From owner-freebsd-ports@FreeBSD.ORG Sun Jun 24 17:17:58 2012 Return-Path: Delivered-To: ports@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 466881065672 for ; Sun, 24 Jun 2012 17:17:58 +0000 (UTC) (envelope-from jhellenthal@dataix.net) Received: from mail-ob0-f182.google.com (mail-ob0-f182.google.com [209.85.214.182]) by mx1.freebsd.org (Postfix) with ESMTP id EC8648FC0A for ; Sun, 24 Jun 2012 17:17:57 +0000 (UTC) Received: by obbun3 with SMTP id un3so6611475obb.13 for ; Sun, 24 Jun 2012 10:17:57 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=dataix.net; s=rsa; h=date:from:to:subject:message-id:mime-version:content-type :content-disposition; bh=boEXU8LtM//mYlmG4XY4XuLVutlFj2JCdCOEZH/0M20=; b=KXHuHmAGgzxT1JdNBGFcMw6IZG8NoOQrcc0eQnqO31B063Th1zQyK0A6lOoMskCU/F qtbqd8jOiZHLsZ+o+YK8CuzpSwymeeExheggBWRXq4lR+ZA91K4k6XCspvqA5rE5wFIo Tln3y+NiS0cEIo6chFtOBqajk26+DHDyOfSRI= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=date:from:to:subject:message-id:mime-version:content-type :content-disposition:x-gm-message-state; bh=boEXU8LtM//mYlmG4XY4XuLVutlFj2JCdCOEZH/0M20=; b=fyBaz6GDpkkDmVZ952SUo04iBwgwnDkR4iLMiOyZPYgOX6iBXt1OzVlUzUJNEuOkxs jzF47+gGV6uEGjZQVlGUq+xpWjdh5oVkF06lvGNPBmhk/FjpCBqR0KK3O8XcW3Opn/9H OWsNg0oBZfguV58HyQ+GIOjVFqdXrD5Z3wE5zwfzG8RC2SH5DGoB5dVQsBM8o7HQ4/Vp orFULpj55nOT3VTAE5A5ZLLSFxn+i/cnqjtRd/aVq58xJ1iyFAGVh+rGIuPOPdMiSsS1 CHvLOqIe377qIqaH1Vz3lcVZUDj+UlpowP3aGNJq923Qfwqc8BULDJ8IQgkP2zEU5sJ5 YLLg== Received: by 10.50.237.34 with SMTP id uz2mr6407236igc.19.1340558276921; Sun, 24 Jun 2012 10:17:56 -0700 (PDT) Received: from DataIX.net (75-128-120-86.dhcp.aldl.mi.charter.com. [75.128.120.86]) by mx.google.com with ESMTPS id k6sm4484955igz.9.2012.06.24.10.17.56 (version=TLSv1/SSLv3 cipher=OTHER); Sun, 24 Jun 2012 10:17:56 -0700 (PDT) Received: from DataIX.net (localhost [127.0.0.1]) by DataIX.net (8.14.5/8.14.5) with ESMTP id q5OHHrrV015845 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Sun, 24 Jun 2012 13:17:54 -0400 (EDT) (envelope-from jhellenthal@DataIX.net) Received: (from jh@localhost) by DataIX.net (8.14.5/8.14.5/Submit) id q5OHHrt5015844 for ports@freebsd.org; Sun, 24 Jun 2012 13:17:53 -0400 (EDT) (envelope-from jhellenthal@DataIX.net) Date: Sun, 24 Jun 2012 13:17:53 -0400 From: "J. Hellenthal" To: ports@freebsd.org Message-ID: <20120624171753.GA15646@DataIX.net> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="6TrnltStXW4iwmi0" Content-Disposition: inline X-Gm-Message-State: ALoCoQlGGjsOUfWthlUBc/vP4sXafB+blI0XGaaDtZ6Beh1aLSIjA40hLzm9NNGa6GjLhyP6swJN Cc: Subject: security/openssh-portable line # 82 of rc.d/openssh generates DSA not ECDSA X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 24 Jun 2012 17:17:58 -0000 --6TrnltStXW4iwmi0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable As stated in the subject if [ -f /usr/local/etc/ssh/ssh_host_ecdsa_key ]; then echo "You already have a Elliptic Curve DSA host key" \ "in /usr/local/etc/ssh/ssh_host_ecdsa_key" echo "Skipping protocol version 2 Elliptic Curve DSA Key Generation" else /usr/local/bin/ssh-keygen -t dsa \ -f /usr/local/etc/ssh/ssh_host_ecdsa_key -N '' fi Specifically "/usr/local/bin/ssh-keygen -t dsa" needs to be changed to "-t ecdsa" to be correct. Otherwise we are just reimplementing a DSA key in a different file. --=20 - (2^(N-1)) --6TrnltStXW4iwmi0 Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- iQEcBAEBAgAGBQJP50vAAAoJEBSh2Dr1DU7WrZoIALC0hNyqIiwAW6LKuUPzicOm pdtsghw/AO20K0oovp1GHS6roYIoFO6hMo96HzM1OzX3AnNKRMvLUrgnONTtaY7a OC+JYfUaQOUVx7get7xRGJByIR/Jt7d84a+wQjaR9G5X545q4v1xiR/Gxx3o447K Js0XpBHIrH5j4zEo7mPohBd0mYwBppUPAlwkGjagCd9l8hPurnA3jSuDbOd7USGO kD1PJz76rn5mXgBkH7QDumhgRwHcY5j+k63/luUdC2shHLsTQKx1oUWVYLvpZVNs gvvA2g4yHHTeKVlC6nn3XOzneq+sMyODHaoD0sQgq0DwQcx8s0GhTa34faaaiMg= =4N8M -----END PGP SIGNATURE----- --6TrnltStXW4iwmi0--