Removing small diffie-hellman moduli.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
author: Daniel Baumann <daniel.baumann@progress-linux.org> 2024-04-07 14:42:57 +0000
committer: Daniel Baumann <daniel.baumann@progress-linux.org> 2024-04-07 14:42:57 +0000
commit: 12f6ab5e22ea8a2f7a8589dd0a386dfccc7b05a6 (patch)
tree: a440f9779cae0fe0e34bcc1c468b5e7646b1106e
parent: Setting default ECDSA size in ssh-keygen to 521. (diff)
download: openssh-12f6ab5e22ea8a2f7a8589dd0a386dfccc7b05a6.tar.xz
openssh-12f6ab5e22ea8a2f7a8589dd0a386dfccc7b05a6.zip
1 files changed, 4 insertions, 0 deletions
diff --git a/debian/rules b/debian/rules
index 18b2bf3..9dc2801 100755
--- a/debian/rules
+++ b/debian/rules
@@ -163,6 +163,10 @@ override_dh_install-arch:
 		debian/tmp/etc/ssh/ssh_config \
 		debian/tmp/etc/ssh/sshd_config
 
+	# Remove small Diffie-Hellman moduli
+	awk '$$5 >= 4095' debian/tmp/etc/ssh/moduli > debian/tmp/etc/ssh/moduli.tmp
+	mv -f debian/tmp/etc/ssh/moduli.tmp debian/tmp/etc/ssh/moduli
+
 	dh_install -Nopenssh-client-udeb -Nopenssh-server-udeb
 ifeq ($(filter noudeb,$(DEB_BUILD_PROFILES)),)
 	dh_install -popenssh-client-udeb -popenssh-server-udeb \
author	Daniel Baumann <daniel.baumann@progress-linux.org>	2024-04-07 14:42:57 +0000
committer	Daniel Baumann <daniel.baumann@progress-linux.org>	2024-04-07 14:42:57 +0000
commit	12f6ab5e22ea8a2f7a8589dd0a386dfccc7b05a6 (patch)
tree	a440f9779cae0fe0e34bcc1c468b5e7646b1106e
parent	Setting default ECDSA size in ssh-keygen to 521. (diff)
download	openssh-12f6ab5e22ea8a2f7a8589dd0a386dfccc7b05a6.tar.xz openssh-12f6ab5e22ea8a2f7a8589dd0a386dfccc7b05a6.zip