Skip to content

Commit

Permalink
admin: Drop old ssh 1 keys
Browse files Browse the repository at this point in the history 
Motivation:

dCache fails to install on Ubuntu Xenial due to the short key length
of the SSH 1 keys generated in the post instal script.

Modification:

Since we no longer support SSH 1, the fix is to drop the keys.

Result:

Solved a problem with installing on Ubuntu Xenial. We now no longer generate
keys for the old SSH 1 admin interface in the post install script.

Target: trunk
Request: 2.16
Request: 2.15
Request: 2.14
Request: 2.13
Require-notes: yes
Require-book: no
Acked-by: Paul Millar <paul.millar@desy.de>

Reviewed at https://rb.dcache.org/r/9386/

(cherry picked from commit 78ee625)
  • Loading branch information
@gbehrmann
gbehrmann committed Jun 9, 2016
1 parent b966e09 commit 9d057c8
Show file tree
Hide file tree
Showing 6 changed files with 0 additions and 30 deletions.
14 changes: 0 additions & 14 deletions packages/fhs/src/main/deb/postinst
View file
Expand Up @@ -36,20 +36,6 @@ Please fix this and reinstall this package." >&2
# delegated proxies should not be accessible to anybody else
chmod 700 /var/lib/dcache/credentials

# generate admin door server key
if [ ! -f /etc/dcache/admin/server_key ]; then
ssh-keygen -q -b 768 -t rsa1 -f /etc/dcache/admin/server_key -N ""
chmod 640 /etc/dcache/admin/server_key
chgrp dcache /etc/dcache/admin/server_key
fi

# generate admin door host key
if [ ! -f /etc/dcache/admin/host_key ]; then
ssh-keygen -q -b 1024 -t rsa1 -f /etc/dcache/admin/host_key -N ""
chmod 640 /etc/dcache/admin/host_key
chgrp dcache /etc/dcache/admin/host_key
fi

# generate admin door ssh2 server key
if [ ! -f /etc/dcache/admin/ssh_host_dsa_key ]; then
ssh-keygen -q -t dsa -f /etc/dcache/admin/ssh_host_dsa_key -N ""
Expand Down
14 changes: 0 additions & 14 deletions packages/fhs/src/main/rpm/dcache-server.spec
View file
Expand Up @@ -62,20 +62,6 @@ fi
exit 0

%post
# generate admin door server key
if [ ! -f /etc/dcache/admin/server_key ]; then
ssh-keygen -q -b 768 -t rsa1 -f /etc/dcache/admin/server_key -N ""
chmod 640 /etc/dcache/admin/server_key
chgrp dcache /etc/dcache/admin/server_key
fi

# generate admin door host key
if [ ! -f /etc/dcache/admin/host_key ]; then
ssh-keygen -q -b 1024 -t rsa1 -f /etc/dcache/admin/host_key -N ""
chmod 640 /etc/dcache/admin/host_key
chgrp dcache /etc/dcache/admin/host_key
fi

# generate admin door ssh2 server key
if [ ! -f /etc/dcache/admin/ssh_host_dsa_key ]; then
ssh-keygen -q -t dsa -f /etc/dcache/admin/ssh_host_dsa_key -N ""
Expand Down
Binary file removed packages/system-test/src/main/skel/etc/admin/host_key
View file
Binary file not shown.
1 change: 0 additions & 1 deletion packages/system-test/src/main/skel/etc/admin/host_key.pub
View file

This file was deleted.

Binary file removed packages/system-test/src/main/skel/etc/admin/server_key
View file
Binary file not shown.
1 change: 0 additions & 1 deletion packages/system-test/src/main/skel/etc/admin/server_key.pub
View file

This file was deleted.

0 comments on commit 9d057c8

Please sign in to comment.