Clean up DSA host keys
OpenSSH 7.0 is in our repos since Aug 11, 2015 (archlinux/packaging/packages/openssh@13048c1d), therefore we can safely retire DSA keys:
OpenSSH 7.0 and greater similarly disable the ssh-dss (DSA) public key algorithm. It too is weak and we recommend against its use.
Activity
added scopeenhancement label
Removed:
$ ansible archlinux.org -a "rm /etc/ssh/ssh_host_dsa_key /etc/ssh/ssh_host_dsa_key.pub" archlinux.org | CHANGED | rc=0 >> $ ansible all -a "rm /etc/ssh/ssh_host_dsa_key /etc/ssh/ssh_host_dsa_key.pub" gitlab.archlinux.org | FAILED | rc=1 >> rm: cannot remove '/etc/ssh/ssh_host_dsa_key': No such file or directory rm: cannot remove '/etc/ssh/ssh_host_dsa_key.pub': No such file or directorynon-zero return code repos.archlinux.org | FAILED | rc=1 >> rm: cannot remove '/etc/ssh/ssh_host_dsa_key': No such file or directory rm: cannot remove '/etc/ssh/ssh_host_dsa_key.pub': No such file or directorynon-zero return code gemini.archlinux.org | CHANGED | rc=0 >> secure-runner1.archlinux.org | CHANGED | rc=0 >> repro3.pkgbuild.com | FAILED | rc=1 >> rm: cannot remove '/etc/ssh/ssh_host_dsa_key': No such file or directory rm: cannot remove '/etc/ssh/ssh_host_dsa_key.pub': No such file or directorynon-zero return code build.archlinux.org | FAILED | rc=1 >> rm: cannot remove '/etc/ssh/ssh_host_dsa_key': No such file or directory rm: cannot remove '/etc/ssh/ssh_host_dsa_key.pub': No such file or directorynon-zero return code runner3.archlinux.org | FAILED | rc=1 >> rm: cannot remove '/etc/ssh/ssh_host_dsa_key': No such file or directory rm: cannot remove '/etc/ssh/ssh_host_dsa_key.pub': No such file or directorynon-zero return code seoul.mirror.pkgbuild.com | CHANGED | rc=0 >> america.mirror.pkgbuild.com | CHANGED | rc=0 >> sydney.mirror.pkgbuild.com | CHANGED | rc=0 >> asia.mirror.pkgbuild.com | CHANGED | rc=0 >> london.mirror.pkgbuild.com | FAILED | rc=1 >> rm: cannot remove '/etc/ssh/ssh_host_dsa_key': No such file or directory rm: cannot remove '/etc/ssh/ssh_host_dsa_key.pub': No such file or directorynon-zero return code europe.mirror.pkgbuild.com | CHANGED | rc=0 >> accounts.archlinux.org | CHANGED | rc=0 >> mirror.pkgbuild.com | CHANGED | rc=0 >> archlinux.org | FAILED | rc=1 >> rm: cannot remove '/etc/ssh/ssh_host_dsa_key': No such file or directory rm: cannot remove '/etc/ssh/ssh_host_dsa_key.pub': No such file or directorynon-zero return code aur.archlinux.org | CHANGED | rc=0 >> bbs.archlinux.org | CHANGED | rc=0 >> homedir.archlinux.org | CHANGED | rc=0 >> lists.archlinux.org | CHANGED | rc=0 >> mail.archlinux.org | CHANGED | rc=0 >> matrix.archlinux.org | CHANGED | rc=0 >> md.archlinux.org | CHANGED | rc=0 >> monitoring.archlinux.org | CHANGED | rc=0 >> reproducible.archlinux.org | CHANGED | rc=0 >> phrik.archlinux.org | CHANGED | rc=0 >> quassel.archlinux.org | CHANGED | rc=0 >> security.archlinux.org | CHANGED | rc=0 >> state.archlinux.org | CHANGED | rc=0 >> wiki.archlinux.org | CHANGED | rc=0 >> runner1.archlinux.org | CHANGED | rc=0 >> man.archlinux.org | CHANGED | rc=0 >> repro2.pkgbuild.com | CHANGED | rc=0 >> bugbuddy.archlinux.org | FAILED | rc=1 >> rm: cannot remove '/etc/ssh/ssh_host_dsa_key': No such file or directory rm: cannot remove '/etc/ssh/ssh_host_dsa_key.pub': No such file or directorynon-zero return code dashboards.archlinux.org | CHANGED | rc=0 >> gluebuddy.archlinux.org | CHANGED | rc=0 >> debuginfod.archlinux.org | CHANGED | rc=0 >> opensearch.archlinux.org | FAILED | rc=1 >> rm: cannot remove '/etc/ssh/ssh_host_dsa_key': No such file or directory rm: cannot remove '/etc/ssh/ssh_host_dsa_key.pub': No such file or directorynon-zero return code redirect.archlinux.org | CHANGED | rc=0 >>Edited by Kristian Klausenclosed with commit 9d229b84
mentioned in commit 9d229b84
Please register or sign in to reply