From: Peter Wagner Date: Fri, 2 Jun 2017 23:04:27 +0000 (+0200) Subject: The earlier commit ea119211b21 removed 'dsa' as one of the ssh_host_*_key X-Git-Url: http://git.openwrt.org/?a=commitdiff_plain;h=325b7d2cd2d6e9d4903c6e7628c7c9ae0ddab564;p=feed%2Fpackages.git The earlier commit ea119211b21 removed 'dsa' as one of the ssh_host_*_key types that got generated. Problem was that it didn't remove that key as one of the paths that the server looks for by default. As a consequence, your log file might fill up with messages like: 2017-06-01T15:43:07-06:00 openwrt sshd[31929]: error: Could not load host key: /etc/ssh/ssh_host_dsa_key The patch is forunately trivial. Don't set the path for the dsa key file in the server configuration. Signed-off-by: Philip Prindeville Signed-off-by: Peter Wagner --- diff --git a/net/openssh/Makefile b/net/openssh/Makefile index f193f6e06d..202c4383e9 100644 --- a/net/openssh/Makefile +++ b/net/openssh/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=openssh PKG_VERSION:=7.5p1 -PKG_RELEASE:=1 +PKG_RELEASE:=2 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/ \ diff --git a/net/openssh/patches/900-remove-dsa-key-file-patch.patch b/net/openssh/patches/900-remove-dsa-key-file-patch.patch new file mode 100644 index 0000000000..602deda1bc --- /dev/null +++ b/net/openssh/patches/900-remove-dsa-key-file-patch.patch @@ -0,0 +1,13 @@ +--- a/servconf.c 2017-03-19 20:39:27.000000000 -0600 ++++ b/servconf.c 2017-06-01 19:12:51.338645002 -0600 +@@ -201,8 +201,10 @@ + /* fill default hostkeys for protocols */ + options->host_key_files[options->num_host_key_files++] = + _PATH_HOST_RSA_KEY_FILE; ++#if 0 + options->host_key_files[options->num_host_key_files++] = + _PATH_HOST_DSA_KEY_FILE; ++#endif + #ifdef OPENSSL_HAS_ECC + options->host_key_files[options->num_host_key_files++] = + _PATH_HOST_ECDSA_KEY_FILE;