Skip to content

Commit

Permalink
[security] Do not generate ssh server keys for non RSA protocols (#2718)
Browse files Browse the repository at this point in the history
  • Loading branch information
qiluo-msft authored Mar 29, 2019
1 parent 9d6bac5 commit 9c83b54
Showing 1 changed file with 2 additions and 4 deletions.
6 changes: 2 additions & 4 deletions files/sshd/host-ssh-keygen.sh
Original file line number Diff line number Diff line change
@@ -1,10 +1,8 @@
#!/bin/bash

set -e

[ -r /etc/ssh/ssh_host_rsa_key ] || {
rm -f /etc/ssh/ssh_host_*_key*
/usr/bin/ssh-keygen -t rsa -N '' -f /etc/ssh/ssh_host_rsa_key
/usr/bin/ssh-keygen -t dsa -N '' -f /etc/ssh/ssh_host_dsa_key
/usr/bin/ssh-keygen -t rsa1 -N '' -f /etc/ssh/ssh_host_key
/usr/bin/ssh-keygen -t ecdsa -N '' -f /etc/ssh/ssh_host_ecdsa_key
/usr/bin/ssh-keygen -t ed25519 -N '' -f /etc/ssh/ssh_host_ed25519_key
}

0 comments on commit 9c83b54

Please sign in to comment.