On Tue, Feb 11, 2014 at 01:30:35PM +0100, Christoph Anton Mitterer wrote: > On Tue, 2014-02-11 at 11:19 +0000, Colin Watson wrote: > > I'll retroactively correct the changelog. (You still need > > to add the HostKey entry manually on upgrades.) > Actually I didn't understand that at all.. why do you need that? It > seems to be that ssh looks per default at /etc/ssh/ssh_host_ed25519_key
Only if HostKey isn't specified at all, and we have long included explicit HostKey directives in our stock sshd_config. > AFAIU the 6.5 release notes, ED25519, should be used per default (when > client/server both support it)... but it seems the case,... the default > for HostKeyAlgorithms seems to still have ECDSA first, while > KexAlgorithms prefers Curve25519 now... That'd be something to bring up with upstream, I think. I'm not an expert on the serious crypto involved in OpenSSH. Cheers, -- Colin Watson [cjwat...@debian.org] -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
