Skip to content

Commit

Permalink
use ECDSA instead of DSA
Browse files Browse the repository at this point in the history
  • Loading branch information
Robert Fisher committed Nov 24, 2024
1 parent 51aa299 commit 18744d0
Showing 1 changed file with 3 additions and 3 deletions.
6 changes: 3 additions & 3 deletions src/brand/ipkg/system-unconfigure
View file
Original file line number Diff line number Diff line change
Expand Up @@ -131,7 +131,7 @@ reset_ssh_config() {
|| bomb "Failed to update PermitRootLogin in $f"
fi
echo "------ Generating new ssh host keys"
for algo in rsa dsa; do
for algo in rsa ecdsa; do
[ -f $ALTROOT/etc/ssh/ssh_host_${algo}_key ] \
&& mv $ALTROOT/etc/ssh/ssh_host_${algo}_key{,.old}
[ -f $ALTROOT/etc/ssh/ssh_host_${algo}_key.pub ] \
Expand All @@ -140,8 +140,8 @@ reset_ssh_config() {
/usr/bin/ssh-keygen -q -t rsa -b 2048 -N '' -C root@unknown \
-f $ALTROOT/etc/ssh/ssh_host_rsa_key \
|| bomb "Failed to create new $ALTROOT/etc/ssh/ssh_host_rsa_key"
/usr/bin/ssh-keygen -q -t dsa -N '' -C root@unknown \
-f $ALTROOT/etc/ssh/ssh_host_dsa_key \
/usr/bin/ssh-keygen -q -t ecdsa -b 521 -N '' -C root@unknown \
-f $ALTROOT/etc/ssh/ssh_host_ecdsa_key \
|| bomb "Failed to create new $ALTROOT/etc/ssh/ssh_host_dsa_key"
rm -f $ALTROOT/etc/ssh/ssh_host_*.old \
|| bomb "Failed to remove old key files"
Expand Down

0 comments on commit 18744d0

Please sign in to comment.