diff options
| author | Roland Hieber <r.hieber@pengutronix.de> | 2018-05-29 20:13:44 +0200 |
|---|---|---|
| committer | Michael Olbrich <m.olbrich@pengutronix.de> | 2018-05-29 20:54:26 +0200 |
| commit | 3b6a0c614597229cc59681b1fe36fd9d7cd91dcb (patch) | |
| tree | 15308f2ddf173606c60d4ca0aba45d297a842021 /projectroot | |
| parent | d522b518f09fa1a14dbbd84101130c9b84632fd8 (diff) | |
| download | ptxdist-3b6a0c614597229cc59681b1fe36fd9d7cd91dcb.tar.gz ptxdist-3b6a0c614597229cc59681b1fe36fd9d7cd91dcb.tar.xz | |
openssh: don't generate a RSA host key by default
Generating RSA keys can take several minutes on embedded systems,
substantially slowing down the first startup. ED25519 is supported on
most recent SSH clients, so just drop the RSA host key in its favour.
Signed-off-by: Roland Hieber <r.hieber@pengutronix.de>
Signed-off-by: Michael Olbrich <m.olbrich@pengutronix.de>
Diffstat (limited to 'projectroot')
| -rw-r--r-- | projectroot/etc/rc.once.d/openssh | 1 | ||||
| -rw-r--r-- | projectroot/etc/ssh/sshd_config | 2 |
2 files changed, 1 insertions, 2 deletions
diff --git a/projectroot/etc/rc.once.d/openssh b/projectroot/etc/rc.once.d/openssh index a49ddee0a..4a3c594cc 100644 --- a/projectroot/etc/rc.once.d/openssh +++ b/projectroot/etc/rc.once.d/openssh @@ -14,7 +14,6 @@ host_keys_required() { else # No HostKey directives found, so we pick secure defaults echo /etc/ssh/ssh_host_ed25519_key - echo /etc/ssh/ssh_host_rsa_key fi } diff --git a/projectroot/etc/ssh/sshd_config b/projectroot/etc/ssh/sshd_config index 14ae11901..297edd854 100644 --- a/projectroot/etc/ssh/sshd_config +++ b/projectroot/etc/ssh/sshd_config @@ -15,7 +15,7 @@ #ListenAddress 0.0.0.0 #ListenAddress :: -HostKey /etc/ssh/ssh_host_rsa_key +#HostKey /etc/ssh/ssh_host_rsa_key #HostKey /etc/ssh/ssh_host_dsa_key #HostKey /etc/ssh/ssh_host_ecdsa_key HostKey /etc/ssh/ssh_host_ed25519_key |