On Tue, Feb 11, 2014 at 01:26:29AM +0100, Christoph Anton Mitterer wrote: > As far as I'd understand the changelog entry > * Generate ED25519 host keys on fresh installations. Upgraders who wish > to add such host keys should manually add 'HostKey > /etc/ssh/ssh_host_ed25519_key' to /etc/ssh/sshd_config and run > 'ssh-keygen -q -f /etc/ssh/ssh_host_ed25519_key -N "" -t ed25519'. > for 1:6.5p1-1... > > ED25519 are not created on package upgrades but only fresh installations.
Oops, right. I'll retroactively correct the changelog. (You still need to add the HostKey entry manually on upgrades.) > This does not seem to be the case (I'm generally unsure whether I like > the idea of automatically created keys... since this may also happen in > low entropy situations)... Well, that's why I prefer to do this in the postinst rather than at boot time as some other distributions do, as I think it's much more likely that sufficient entropy will be available when installing packages. Cheers, -- Colin Watson [cjwat...@debian.org] -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org