summaryrefslogtreecommitdiff
path: root/debian/patches/restore-authorized_keys2.patch
blob: aa6f4cc31a8fee10718c8854efd6f16bb9fd7300 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
From 58390cbd5e07df92729b794beb491f7352b26993 Mon Sep 17 00:00:00 2001
From: Colin Watson <cjwatson@debian.org>
Date: Sun, 5 Mar 2017 02:02:11 +0000
Subject: Restore reading authorized_keys2 by default

Upstream seems to intend to gradually phase this out, so don't assume
that this will remain the default forever.  However, we were late in
adopting the upstream sshd_config changes, so it makes sense to extend
the grace period.

Bug-Debian: https://bugs.debian.org/852320
Forwarded: not-needed
Last-Update: 2017-03-05

Patch-Name: restore-authorized_keys2.patch
---
 sshd_config | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/sshd_config b/sshd_config
index 459c1b230..dc0db5706 100644
--- a/sshd_config
+++ b/sshd_config
@@ -38,9 +38,8 @@ Include /etc/ssh/sshd_config.d/*.conf
 
 #PubkeyAuthentication yes
 
-# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2
-# but this is overridden so installations will only check .ssh/authorized_keys
-AuthorizedKeysFile	.ssh/authorized_keys
+# Expect .ssh/authorized_keys2 to be disregarded by default in future.
+#AuthorizedKeysFile	.ssh/authorized_keys .ssh/authorized_keys2
 
 #AuthorizedPrincipalsFile none