Bug 235466 - sshd init.d script should allow override of server key creation
Summary: sshd init.d script should allow override of server key creation
Status: CLOSED RAWHIDE
Alias: None
Product: Fedora
Classification: Fedora
Component: openssh (Show other bugs)
(Show other bugs)
Version: rawhide
Hardware: All Linux
medium
medium
Target Milestone: ---
Assignee: Tomas Mraz
QA Contact: Brian Brock
URL:
Whiteboard:
Keywords:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2007-04-05 22:17 UTC by James Ralston
Modified: 2007-11-30 22:12 UTC (History)
1 user (show)

Fixed In Version: openssh-4.5p1-8.fc8
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-08-09 18:39:54 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
add support for NO_AUTOCREATE_SERVER_KEYS setting (439 bytes, patch)
2007-04-05 22:17 UTC, James Ralston
no flags Details | Diff
add support for overriding autocreation of HostKeys (436 bytes, patch)
2007-04-05 22:22 UTC, James Ralston
no flags Details | Diff

Description James Ralston 2007-04-05 22:17:39 UTC
(I am filing this bug against FC7test3, but it applies to all versions of FC and
RHEL.)

Currently, /etc/rc.d/init.d/sshd unconditionally creates any server keys which
are missing:

/etc/ssh/ssh_host_key
/etc/ssh/ssh_host_rsa_key
/etc/ssh/ssh_host_dsa_key

This is irritating, because we define specific (and limited) HostKeys in
/etc/ssh/sshd_config, and don't want the extra HostKeys lying around.

This patch will make it so that setting NO_AUTOCREATE_SERVER_KEYS to NO in
/etc/sysconfig/sshd will cause the sshd init.d file not to automatically create
HostKeys.

Comment 1 James Ralston 2007-04-05 22:17:39 UTC
Created attachment 151814 [details]
add support for NO_AUTOCREATE_SERVER_KEYS setting

Comment 2 James Ralston 2007-04-05 22:22:13 UTC
Created attachment 151815 [details]
add support for overriding autocreation of HostKeys

Actually, I just realized that variable is poorly named, as setting it requires
a double negative.  Simply AUTOCREATE_SERVER_KEYS is better.

Comment 3 Matthew Miller 2007-04-10 16:27:12 UTC
Fedora 7 test bugs should be filed against "devel", not against test1/2/3. This
isn't obvious, I know. Moving this report so it isn't lost.

This is a bulk message -- I apologize if this was actually meant to be targeted
against a different release. If so, please fix or let me know. Thanks.


Note You need to log in before you can comment on or make changes to this bug.