Skip to content

Commit e0765bf

Browse files
author
Vaughn Dice
committed
ref(ssh keys): remove support for DSA
1 parent c20e962 commit e0765bf

3 files changed

Lines changed: 1 addition & 3 deletions

File tree

charts/builder/templates/builder-secret-ssh-private-keys.yaml

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -9,5 +9,4 @@ metadata:
99
type: Opaque
1010
data:
1111
ssh-host-rsa-key: "{{genPrivateKey "rsa" | b64enc}}"
12-
ssh-host-dsa-key: "{{genPrivateKey "dsa" | b64enc}}"
1312
ssh-host-ecdsa-key: "{{genPrivateKey "ecdsa" | b64enc}}"

pkg/sshd/server.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -78,7 +78,7 @@ func Configure(cnf *Config) (*ssh.ServerConfig, error) {
7878
return AuthKey(k, cnf)
7979
},
8080
}
81-
hostKeyTypes := []string{"rsa", "dsa", "ecdsa"}
81+
hostKeyTypes := []string{"rsa", "ecdsa"}
8282
pathTpl := "/var/run/secrets/deis/builder/ssh/ssh-host-%s-key"
8383
for _, t := range hostKeyTypes {
8484
path := fmt.Sprintf(pathTpl, t)

rootfs/etc/ssh/sshd_config

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,6 @@
11
Port 2223
22
Protocol 2
33
HostKey /var/run/secrets/deis/builder/ssh/ssh-host-rsa-key
4-
HostKey /var/run/secrets/deis/builder/ssh/ssh-host-dsa-key
54
HostKey /var/run/secrets/deis/builder/ssh/ssh-host-ecdsa-key
65
UsePrivilegeSeparation yes
76
KeyRegenerationInterval 3600

0 commit comments

Comments
 (0)