--- On Mon, 5/21/12, Garance A Drosehn <[email protected]> wrote: > But have you tried it in this order ? > > HostKey /usr/local/etc/ssh/ssh_host_key > HostKey > /usr/local/etc/ssh/ssh_host_dsa_key > HostKey > /usr/local/etc/ssh/ssh_host_rsa_key > HostKey > /usr/local/etc/ssh/ssh_host_ecdsa_key > > Which is to say, have your sshd_config file list multiple > hostkey's, and then restart sshd after making that change? > I tried a similar change and it seemed to have some effect > on what clients saw when connecting, but I can't tell if > it has the effect that you want.
The order of HostKey directives in sshd_config does not change the actual order. In newer implementations, RSA is provided first, no matter how you configure the sshd_config. As I mentioned before, removing RSA completely is sort of a fix, but I can't do that because some people might actually be explicitly using RSA, and they would all break. Anyone ? _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-hackers To unsubscribe, send any mail to "[email protected]"
