diff options
author | des <des@FreeBSD.org> | 2016-01-21 11:10:14 +0000 |
---|---|---|
committer | des <des@FreeBSD.org> | 2016-01-21 11:10:14 +0000 |
commit | 65f3eb83cda89352824870422764082e1e79ddc6 (patch) | |
tree | 68bc16f997239878563ea682628098431518c925 /crypto/openssh | |
parent | d53b167ff8aefb8979d11427b151d00ea903b1f8 (diff) | |
download | FreeBSD-src-65f3eb83cda89352824870422764082e1e79ddc6.zip FreeBSD-src-65f3eb83cda89352824870422764082e1e79ddc6.tar.gz |
Enable DSA keys by default. They were disabled in OpenSSH 6.9p1.
Noticed by: glebius
Diffstat (limited to 'crypto/openssh')
-rw-r--r-- | crypto/openssh/myproposal.h | 5 | ||||
-rw-r--r-- | crypto/openssh/ssh_config.5 | 18 | ||||
-rw-r--r-- | crypto/openssh/sshd_config.5 | 18 |
3 files changed, 28 insertions, 13 deletions
diff --git a/crypto/openssh/myproposal.h b/crypto/openssh/myproposal.h index 46e5b98..83fc943 100644 --- a/crypto/openssh/myproposal.h +++ b/crypto/openssh/myproposal.h @@ -1,4 +1,5 @@ /* $OpenBSD: myproposal.h,v 1.47 2015/07/10 06:21:53 markus Exp $ */ +/* $FreeBSD$ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. @@ -99,9 +100,11 @@ HOSTKEY_ECDSA_CERT_METHODS \ "ssh-ed25519-cert-v01@openssh.com," \ "ssh-rsa-cert-v01@openssh.com," \ + "ssh-dss-cert-v01@openssh.com," \ HOSTKEY_ECDSA_METHODS \ "ssh-ed25519," \ - "ssh-rsa" \ + "ssh-rsa," \ + "ssh-dss" /* the actual algorithms */ diff --git a/crypto/openssh/ssh_config.5 b/crypto/openssh/ssh_config.5 index 9111672..5157b87 100644 --- a/crypto/openssh/ssh_config.5 +++ b/crypto/openssh/ssh_config.5 @@ -798,8 +798,10 @@ ecdsa-sha2-nistp384-cert-v01@openssh.com, ecdsa-sha2-nistp521-cert-v01@openssh.com, ssh-ed25519-cert-v01@openssh.com, ssh-rsa-cert-v01@openssh.com, -ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, -ssh-ed25519,ssh-rsa +ssh-dss-cert-v01@openssh.com, +ecdsa-sha2-nistp256,ecdsa-sha2-nistp384, +ecdsa-sha2-nistp521,ssh-ed25519, +ssh-rsa,ssh-dss .Ed .Pp The @@ -821,8 +823,10 @@ ecdsa-sha2-nistp384-cert-v01@openssh.com, ecdsa-sha2-nistp521-cert-v01@openssh.com, ssh-ed25519-cert-v01@openssh.com, ssh-rsa-cert-v01@openssh.com, -ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, -ssh-ed25519,ssh-rsa +ssh-dss-cert-v01@openssh.com, +ecdsa-sha2-nistp256,ecdsa-sha2-nistp384, +ecdsa-sha2-nistp521,ssh-ed25519, +ssh-rsa,ssh-dss .Ed .Pp If hostkeys are known for the destination host then this default is modified @@ -1251,8 +1255,10 @@ ecdsa-sha2-nistp384-cert-v01@openssh.com, ecdsa-sha2-nistp521-cert-v01@openssh.com, ssh-ed25519-cert-v01@openssh.com, ssh-rsa-cert-v01@openssh.com, -ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, -ssh-ed25519,ssh-rsa +ssh-dss-cert-v01@openssh.com, +ecdsa-sha2-nistp256,ecdsa-sha2-nistp384, +ecdsa-sha2-nistp521,ssh-ed25519, +ssh-rsa,ssh-dss .Ed .Pp The diff --git a/crypto/openssh/sshd_config.5 b/crypto/openssh/sshd_config.5 index 2112e95..a9a0a2d 100644 --- a/crypto/openssh/sshd_config.5 +++ b/crypto/openssh/sshd_config.5 @@ -657,8 +657,10 @@ ecdsa-sha2-nistp384-cert-v01@openssh.com, ecdsa-sha2-nistp521-cert-v01@openssh.com, ssh-ed25519-cert-v01@openssh.com, ssh-rsa-cert-v01@openssh.com, -ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, -ssh-ed25519,ssh-rsa +ssh-dss-cert-v01@openssh.com, +ecdsa-sha2-nistp256,ecdsa-sha2-nistp384, +ecdsa-sha2-nistp521,ssh-ed25519, +ssh-rsa,ssh-dss .Ed .Pp The @@ -752,8 +754,10 @@ ecdsa-sha2-nistp384-cert-v01@openssh.com, ecdsa-sha2-nistp521-cert-v01@openssh.com, ssh-ed25519-cert-v01@openssh.com, ssh-rsa-cert-v01@openssh.com, -ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, -ssh-ed25519,ssh-rsa +ssh-dss-cert-v01@openssh.com, +ecdsa-sha2-nistp256,ecdsa-sha2-nistp384, +ecdsa-sha2-nistp521,ssh-ed25519, +ssh-rsa,ssh-dss .Ed .Pp The list of available key types may also be obtained using the @@ -1355,8 +1359,10 @@ ecdsa-sha2-nistp384-cert-v01@openssh.com, ecdsa-sha2-nistp521-cert-v01@openssh.com, ssh-ed25519-cert-v01@openssh.com, ssh-rsa-cert-v01@openssh.com, -ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, -ssh-ed25519,ssh-rsa +ssh-dss-cert-v01@openssh.com, +ecdsa-sha2-nistp256,ecdsa-sha2-nistp384, +ecdsa-sha2-nistp521,ssh-ed25519, +ssh-rsa,ssh-dss .Ed .Pp The |