ssh: deprecate use of old DSA keys
They are not safe and shouldn't be used.
This commit is contained in:
parent
2fdfefa2da
commit
65b73d71cb
@ -363,12 +363,9 @@ in
|
||||
HostKey ${k.path}
|
||||
'')}
|
||||
|
||||
# Allow DSA client keys for now. (These were deprecated
|
||||
# in OpenSSH 7.0.)
|
||||
PubkeyAcceptedKeyTypes +ssh-dss
|
||||
|
||||
# Re-enable DSA host keys for now.
|
||||
${optionalString supportOldHostKeys ''
|
||||
# Allow DSA keys for now. (deprecated in OpenSSH 7.0)
|
||||
PubkeyAcceptedKeyTypes +ssh-dss
|
||||
HostKeyAlgorithms +ssh-dss
|
||||
''}
|
||||
'';
|
||||
|
Loading…
Reference in New Issue
Block a user