From 9d057c829506806ed145bda7d69be6f56cfd4a80 Mon Sep 17 00:00:00 2001 From: Gerd Behrmann Date: Wed, 8 Jun 2016 13:33:14 +0200 Subject: [PATCH] admin: Drop old ssh 1 keys Motivation: dCache fails to install on Ubuntu Xenial due to the short key length of the SSH 1 keys generated in the post instal script. Modification: Since we no longer support SSH 1, the fix is to drop the keys. Result: Solved a problem with installing on Ubuntu Xenial. We now no longer generate keys for the old SSH 1 admin interface in the post install script. Target: trunk Request: 2.16 Request: 2.15 Request: 2.14 Request: 2.13 Require-notes: yes Require-book: no Acked-by: Paul Millar Reviewed at https://rb.dcache.org/r/9386/ (cherry picked from commit 78ee625dbd0d4893af6eb6036e2f81c0394a6a2e) --- packages/fhs/src/main/deb/postinst | 14 -------------- packages/fhs/src/main/rpm/dcache-server.spec | 14 -------------- .../system-test/src/main/skel/etc/admin/host_key | Bin 548 -> 0 bytes .../src/main/skel/etc/admin/host_key.pub | 1 - .../src/main/skel/etc/admin/server_key | Bin 436 -> 0 bytes .../src/main/skel/etc/admin/server_key.pub | 1 - 6 files changed, 30 deletions(-) delete mode 100644 packages/system-test/src/main/skel/etc/admin/host_key delete mode 100644 packages/system-test/src/main/skel/etc/admin/host_key.pub delete mode 100644 packages/system-test/src/main/skel/etc/admin/server_key delete mode 100644 packages/system-test/src/main/skel/etc/admin/server_key.pub diff --git a/packages/fhs/src/main/deb/postinst b/packages/fhs/src/main/deb/postinst index 6c120d87851..e4ef4dd544e 100755 --- a/packages/fhs/src/main/deb/postinst +++ b/packages/fhs/src/main/deb/postinst @@ -36,20 +36,6 @@ Please fix this and reinstall this package." >&2 # delegated proxies should not be accessible to anybody else chmod 700 /var/lib/dcache/credentials - # generate admin door server key - if [ ! -f /etc/dcache/admin/server_key ]; then - ssh-keygen -q -b 768 -t rsa1 -f /etc/dcache/admin/server_key -N "" - chmod 640 /etc/dcache/admin/server_key - chgrp dcache /etc/dcache/admin/server_key - fi - - # generate admin door host key - if [ ! -f /etc/dcache/admin/host_key ]; then - ssh-keygen -q -b 1024 -t rsa1 -f /etc/dcache/admin/host_key -N "" - chmod 640 /etc/dcache/admin/host_key - chgrp dcache /etc/dcache/admin/host_key - fi - # generate admin door ssh2 server key if [ ! -f /etc/dcache/admin/ssh_host_dsa_key ]; then ssh-keygen -q -t dsa -f /etc/dcache/admin/ssh_host_dsa_key -N "" diff --git a/packages/fhs/src/main/rpm/dcache-server.spec b/packages/fhs/src/main/rpm/dcache-server.spec index 5b8f1a500f0..e97c3615f0a 100644 --- a/packages/fhs/src/main/rpm/dcache-server.spec +++ b/packages/fhs/src/main/rpm/dcache-server.spec @@ -62,20 +62,6 @@ fi exit 0 %post -# generate admin door server key -if [ ! -f /etc/dcache/admin/server_key ]; then - ssh-keygen -q -b 768 -t rsa1 -f /etc/dcache/admin/server_key -N "" - chmod 640 /etc/dcache/admin/server_key - chgrp dcache /etc/dcache/admin/server_key -fi - -# generate admin door host key -if [ ! -f /etc/dcache/admin/host_key ]; then - ssh-keygen -q -b 1024 -t rsa1 -f /etc/dcache/admin/host_key -N "" - chmod 640 /etc/dcache/admin/host_key - chgrp dcache /etc/dcache/admin/host_key -fi - # generate admin door ssh2 server key if [ ! -f /etc/dcache/admin/ssh_host_dsa_key ]; then ssh-keygen -q -t dsa -f /etc/dcache/admin/ssh_host_dsa_key -N "" diff --git a/packages/system-test/src/main/skel/etc/admin/host_key b/packages/system-test/src/main/skel/etc/admin/host_key deleted file mode 100644 index 5fc79b4749ab78a77b8bd86bd8677eea5faa1aef..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 548 zcmV+<0^9vlQ%E3CQb|@pR7D_5MOh$5NlZl`Mo&^rK~x|yE-?xK000000000400aQ7 zcG{(xSww=Q2B2zX=5(})QhdaN{QlL~8L7=q01sG=W;fo85fG22RYMa_I$E&YfKKTX z6UG1Dx39&S+vNH2)9ia5o+n~(s@-jG%W&Gg08~ki5R3evH_CQsA&9Qhl=fimqp!5U zmt4Y2euJ_xLYaRs_pgWF?#NeB#cgc>5di=J0000VVr6J@ZDDS1Kw@QRa&2L5ZY^|Z zX>Mz9VPq|MGBPk#X;oyYYI%Z$B zjU;k{a5N`gCVKXB7y^=XUn-9FbTN>)-P9+C#Y+AY<_yXO6}F{%0RjNq$?oV#Yi=6w z=-(T4?(5ef{rl|{?A{;eZTwre-*FQ?_^LrXA-DyBek*V^d7^aC#A&i{AE>|twco@I zH}A^=0LHjwAm^&_;4|%VwR_UI3~pjE;KAUwPl>u13gpzu-8*||8Yo?-5^rl}nnoK^yMIk(Q1?{_;V mv~%XE#1Cf$*WkfE9Ip};!&sG6aBXA!3oM(k$UhMP0000T4Fa72 diff --git a/packages/system-test/src/main/skel/etc/admin/host_key.pub b/packages/system-test/src/main/skel/etc/admin/host_key.pub deleted file mode 100644 index 5d034072678..00000000000 --- a/packages/system-test/src/main/skel/etc/admin/host_key.pub +++ /dev/null @@ -1 +0,0 @@ -1024 65537 121810755519470151541940459920751389141465732793178455373945112099602394772241567483236782621876951363319143694806269607047287638395854602131965825741875773278524302101442162786560184054222390827568380246467144329068479454374109788758626284892332253180234217547673135469616905863581184969323855466936496647533 behrmann@behrmann-thinkpad-x220 diff --git a/packages/system-test/src/main/skel/etc/admin/server_key b/packages/system-test/src/main/skel/etc/admin/server_key deleted file mode 100644 index 991567cdea47b202313d59846a7f506d0ed00c0a..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 436 zcmV;l0ZaZ~vtU#(pbecp-)B1w|5di=J0000V zVr6J@ZDDS1Kw@QRa&2L5ZY^|ZX>Mz9VPq|MGBPl_#=6D={xFji#?h4gBrTq{m+4)8 z^_|NA{XicUT~?{O$dqLNhc{lBCgF{U6Y6?;|1uyx^>OM$kX$ja@G7R6&m zVvY&HXX0 zsQP2D%U(vMXrATmAgicmf0Y=ErWSv7p#gyF7v=SJCQ&%_M0G^F_dRO^l2W2Z+JMR~ e-2=Eu*gjV6V?ipPs!2G#n;TvtdG(_J0001eRJ=d{ diff --git a/packages/system-test/src/main/skel/etc/admin/server_key.pub b/packages/system-test/src/main/skel/etc/admin/server_key.pub deleted file mode 100644 index 129a0e298b8..00000000000 --- a/packages/system-test/src/main/skel/etc/admin/server_key.pub +++ /dev/null @@ -1 +0,0 @@ -768 65537 1264307993424213743209254674621835944581364908687476132892991305480961867719487269950912746158216208471868376374806016552576547751765667836913109992616252256486144446834988992121735201765897080136139685334229660645381133313200355971 behrmann@behrmann-thinkpad-x220