Closed mengelmann closed 6 years ago
Note to me: Need to check backward compatibility with wheezy - check if keygen supports ed25519, as @andsens noted in #431.
Wheezy benefits from Long Term Support (LTS) until the end of May 2018 https://www.debian.org/releases/wheezy/index.en.html
The more you get into it, the more complicated it becomes:
oppenssh-server from wheezy-backports supports ED25519 keys, so 'generate-ssh-hostkeys' script would have to check at runtime if ED25519 is supported or not. My suggestion is to leave wheezy as is right now in bootstrap-vz (supports RSA, DSA and ECDSA) and just support ED25519 for jessie and newer.
I added changes in the code to reflect the above. PR is also a workaround for #432 (changes LSB header in sysv init script for stretch, see mentioned issue for details).
Please review.
Oh wow. Yeah, that's far from simple. Good job on getting through this! Merging...
ED25519 ssh host key pair is not removed from
/etc/ssh
:ED25519 ssh key pair is created since OpenSSH 6.5 (6.7 in Debian jessie) https://wiki.debian.org/SSH#Installation_of_the_server