summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rwxr-xr-xdebian/rules4
1 files changed, 4 insertions, 0 deletions
diff --git a/debian/rules b/debian/rules
index 550306d..4fb3313 100755
--- a/debian/rules
+++ b/debian/rules
@@ -181,6 +181,10 @@ endif
debian/openssh-server/etc/ssh/moduli \
debian/openssh-client/etc/ssh/ssh_config
+ # Remove small Diffie-Hellman moduli
+ awk '$$5 >= 4095' debian/openssh-server/etc/ssh/moduli > debian/openssh-server/etc/ssh/moduli.tmp
+ mv -f debian/openssh-server/etc/ssh/moduli.tmp debian/openssh-server/etc/ssh/moduli
+
# We'd like to use dh_install --fail-missing here, but that doesn't work
# well in combination with dh-exec: it complains that files generated by
# dh-exec for architecture-dependent packages aren't installed.