Sounds good.
Creating the host keys if they are not used is something that should be
avoided imho.
--
ssh's init script should generate host keys if they're missing
https://bugs.launchpad.net/bugs/246558
You received this bug notification because you are a member of Ubuntu
Bugs, which is
How about if I key off whether GSSAPIKeyExchange is set?
E.g. extend host_keys_required like so:
hostkeys=$(get_config_option HostKey)
if [ $hostkeys ]; then
echo $hostkeys
else
if [ $(get_config_option GSSAPIKeyExchange) != yes ]
then
# No HostKey directives at all, so the
The linked branch (untested) is what I have in mind.
** Branch linked: lp:~soren/ubuntu/lucid/openssh/generate-keys-on-boot
--
ssh's init script should generate host keys if they're missing
https://bugs.launchpad.net/bugs/246558
You received this bug notification because you are a member of
How about if I key off whether GSSAPIKeyExchange is set?
E.g. extend host_keys_required like so:
hostkeys=$(get_config_option HostKey)
if [ $hostkeys ]; then
echo $hostkeys
else
if [ $(get_config_option GSSAPIKeyExchange) != yes ]
then
# No HostKey directives at all, so the
The linked branch (untested) is what I have in mind.
** Branch linked: lp:~soren/ubuntu/lucid/openssh/generate-keys-on-boot
--
ssh's init script should generate host keys if they're missing
https://bugs.launchpad.net/bugs/246558
You received this bug notification because you are a member of
** Description changed:
I imagine it's useful for other use cases as well, but for me at least
it would be very helpful if openssh-server were to generate new host
- keys none are to be found during boot. This makes it a no-brainer to
+ keys if none are found during boot. This makes it a
** Description changed:
I imagine it's useful for other use cases as well, but for me at least
it would be very helpful if openssh-server were to generate new host
- keys none are to be found during boot. This makes it a no-brainer to
+ keys if none are found during boot. This makes it a
** Changed in: openssh (Ubuntu)
Importance: Undecided = Low
** Changed in: openssh (Ubuntu)
Status: New = Confirmed
--
ssh's init script should generate host keys if they're missing
https://bugs.launchpad.net/bugs/246558
You received this bug notification because you are a member of
** Changed in: openssh (Ubuntu)
Importance: Undecided = Low
** Changed in: openssh (Ubuntu)
Status: New = Confirmed
--
ssh's init script should generate host keys if they're missing
https://bugs.launchpad.net/bugs/246558
You received this bug notification because you are a member of
Of course. Why should I keep them if I don't use them.
--
ssh's init script should generate host keys if they're missing
https://bugs.launchpad.net/bugs/246558
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to openssh in ubuntu.
--
Of course. Why should I keep them if I don't use them.
--
ssh's init script should generate host keys if they're missing
https://bugs.launchpad.net/bugs/246558
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
Björn, surely if you don't have any host keys then (ideally) you ought
to not have any HostKey configuration directives? Anyway, as noted,
Soren's patch just moves stuff over from the postinst ...
--
ssh's init script should generate host keys if they're missing
Well. It complains that it can't find any hostkeys when started (and
when logging in) but it works perfectly well without hostkeys when using
GSSAPI. As we are only allowing GSSAPI on most of our machines there is
really no need for the hostkey as the host authenticity is established
using the
openssh doesn't generate them on install? If you will use them on
GSSAPI/Kerberos you will already have host key generated on install
IIRC.
--
ssh's init script should generate host keys if they're missing
https://bugs.launchpad.net/bugs/246558
You received this bug notification because you are
Well. It complains that it can't find any hostkeys when started (and
when logging in) but it works perfectly well without hostkeys when using
GSSAPI. As we are only allowing GSSAPI on most of our machines there is
really no need for the hostkey as the host authenticity is established
using the
Attaching the patch as I originially intended it to look. I didn't know
that not having hostkeys was valid (and am still rather surprised that's
the case). Do you have an example sshd_config that doesn't use host
keys? The documentation says it has defaults for HostKey, so even if
they're not
Attaching the patch as I originially intended it to look. I didn't know
that not having hostkeys was valid (and am still rather surprised that's
the case). Do you have an example sshd_config that doesn't use host
keys? The documentation says it has defaults for HostKey, so even if
they're not
Host keys are not necessarily needed when running openssh-server, i.e
when using GSSAPI/Kerberos, and it could actually be argued that it is a
bug if they were generated automatically if not found.
Please make it configurable if you want the keys to be generated and
which keys you want to be
Host keys are not necessarily needed when running openssh-server, i.e
when using GSSAPI/Kerberos, and it could actually be argued that it is a
bug if they were generated automatically if not found.
Please make it configurable if you want the keys to be generated and
which keys you want to be
19 matches
Mail list logo
