tech-security archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Keys generated by "/etc/rc.d/sshd"

Greg Troxel wrote:
Adrian Portelli <> writes:

Matthias Scheler wrote:

"/etc/rc.d/sshd" still generates host keys for the SSH protocol version 1.
Would anybody object if I remove that part?

        Kind regards

Support for the SSH protocol v1 has been disabled by default in
sshd_config(5) for a while now.  However, I think it would be nice to
keep the functionality in the rc script.

I like Matthias's suggestion to stop generating v1 keys by default.

Maybe keep it, but just not do it by default ?

How about if


is yes, then it makes v1 keys, and it defaults to no, or isn't in
defaults/rc.conf at all?

Sounds good to me.


Home | Main Index | Thread Index | Old Index