git: Remove blacklisted keys support from OpenSSH.

Peter Avalos pavalos at crater.dragonflybsd.org
Sat Jan 24 12:17:43 PST 2015


commit 3b34ad6b4d78ca4bb47af5deb6991675b5b508db
Author: Peter Avalos <pavalos at dragonflybsd.org>
Date:   Fri Jan 23 23:25:04 2015 -0800

    Remove blacklisted keys support from OpenSSH.
    
    As time progresses, this code becomes less useful. I left the code that
    still scans the configuration option, and in the future it can be
    removed as well.
    
    The original author made a decent case for removing this in 2013:
    https://lists.debian.org/debian-devel/2013/09/msg00240.html

Summary of changes:
 Makefile_upgrade.inc                    |     8 +
 crypto/openssh/README.compromised-keys  |   134 -
 crypto/openssh/auth-rh-rsa.c            |    16 -
 crypto/openssh/auth-rsa.c               |    15 -
 crypto/openssh/auth2-hostbased.c        |    14 -
 crypto/openssh/auth2-pubkey.c           |    15 -
 crypto/openssh/authfile.c               |   111 -
 crypto/openssh/authfile.h               |     3 -
 crypto/openssh/pathnames.h              |     2 -
 crypto/openssh/ssh-vulnkey.1            |   187 -
 crypto/openssh/ssh-vulnkey.c            |   324 -
 crypto/openssh/sshd.c                   |    15 -
 crypto/openssh/sshd_config              |     1 -
 secure/lib/libssh/DSA-1024.be32         | 32768 ------------------------------
 secure/lib/libssh/DSA-1024.le32         | 32768 ------------------------------
 secure/lib/libssh/DSA-1024.le64         | 32768 ------------------------------
 secure/lib/libssh/DSA-2048.all          |     6 -
 secure/lib/libssh/Makefile.etc          |    35 -
 secure/lib/libssh/RSA-1024.be32         | 32768 ------------------------------
 secure/lib/libssh/RSA-1024.le32         | 32768 ------------------------------
 secure/lib/libssh/RSA-1024.le64         | 32768 ------------------------------
 secure/lib/libssh/RSA-2048.be32         | 32768 ------------------------------
 secure/lib/libssh/RSA-2048.le32         | 32768 ------------------------------
 secure/lib/libssh/RSA-2048.le64         | 32768 ------------------------------
 secure/lib/libssh/RSA-4096.be32         | 32768 ------------------------------
 secure/lib/libssh/RSA-4096.le32         | 32768 ------------------------------
 secure/lib/libssh/RSA-4096.le64         | 32768 ------------------------------
 secure/lib/libssh/generate-blacklist.sh |    81 -
 secure/usr.bin/Makefile                 |     5 +-
 secure/usr.bin/ssh-vulnkey/Makefile     |     9 -
 30 files changed, 9 insertions(+), 394188 deletions(-)
 delete mode 100644 crypto/openssh/README.compromised-keys
 delete mode 100644 crypto/openssh/ssh-vulnkey.1
 delete mode 100644 crypto/openssh/ssh-vulnkey.c
 delete mode 100644 secure/lib/libssh/DSA-1024.be32
 delete mode 100644 secure/lib/libssh/DSA-1024.le32
 delete mode 100644 secure/lib/libssh/DSA-1024.le64
 delete mode 100644 secure/lib/libssh/DSA-2048.all
 delete mode 100644 secure/lib/libssh/RSA-1024.be32
 delete mode 100644 secure/lib/libssh/RSA-1024.le32
 delete mode 100644 secure/lib/libssh/RSA-1024.le64
 delete mode 100644 secure/lib/libssh/RSA-2048.be32
 delete mode 100644 secure/lib/libssh/RSA-2048.le32
 delete mode 100644 secure/lib/libssh/RSA-2048.le64
 delete mode 100644 secure/lib/libssh/RSA-4096.be32
 delete mode 100644 secure/lib/libssh/RSA-4096.le32
 delete mode 100644 secure/lib/libssh/RSA-4096.le64
 delete mode 100644 secure/lib/libssh/generate-blacklist.sh
 delete mode 100644 secure/usr.bin/ssh-vulnkey/Makefile

http://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/3b34ad6b4d78ca4bb47af5deb6991675b5b508db


-- 
DragonFly BSD source repository



More information about the Commits mailing list