matthew/sonic-buildimage
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[security] Do not generate ssh server keys for non RSA protocols (#2718)

Browse Source
This commit is contained in:
Qi Luo 2019-03-29 15:27:33 -07:00 committed by GitHub
parent 9d6bac567b
commit 9c83b5480d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
files/sshd/host-ssh-keygen.sh
View File

@ -1,10 +1,8 @@
#!/bin/bash #!/bin/bash
set -e
[ -r /etc/ssh/ssh_host_rsa_key ] || { [ -r /etc/ssh/ssh_host_rsa_key ] || {
rm -f /etc/ssh/ssh_host_*_key* rm -f /etc/ssh/ssh_host_*_key*
/usr/bin/ssh-keygen -t rsa -N '' -f /etc/ssh/ssh_host_rsa_key /usr/bin/ssh-keygen -t rsa -N '' -f /etc/ssh/ssh_host_rsa_key
/usr/bin/ssh-keygen -t dsa -N '' -f /etc/ssh/ssh_host_dsa_key
/usr/bin/ssh-keygen -t rsa1 -N '' -f /etc/ssh/ssh_host_key
/usr/bin/ssh-keygen -t ecdsa -N '' -f /etc/ssh/ssh_host_ecdsa_key
/usr/bin/ssh-keygen -t ed25519 -N '' -f /etc/ssh/ssh_host_ed25519_key
} }