nixos release notes: document new services.openssh.moduliFile option

2015-06-01 15:20:18 +02:00 · 2015-06-01 15:20:18 +02:00 · 789f20eba8
commit 789f20eba8
parent d4412bf6c4
1 changed files with 11 additions and 0 deletions
--- a/nixos/doc/manual/release-notes/rl-unstable.xml
+++ b/nixos/doc/manual/release-notes/rl-unstable.xml
@ -21,6 +21,17 @@
        below, in the list of backwards-incompatible changes.
      </para>
    </listitem>
+
+    <listitem>
+      <para>
+        Users running an SSH server who worry about the quality of their
+        <literal>/etc/ssh/moduli</literal> file with respect to the <link
+        xlink:href="https://stribika.github.io/2015/01/04/secure-secure-shell.html">vulnerabilities
+        discovered in the Diffie-Hellman key exchange</link> can now replace OpenSSH's
+        default version with one they generated themselves using the new
+        <literal>services.openssh.moduliFile</literal> option.
+      </para>
+    </listitem>
  </itemizedlist>

 </para>