Public bug reported:
openssh (1:6.5p1-1) unstable; urgency=medium
...
* Generate ED25519 host keys on fresh installations. Upgraders who wish
to add such host keys should manually add 'HostKey
/etc/ssh/ssh_host_ed25519_key' to /etc/ssh/sshd_config and run
'ssh-keygen -q -f /etc/ssh/ssh_host_ed25519_key -N "" -t ed25519'.
...
-- Colin Watson <cjwat...@debian.org> Mon, 10 Feb 2014 14:58:26 +0000
Most users and many administrators are not going to notice the new host
key capabilities when it is buried in a changelog. We should at least
give them a obvious hint about it.
Even better would be to prompt the user to generate the keys with a
debconf question like was recently done with the "Change to
"PermitRootLogin without-password"".
I would like to label this as a security vulnerability, but that may be
a bit over the top, it would be a security improvement!
** Affects: openssh (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1300133
Title:
Generate ED25519 host keys on upgrade
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1300133/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
