[openssh-commits] [openssh] 01/03: Remove RSA1 host key generation.
git+noreply at mindrot.org
git+noreply at mindrot.org
Fri Dec 1 17:15:05 AEDT 2017
This is an automated email from the git hooks/post-receive script.
dtucker pushed a commit to branch master
in repository openssh.
commit 79226e5413c5b0fda3511351a8511ff457e306d8
Author: Darren Tucker <dtucker at zip.com.au>
Date: Fri Dec 1 16:55:35 2017 +1100
Remove RSA1 host key generation.
SSH1 support is now gone, remove SSH1 key generation.
Patch from eb at emlix.com.
---
Makefile.in | 3 ---
contrib/redhat/sshd.init | 1 -
contrib/redhat/sshd.init.old | 17 -----------------
opensshd.init.in | 4 ----
4 files changed, 25 deletions(-)
diff --git a/Makefile.in b/Makefile.in
index c52ce191..2f6f9818 100644
--- a/Makefile.in
+++ b/Makefile.in
@@ -375,9 +375,6 @@ host-key: ssh-keygen$(EXEEXT)
fi
host-key-force: ssh-keygen$(EXEEXT) ssh$(EXEEXT)
- if ./ssh -Q protocol-version | grep '^1$$' >/dev/null; then \
- ./ssh-keygen -t rsa1 -f $(DESTDIR)$(sysconfdir)/ssh_host_key -N ""; \
- fi
./ssh-keygen -t dsa -f $(DESTDIR)$(sysconfdir)/ssh_host_dsa_key -N ""
./ssh-keygen -t rsa -f $(DESTDIR)$(sysconfdir)/ssh_host_rsa_key -N ""
./ssh-keygen -t ed25519 -f $(DESTDIR)$(sysconfdir)/ssh_host_ed25519_key -N ""
diff --git a/contrib/redhat/sshd.init b/contrib/redhat/sshd.init
index 40c8dfd9..8ee5fcd3 100755
--- a/contrib/redhat/sshd.init
+++ b/contrib/redhat/sshd.init
@@ -40,7 +40,6 @@ start()
# Create keys if necessary
/usr/bin/ssh-keygen -A
if [ -x /sbin/restorecon ]; then
- /sbin/restorecon /etc/ssh/ssh_host_key.pub
/sbin/restorecon /etc/ssh/ssh_host_rsa_key.pub
/sbin/restorecon /etc/ssh/ssh_host_dsa_key.pub
/sbin/restorecon /etc/ssh/ssh_host_ecdsa_key.pub
diff --git a/contrib/redhat/sshd.init.old b/contrib/redhat/sshd.init.old
index 0deb6080..8a30f7da 100755
--- a/contrib/redhat/sshd.init.old
+++ b/contrib/redhat/sshd.init.old
@@ -24,7 +24,6 @@ prog="sshd"
# Some functions to make the below more readable
KEYGEN=/usr/bin/ssh-keygen
SSHD=/usr/sbin/sshd
-RSA1_KEY=/etc/ssh/ssh_host_key
RSA_KEY=/etc/ssh/ssh_host_rsa_key
DSA_KEY=/etc/ssh/ssh_host_dsa_key
PID_FILE=/var/run/sshd.pid
@@ -61,21 +60,6 @@ my_failure() {
;;
esac
}
-do_rsa1_keygen() {
- if [ ! -s $RSA1_KEY ]; then
- echo -n "Generating SSH1 RSA host key: "
- if $KEYGEN -q -t rsa1 -f $RSA1_KEY -C '' -N '' >&/dev/null; then
- chmod 600 $RSA1_KEY
- chmod 644 $RSA1_KEY.pub
- my_success "RSA1 key generation"
- echo
- else
- my_failure "RSA1 key generation"
- echo
- exit 1
- fi
- fi
-}
do_rsa_keygen() {
if [ ! -s $RSA_KEY ]; then
echo -n "Generating SSH2 RSA host key: "
@@ -119,7 +103,6 @@ do_restart_sanity_check() {
case "$1" in
start)
# Create keys if necessary
- do_rsa1_keygen;
do_rsa_keygen;
do_dsa_keygen;
diff --git a/opensshd.init.in b/opensshd.init.in
index 3908566b..99e5a51a 100755
--- a/opensshd.init.in
+++ b/opensshd.init.in
@@ -17,7 +17,6 @@ PIDFILE=$piddir/sshd.pid
PidFile=`grep "^PidFile" ${sysconfdir}/sshd_config | tr "=" " " | awk '{print $2}'`
[ X$PidFile = X ] || PIDFILE=$PidFile
SSH_KEYGEN=$prefix/bin/ssh-keygen
-HOST_KEY_RSA1=$sysconfdir/ssh_host_key
HOST_KEY_DSA=$sysconfdir/ssh_host_dsa_key
HOST_KEY_RSA=$sysconfdir/ssh_host_rsa_key
@COMMENT_OUT_ECC at HOST_KEY_ECDSA=$sysconfdir/ssh_host_ecdsa_key
@@ -25,9 +24,6 @@ HOST_KEY_ED25519=$sysconfdir/ssh_host_ed25519_key
checkkeys() {
- at COMMENT_OUT_RSA1@ if [ ! -f $HOST_KEY_RSA1 ]; then
- at COMMENT_OUT_RSA1@ ${SSH_KEYGEN} -t rsa1 -f ${HOST_KEY_RSA1} -N ""
- at COMMENT_OUT_RSA1@ fi
if [ ! -f $HOST_KEY_DSA ]; then
${SSH_KEYGEN} -t dsa -f ${HOST_KEY_DSA} -N ""
fi
--
To stop receiving notification emails like this one, please contact
djm at mindrot.org.
More information about the openssh-commits
mailing list