debian.org/850614 Last-Update: 2017-01-16 Patch-Name: no-dsa-host-key-by-default.patch --- servconf.c | 2 -- 1 file changed, 2 deletions(-) (limited to 'servconf.c') diff --git a/servconf.c b/servconf.c index a391cf4b2..1a7a5f182 100644 --- a/servconf.c +++ b/servconf.c @@ -204,8 +204,6 @@ fill_default_server_options(ServerOptions *options) /* fill default hostkeys for protocols */ options->host_key_files[options->num_host_key_files++] = _PATH_HOST_RSA_KEY_FILE; - options->host_key_files[options->num_host_key_files++] = - _PATH_HOST_DSA_KEY_FILE; #ifdef OPENSSL_HAS_ECC options->host_key_files[options->num_host_key_files++] = _PATH_HOST_ECDSA_KEY_FILE; -- cgit v1.2.3