Red Hat Bugzilla – Full Text Bug Listing
|Summary:||sshd init.d script should allow override of server key creation|
|Product:||[Fedora] Fedora||Reporter:||James Ralston <ralston>|
|Component:||openssh||Assignee:||Tomas Mraz <tmraz>|
|Status:||CLOSED RAWHIDE||QA Contact:||Brian Brock <bbrock>|
|Fixed In Version:||openssh-4.5p1-8.fc8||Doc Type:||Bug Fix|
|Doc Text:||Story Points:||---|
|Last Closed:||2007-08-09 14:39:54 EDT||Type:||---|
|oVirt Team:||---||RHEL 7.3 requirements from Atomic Host:|
Description James Ralston 2007-04-05 18:17:39 EDT
(I am filing this bug against FC7test3, but it applies to all versions of FC and RHEL.) Currently, /etc/rc.d/init.d/sshd unconditionally creates any server keys which are missing: /etc/ssh/ssh_host_key /etc/ssh/ssh_host_rsa_key /etc/ssh/ssh_host_dsa_key This is irritating, because we define specific (and limited) HostKeys in /etc/ssh/sshd_config, and don't want the extra HostKeys lying around. This patch will make it so that setting NO_AUTOCREATE_SERVER_KEYS to NO in /etc/sysconfig/sshd will cause the sshd init.d file not to automatically create HostKeys.
Comment 1 James Ralston 2007-04-05 18:17:39 EDT
Created attachment 151814 [details] add support for NO_AUTOCREATE_SERVER_KEYS setting
Comment 2 James Ralston 2007-04-05 18:22:13 EDT
Created attachment 151815 [details] add support for overriding autocreation of HostKeys Actually, I just realized that variable is poorly named, as setting it requires a double negative. Simply AUTOCREATE_SERVER_KEYS is better.
Comment 3 Matthew Miller 2007-04-10 12:27:12 EDT
Fedora 7 test bugs should be filed against "devel", not against test1/2/3. This isn't obvious, I know. Moving this report so it isn't lost. This is a bulk message -- I apologize if this was actually meant to be targeted against a different release. If so, please fix or let me know. Thanks.