diff options
| author | Ermal <eri@pfsense.org> | 2013-12-05 15:13:07 +0000 |
|---|---|---|
| committer | Ermal <eri@pfsense.org> | 2013-12-05 15:13:07 +0000 |
| commit | 6363a6dec6022d6bf1ee96d1b271bc98ce31d17f (patch) | |
| tree | f2c2a54f23be1b9316d083512b769896e7be5d4f | |
| parent | b6877e065e23856adc9bebcc90db909867afea92 (diff) | |
| download | pfsense-6363a6dec6022d6bf1ee96d1b271bc98ce31d17f.zip pfsense-6363a6dec6022d6bf1ee96d1b271bc98ce31d17f.tar.gz | |
Create even elyptic curve keys
| -rwxr-xr-x | etc/sshd | 4 |
1 files changed, 3 insertions, 1 deletions
@@ -139,6 +139,7 @@ /* mop up from a badly implemented ssh keys -> cf backup */ if($config['ssh']['dsa_key'] <> "") { unset($config['ssh']['dsa_key']); + unset($config['ssh']['ecdsa_key']); unset($config['ssh']['rsa_key']); unset($config['ssh']['rsa1_key']); unset($config['ssh']['dsa']); @@ -154,7 +155,7 @@ } // Check for all needed key files. If any are missing, the keys need to be regenerated. - $files_to_check = array('ssh_host_dsa_key','ssh_host_dsa_key.pub','ssh_host_key','ssh_host_key.pub','ssh_host_rsa_key','ssh_host_rsa_key.pub'); + $files_to_check = array('ssh_host_dsa_key','ssh_host_dsa_key.pub','ssh_host_key','ssh_host_key.pub','ssh_host_rsa_key','ssh_host_rsa_key.pub', 'ssh_host_ecdsa_key', ssh_host_ecdsa_key.pub'); $generate_keys = false; foreach ($files_to_check as $f2c) { if (!file_exists("/etc/ssh/{$f2c}")) { @@ -170,6 +171,7 @@ system("/usr/bin/nice -n20 /usr/bin/ssh-keygen -t rsa1 -N '' -f $sshConfigDir/ssh_host_key"); system("/usr/bin/nice -n20 /usr/bin/ssh-keygen -t rsa -N '' -f $sshConfigDir/ssh_host_rsa_key"); system("/usr/bin/nice -n20 /usr/bin/ssh-keygen -t dsa -N '' -f $sshConfigDir/ssh_host_dsa_key"); + system("/usr/bin/nice -n20 /usr/bin/ssh-keygen -t ecdsa -N '' -f $sshConfigDir/ssh_host_ecdsa_key"); clear_subsystem_dirty('sshdkeys'); file_notice("SSH", "{$g['product_name']} has completed creating your SSH keys. SSH is now started.", "SSH Startup", ""); echo "Starting SSH... "; |
