File openssh-7.2p2-allow_DSS_by_default.patch of Package openssh.29886
From 3f75d5d7ebb792b63763cfee5dac77a9490ca67a Mon Sep 17 00:00:00 2001 From: Old openssh patches <pcerny@suse.com> Date: Tue, 25 Oct 2022 18:52:49 +0200 Subject: [PATCH] openssh-7.2p2-allow_DSS_by_default # HG changeset patch # Parent d33bce122aa351a56ce457be35feda52171f9088 Enable DSS authentication by default to maintain compatibility with older versions. bsc#983784 --- myproposal.h | 4 +++- ssh_config.5 | 8 ++++---- sshd_config.5 | 8 ++++---- 3 files changed, 11 insertions(+), 9 deletions(-) diff --git a/myproposal.h b/myproposal.h index bdd05966..7b158971 100644 --- a/myproposal.h +++ b/myproposal.h @@ -99,11 +99,13 @@ HOSTKEY_ECDSA_CERT_METHODS \ "ssh-ed25519-cert-v01@openssh.com," \ "ssh-rsa-cert-v01@openssh.com," \ + "ssh-dss-cert-v01@openssh.com," \ HOSTKEY_ECDSA_METHODS \ "ssh-ed25519," \ "rsa-sha2-512," \ "rsa-sha2-256," \ - "ssh-rsa" + "ssh-rsa," \ + "ssh-dss" /* the actual algorithms */ diff --git a/ssh_config.5 b/ssh_config.5 index caf13a62..6671c605 100644 --- a/ssh_config.5 +++ b/ssh_config.5 @@ -892,9 +892,9 @@ ecdsa-sha2-nistp256-cert-v01@openssh.com, ecdsa-sha2-nistp384-cert-v01@openssh.com, ecdsa-sha2-nistp521-cert-v01@openssh.com, ssh-ed25519-cert-v01@openssh.com, -ssh-rsa-cert-v01@openssh.com, +ssh-rsa-cert-v01@openssh.com,ssh-dss-cert-v01@openssh.com, ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, -ssh-ed25519,ssh-rsa +ssh-ed25519,ssh-rsa,ssh-dss .Ed .Pp If hostkeys are known for the destination host then this default is modified @@ -1330,9 +1330,9 @@ ecdsa-sha2-nistp256-cert-v01@openssh.com, ecdsa-sha2-nistp384-cert-v01@openssh.com, ecdsa-sha2-nistp521-cert-v01@openssh.com, ssh-ed25519-cert-v01@openssh.com, -ssh-rsa-cert-v01@openssh.com, +ssh-rsa-cert-v01@openssh.com,ssh-dss-cert-v01@openssh.com, ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, -ssh-ed25519,ssh-rsa +ssh-ed25519,ssh-rsa,ssh-dss .Ed .Pp The diff --git a/sshd_config.5 b/sshd_config.5 index b2c50b25..006fb9ae 100644 --- a/sshd_config.5 +++ b/sshd_config.5 @@ -656,9 +656,9 @@ ecdsa-sha2-nistp256-cert-v01@openssh.com, ecdsa-sha2-nistp384-cert-v01@openssh.com, ecdsa-sha2-nistp521-cert-v01@openssh.com, ssh-ed25519-cert-v01@openssh.com, -ssh-rsa-cert-v01@openssh.com, +ssh-rsa-cert-v01@openssh.com,ssh-dss-cert-v01@openssh.com, ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, -ssh-ed25519,ssh-rsa +ssh-ed25519,ssh-rsa,ssh-dss .Ed .Pp The @@ -748,9 +748,9 @@ ecdsa-sha2-nistp256-cert-v01@openssh.com, ecdsa-sha2-nistp384-cert-v01@openssh.com, ecdsa-sha2-nistp521-cert-v01@openssh.com, ssh-ed25519-cert-v01@openssh.com, -ssh-rsa-cert-v01@openssh.com, +ssh-rsa-cert-v01@openssh.com,ssh-dss-cert-v01@openssh.com, ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521, -ssh-ed25519,ssh-rsa +ssh-ed25519,ssh-rsa,ssh-dss .Ed .Pp The list of available key types may also be obtained using the -- 2.38.0
