Skip to content

Commit

Permalink
Remove deprecated options
Browse files Browse the repository at this point in the history 
SSH protocol 1 server support removed
-------------------------------------

sshd(8) no longer supports the old SSH protocol 1, so all the configuration
options related to it are now deprecated and should be removed from
/etc/ssh/sshd_config.  These are:

  KeyRegenerationInterval
  RSAAuthentication
  RhostsRSAAuthentication
  ServerKeyBits

The Protocol option is also no longer needed, although it is silently
ignored rather than deprecated.


https://salsa.debian.org/ssh-team/openssh/commit/fb87db8aa47d3508be8e5bb1d21897fa1f2eca90
  • Loading branch information
@kuzaxak
kuzaxak authored Jul 6, 2018
1 parent 0f505ec commit 478517d
Showing 1 changed file with 0 additions and 5 deletions.
5 changes: 0 additions & 5 deletions templates/default/openssh.conf.erb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -82,10 +82,6 @@ ForwardX11 no

# Never use host-based authentication. It can be exploited.
HostbasedAuthentication no
RhostsRSAAuthentication no

# Enable RSA authentication via identity files.
RSAAuthentication yes

# Disable password-based authentication, it can allow for potentially easier brute-force attacks.
PasswordAuthentication <%= ((@node['ssh-hardening']['ssh']['client']['password_authentication']) ? "yes" : "no" ) %>
Expand All @@ -100,7 +96,6 @@ Tunnel no
# Disable local command execution.
PermitLocalCommand no


# Misc. configuration
# ===================

Expand Down

0 comments on commit 478517d

Please sign in to comment.