Mailinglist Archive: opensuse-bugs (5344 mails)
| < Previous | Next > |
[Bug 281228] /etc/init.d/sshd has hardcoded ssh_host_keys
- From: bugzilla_noreply@xxxxxxxxxx
- Date: Wed, 6 Jun 2007 09:35:54 -0600 (MDT)
- Message-id: <20070606153554.7AAD5EE4@xxxxxxxxxxxxxxxxxxxxxx>
https://bugzilla.novell.com/show_bug.cgi?id=281228
lrupp@xxxxxxxxxx changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEEDINFO |NEW
Info Provider|lrupp@xxxxxxxxxx |
------- Comment #2 from lrupp@xxxxxxxxxx 2007-06-06 09:35 MST -------
> Why do you think functionality like this is neccessary, why would anyone change
> the location of a hostkey (without changing location of other config files
> because then we cannot help him anyway)?
Because changing the location of a hostkey is _explicit_ allowed - otherwise we
don't need this variables in the config file at all, do we? I just don't see a
problem confusing a customer with creating keys he didn't want to use.
Creating the keys "automatically" _is_ extra complexity in the init script. So
if you want to avoid complexity, just remove this part.
Otherwise just a simple if statement can do the "magic" to fix this:
-----------------------------------------------
--- sshd.org 2007-06-06 17:19:21.000000000 +0200
+++ sshd 2007-06-06 17:30:58.000000000 +0200
@@ -43,6 +43,7 @@
case "$1" in
start)
+ if ! grep -v \# /etc/ssh/sshd_config | grep -q HostKey; then
if ! test -f /etc/ssh/ssh_host_key ; then
echo Generating /etc/ssh/ssh_host_key.
ssh-keygen -t rsa1 -b 1024 -f /etc/ssh/ssh_host_key -N ''
@@ -57,6 +58,7 @@
ssh-keygen -t rsa -b 1024 -f /etc/ssh/ssh_host_rsa_key -N ''
fi
+ fi
echo -n "Starting SSH daemon"
## Start daemon with startproc(8). If this fails
## the echo return value is set appropriate.
-----------------------------------------------
So I don't see a big problem here. ;-)
--
Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
lrupp@xxxxxxxxxx changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEEDINFO |NEW
Info Provider|lrupp@xxxxxxxxxx |
------- Comment #2 from lrupp@xxxxxxxxxx 2007-06-06 09:35 MST -------
> Why do you think functionality like this is neccessary, why would anyone change
> the location of a hostkey (without changing location of other config files
> because then we cannot help him anyway)?
Because changing the location of a hostkey is _explicit_ allowed - otherwise we
don't need this variables in the config file at all, do we? I just don't see a
problem confusing a customer with creating keys he didn't want to use.
Creating the keys "automatically" _is_ extra complexity in the init script. So
if you want to avoid complexity, just remove this part.
Otherwise just a simple if statement can do the "magic" to fix this:
-----------------------------------------------
--- sshd.org 2007-06-06 17:19:21.000000000 +0200
+++ sshd 2007-06-06 17:30:58.000000000 +0200
@@ -43,6 +43,7 @@
case "$1" in
start)
+ if ! grep -v \# /etc/ssh/sshd_config | grep -q HostKey; then
if ! test -f /etc/ssh/ssh_host_key ; then
echo Generating /etc/ssh/ssh_host_key.
ssh-keygen -t rsa1 -b 1024 -f /etc/ssh/ssh_host_key -N ''
@@ -57,6 +58,7 @@
ssh-keygen -t rsa -b 1024 -f /etc/ssh/ssh_host_rsa_key -N ''
fi
+ fi
echo -n "Starting SSH daemon"
## Start daemon with startproc(8). If this fails
## the echo return value is set appropriate.
-----------------------------------------------
So I don't see a big problem here. ;-)
--
Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
| < Previous | Next > |