From f295c83fd3cd50f8c96e156e4a9267fc1f21be45 Mon Sep 17 00:00:00 2001 From: Alexandre Aubin Date: Wed, 28 Nov 2018 18:59:34 +0000 Subject: [PATCH] Order of keys matter, ed25519 is recommended --- bin/yunoprompt | 2 +- data/hooks/conf_regen/03-ssh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/bin/yunoprompt b/bin/yunoprompt index bca5c2cb3..2b2a6cfb2 100755 --- a/bin/yunoprompt +++ b/bin/yunoprompt @@ -5,7 +5,7 @@ ip=$(hostname --all-ip-address) # Fetch SSH fingerprints i=0 -for key in $(ls /etc/ssh/ssh_host_{rsa,ecdsa,ed25519}_key.pub 2> /dev/null) ; do +for key in $(ls /etc/ssh/ssh_host_{ed25519,rsa,ecdsa}_key.pub 2> /dev/null) ; do output=$(ssh-keygen -l -f $key) fingerprint[$i]=" - $(echo $output | cut -d' ' -f2) $(echo $output| cut -d' ' -f4)" i=$(($i + 1)) diff --git a/data/hooks/conf_regen/03-ssh b/data/hooks/conf_regen/03-ssh index a9ed0ee48..e60b3022f 100755 --- a/data/hooks/conf_regen/03-ssh +++ b/data/hooks/conf_regen/03-ssh @@ -16,7 +16,7 @@ do_pre_regen() { || sed -i "s/ListenAddress ::/#ListenAddress ::/g" sshd_config # Support legacy setting (this setting might be disabled by a user during a migration) - ssh_keys=$(ls /etc/ssh/ssh_host_{rsa,ecdsa,ed25519}_key 2>/dev/null) + ssh_keys=$(ls /etc/ssh/ssh_host_{ed25519,rsa,ecdsa}_key 2>/dev/null) if [[ "$(yunohost settings get 'service.ssh.allow_deprecated_dsa_hostkey')" == "True" ]]; then ssh_keys="$ssh_keys $(ls /etc/ssh/ssh_host_dsa_key 2>/dev/null)" fi