Bug#738593: marked as done (openssh-server: changelog mis-description, ... upgrades create ed25519 host keys as well)

Tue, 11 Feb 2014 03:27:31 -0800 

Your message dated Tue, 11 Feb 2014 11:22:29 +0000
with message-id <[email protected]>
and subject line Re: Bug#738593: openssh-server: changelog mis-description, ... 
upgrades create ed25519 host keys as well
has caused the Debian Bug report #738593,
regarding openssh-server: changelog mis-description, ... upgrades create 
ed25519 host keys as well
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
738593: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=738593
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message --- 
Package: openssh-server
Version: 1:6.5p1-1
Severity: minor


Hi.

As far as I'd understand the changelog entry
  * Generate ED25519 host keys on fresh installations.  Upgraders who wish
    to add such host keys should manually add 'HostKey
    /etc/ssh/ssh_host_ed25519_key' to /etc/ssh/sshd_config and run
    'ssh-keygen -q -f /etc/ssh/ssh_host_ed25519_key -N "" -t ed25519'.
for 1:6.5p1-1...

ED25519 are not created on package upgrades but only fresh installations.

This does not seem to be the case (I'm generally unsure whether I like
the idea of automatically created keys... since this may also happen in
low entropy situations)... anyway... perhaps that should be corrected ;-)


Cheers,
Chris.

--- End Message ---
--- Begin Message --- 
On Tue, Feb 11, 2014 at 01:26:29AM +0100, Christoph Anton Mitterer wrote:
> As far as I'd understand the changelog entry
>   * Generate ED25519 host keys on fresh installations.  Upgraders who wish
>     to add such host keys should manually add 'HostKey
>     /etc/ssh/ssh_host_ed25519_key' to /etc/ssh/sshd_config and run
>     'ssh-keygen -q -f /etc/ssh/ssh_host_ed25519_key -N "" -t ed25519'.
> for 1:6.5p1-1...
> 
> ED25519 are not created on package upgrades but only fresh installations.
> 
> This does not seem to be the case

Actually, no, I just tested this properly (my first test was buggy) and
the changelog is accurate.  The postinst only creates the ED25519 host
key if "HostKey /etc/ssh/ssh_host_ed25519_key" is already present in
sshd_config, which won't normally be the case on upgrade.

Cheers,

-- 
Colin Watson                                       [[email protected]]

--- End Message ---

Reply via email to