Bug#864055: marked as done (bootstrap-vz: Should generate ed25519 host keys, should not generate dsa host keys)
Your message dated Fri, 06 Sep 2019 05:34:56 +0000
with message-id <[🔎] E1i66tc-0008SZ-48@fasolo.debian.org>
and subject line Bug#939485: Removed package(s) from unstable
has caused the Debian Bug report #864055,
regarding bootstrap-vz: Should generate ed25519 host keys, should not generate dsa host keys
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)
--
864055: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=864055
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: Debian BTS <submit@bugs.debian.org>
- Subject: bootstrap-vz: Should generate ed25519 host keys, should not generate dsa host keys
- From: Santiago Vila <sanvila@unex.es>
- Date: Sat, 3 Jun 2017 19:33:09 +0200 (CEST)
- Message-id: <alpine.DEB.2.20.1706031932260.11807@tulipan.isla-invisible.es>
Package: bootstrap-vz
Version: 0.9.10+20170110git-1
Tags: patch
Dear maintainer:
The host keys generated by default on new systems by openssh-server
are rsa, ecdsa and ed25519.
Since this package will be used to generate images for Debian 9,
it should ideally generate the same set of keys.
I discovered this after upgrading a GCE machine to stretch
and modifying sshd_server to be closer to the Debian 9 default.
What happened is that even if I removed the DSA keys, they were
generated again. Thanks to codesearch.debian.net it was easy
to check where this came from.
Trivial patch follows.
[ If possible, please consider a freeze exception for this ]
Thanks.
--- a/bootstrapvz/common/assets/init.d/generate-ssh-hostkeys
+++ b/bootstrapvz/common/assets/init.d/generate-ssh-hostkeys
@@ -14,23 +14,23 @@ prog=$(basename $0)
logger="logger -t $prog"
rsa_key="/etc/ssh/ssh_host_rsa_key"
-dsa_key="/etc/ssh/ssh_host_dsa_key"
+ed25519_key="/etc/ssh/ssh_host_ed25519_key"
ecdsa_key="/etc/ssh/ssh_host_ecdsa_key"
# Exit if the hostkeys already exist
-if [ -f $rsa_key -a -f $dsa_key -a -f $ecdsa_key ]; then
+if [ -f $rsa_key -a -f $ed25519_key -a -f $ecdsa_key ]; then
exit
fi
# Generate the ssh host keys
[ -f $rsa_key ] || ssh-keygen -f $rsa_key -t rsa -C 'host' -N ''
-[ -f $dsa_key ] || ssh-keygen -f $dsa_key -t dsa -C 'host' -N ''
+[ -f $ed25519_key ] || ssh-keygen -f $ed25519_key -t dsa -C 'host' -N ''
[ -f $ecdsa_key ] || ssh-keygen -f $ecdsa_key -t ecdsa -C 'host' -N ''
# Output the public keys to the console
# This allows user to get host keys securely through console log
echo "-----BEGIN SSH HOST KEY FINGERPRINTS-----" | $logger
ssh-keygen -l -f $rsa_key.pub | $logger
-ssh-keygen -l -f $dsa_key.pub | $logger
+ssh-keygen -l -f $ed25519_key.pub | $logger
ssh-keygen -l -f $ecdsa_key.pub | $logger
echo "------END SSH HOST KEY FINGERPRINTS------" | $logger
--- End Message ---
--- Begin Message ---
Version: 0.9.11+20180121git-1+rm
Dear submitter,
as the package bootstrap-vz has just been removed from the Debian archive
unstable we hereby close the associated bug reports. We are sorry
that we couldn't deal with your issue properly.
For details on the removal, please see https://bugs.debian.org/939485
The version of this package that was in Debian prior to this removal
can still be found using http://snapshot.debian.org/.
This message was generated automatically; if you believe that there is
a problem with it please contact the archive administrators by mailing
ftpmaster@ftp-master.debian.org.
Debian distribution maintenance software
pp.
Scott Kitterman (the ftpmaster behind the curtain)
--- End Message ---
Reply to: