Add comment to OpenSSH server config about FIPS-incompatible key
Resolves: RHEL-5221
This commit is contained in:
parent
a636f3d32f
commit
9c7572af98
@ -515,3 +515,14 @@ diff -up openssh-7.9p1/ssh-keygen.c.fips openssh-7.9p1/ssh-keygen.c
|
||||
if ((fd = mkstemp(prv_tmp)) == -1) {
|
||||
error("Could not save your public key in %s: %s",
|
||||
prv_tmp, strerror(errno));
|
||||
diff -up openssh-8.0p1/sshd_config.xxx openssh-8.0p1/sshd_config
|
||||
--- openssh-8.0p1/sshd_config.xxx 2023-10-30 13:01:59.150952364 +0100
|
||||
+++ openssh-8.0p1/sshd_config 2023-10-30 13:02:56.662231354 +0100
|
||||
@@ -21,6 +21,7 @@
|
||||
|
||||
HostKey /etc/ssh/ssh_host_rsa_key
|
||||
HostKey /etc/ssh/ssh_host_ecdsa_key
|
||||
+#In FIPS mode Ed25519 keys are not supported, please comment out the next line
|
||||
HostKey /etc/ssh/ssh_host_ed25519_key
|
||||
|
||||
# Ciphers and keying
|
||||
|
@ -812,6 +812,8 @@ getent passwd sshd >/dev/null || \
|
||||
* Mon Oct 30 2023 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.0p1-20
|
||||
- Limit artificial delays in sshd while login using AD user
|
||||
Resolves: RHEL-1684
|
||||
- Add comment to OpenSSH server config about FIPS-incompatible key
|
||||
Resolves: RHEL-5221
|
||||
|
||||
* Thu Aug 24 2023 Dmitry Belyavskiy <dbelyavs@redhat.com> - 8.0p1-19
|
||||
- rebuilt
|
||||
|
Loading…
Reference in New Issue
Block a user