Date: Mon, 21 May 2012 13:34:26 -0400 From: Garance A Drosehn <gad@FreeBSD.org> To: Jason Usher <jusher71@yahoo.com> Cc: freebsd-hackers@FreeBSD.org Subject: Re: Need to revert behavior of OpenSSH to the old key order ... Message-ID: <4FBA7CA2.5080703@FreeBSD.org> In-Reply-To: <1337617112.24292.YahooMailClassic@web122505.mail.ne1.yahoo.com> References: <1337617112.24292.YahooMailClassic@web122505.mail.ne1.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
I may have missed some emails in this thread, but did you
try this suggestion:
But have you tried it in this order ?
HostKey /usr/local/etc/ssh/ssh_host_key
HostKey /usr/local/etc/ssh/ssh_host_dsa_key
HostKey /usr/local/etc/ssh/ssh_host_rsa_key
HostKey /usr/local/etc/ssh/ssh_host_ecdsa_key
Which is to say, have your sshd_config file list multiple
hostkey's, and then restart sshd after making that change?
I tried a similar change and it seemed to have some effect
on what clients saw when connecting, but I can't tell if
it has the effect that you want.
-- garance
On 5/21/12 12:18 PM, Jason Usher wrote:
> Folks,
>
> Is there a better list for this - perhaps freebsd-security ?
>
> I originally posted to -hackers because it *appears* that reverting "rsa, then dsa" to "dsa, then rsa" was a simple change to myproposal.h, but since that doesn't work, and since I haven't gotten any replies here ...
>
> Thoughts ?
>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4FBA7CA2.5080703>