This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 2.x development tree".

The branch, master has been updated via d7b82e7ccee811b6a451522734d10bd2b6c6628d (commit) from 38b7997ffdb0b0257a6502e9e531874acd711539 (commit)

Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below.

- Log ----------------------------------------------------------------- commit d7b82e7ccee811b6a451522734d10bd2b6c6628d Author: Arne Fitzenreiter arne_f@ipfire.org Date: Thu Oct 22 13:08:27 2015 +0200

openssh: disable dsa key usage.

fixes #10934

Signed-off-by: Arne Fitzenreiter arne_f@ipfire.org

-----------------------------------------------------------------------

Summary of changes: config/rootfiles/core/94/update.sh | 5 ++++- lfs/openssh | 5 ++++- 2 files changed, 8 insertions(+), 2 deletions(-)

Difference in files: diff --git a/config/rootfiles/core/94/update.sh b/config/rootfiles/core/94/update.sh index e6f9cf1..a9c24a5 100644 --- a/config/rootfiles/core/94/update.sh +++ b/config/rootfiles/core/94/update.sh @@ -47,7 +47,10 @@ telinit u

# Update SSH configuration sed -i /etc/ssh/sshd_config \ - -e 's/^#PermitRootLogin yes$/PermitRootLogin yes/' + -e 's/^#PermitRootLogin yes$/PermitRootLogin yes/' \ + -e 's|^#?HostKey /etc/ssh/ssh_host_rsa_key$|HostKey /etc/ssh/ssh_host_rsa_key|' \ + -e 's|^#?HostKey /etc/ssh/ssh_host_ecdsa_key$|HostKey /etc/ssh/ssh_host_ecdsa_key|' \ + -e 's|^#?HostKey /etc/ssh/ssh_host_ed25519_key$|HostKey /etc/ssh/ssh_host_ed25519_key|' \

# Move away old and unsupported keys mv -f /etc/ssh/ssh_host_dsa_key{,.old} diff --git a/lfs/openssh b/lfs/openssh index 22d1de5..1178d6f 100644 --- a/lfs/openssh +++ b/lfs/openssh @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2013 IPFire Team info@ipfire.org # +# Copyright (C) 2007-2015 IPFire Team info@ipfire.org # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -91,6 +91,9 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects)) -e 's/^#?LogLevel INFO .*$$/LogLevel INFO/' \ -e 's/^#?AllowTcpForwarding .*$$/AllowTcpForwarding no/' \ -e 's/^#?PermitRootLogin .*$$/PermitRootLogin yes/' \ + -e 's|^#?HostKey /etc/ssh/ssh_host_rsa_key$$|HostKey /etc/ssh/ssh_host_rsa_key|' \ + -e 's|^#?HostKey /etc/ssh/ssh_host_ecdsa_key$$|HostKey /etc/ssh/ssh_host_ecdsa_key|' \ + -e 's|^#?HostKey /etc/ssh/ssh_host_ed25519_key$$|HostKey /etc/ssh/ssh_host_ed25519_key|' \ /etc/ssh/sshd_config @rm -rf $(DIR_APP) @$(POSTBUILD)

hooks/post-receive -- IPFire 2.x development tree