Disable DSA ssh keys by default

[zeripath]

OpenSSH has disabled DSA keys since version 7.0

DSA keys are considered insecure - we should therefore disable these by default. This means we need to turn on minimum key size checks by default too.

Fix #11417

Signed-off-by: Andrew Thornton [email protected]

[zeripath]

We could just go even further and disable DSA keys by default for Gitea

[codecov-io]

Codecov Report

Merging #13056 into master will increase coverage by 0.03%.
The diff coverage is 100.00%.

@@            Coverage Diff             @@
##           master   #13056      +/-   ##
==========================================
+ Coverage   42.59%   42.63%   +0.03%     
==========================================
  Files         672      672              
  Lines       73785    73787       +2     
==========================================
+ Hits        31428    31458      +30     
+ Misses      37260    37233      -27     
+ Partials     5097     5096       -1     

Impacted Files	Coverage Δ
modules/setting/setting.go	47.61% <100.00%> (ø)
modules/queue/unique_queue_disk_channel.go	53.84% <0.00%> (-1.54%)	⬇️
models/error.go	34.85% <0.00%> (+0.50%)	⬆️
modules/git/repo.go	46.70% <0.00%> (+0.50%)	⬆️
cmd/serv.go	2.72% <0.00%> (+0.65%)	⬆️
modules/log/event.go	58.96% <0.00%> (+1.41%)	⬆️
models/ssh_key.go	54.32% <0.00%> (+1.94%)	⬆️
modules/git/utils.go	77.04% <0.00%> (+3.27%)	⬆️
modules/indexer/stats/queue.go	76.47% <0.00%> (+11.76%)	⬆️
modules/log/console.go	66.66% <0.00%> (+13.88%)	⬆️
... and 1 more

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update d492422...390c528. Read the comment docs.

[CirnoT]

Tests need updating TestAddReadOnlyDeployKey