public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

ssh: deprecate use of old DSA keys

Browse Source 
They are not safe and shouldn't be used.
This commit is contained in:
Peter Hoeg 2016-10-06 14:37:38 +08:00 committed by Peter Hoeg
parent 2fdfefa2da
commit 65b73d71cb
1 changed files with 2 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
nixos/modules/services/networking/ssh/sshd.nix
View File

@ -363,12 +363,9 @@ in
HostKey ${k.path} HostKey ${k.path}
'')} '')}
# Allow DSA client keys for now. (These were deprecated
# in OpenSSH 7.0.)
PubkeyAcceptedKeyTypes +ssh-dss
# Re-enable DSA host keys for now.
${optionalString supportOldHostKeys '' ${optionalString supportOldHostKeys ''
# Allow DSA keys for now. (deprecated in OpenSSH 7.0)
PubkeyAcceptedKeyTypes +ssh-dss
HostKeyAlgorithms +ssh-dss HostKeyAlgorithms +ssh-dss
''} ''}
''; '';