src - OpenBSD base system

diff options


context:
space:
mode:

author	Damien Miller <djm@cvs.openbsd.org>	2015-01-08 10:15:46 +0000
committer	Damien Miller <djm@cvs.openbsd.org>	2015-01-08 10:15:46 +0000
commit	fd5ce5f7e5a353fdffac42e5b5bc87687509953e (patch)
tree	09a83b1c24941c1856d2bd8237a1229d6d59c091 /usr.bin/ssh
parent	8282f0bdc864c86fc63f7e4f3c655143dea8d8e4 (diff)

reorder hostbased key attempts to better match the default

hostkey algorithms order in myproposal.h; ok markus@

Diffstat (limited to 'usr.bin/ssh')

-rw-r--r--

usr.bin/ssh/ssh.c

1 files changed, 17 insertions, 17 deletions

diff --git a/usr.bin/ssh/ssh.c b/usr.bin/ssh/ssh.c
index 346b94a2e36..67513c47dad 100644
--- a/usr.bin/ssh/ssh.c
+++ b/usr.bin/ssh/ssh.c

@@ -1,4 +1,4 @@

-/* $OpenBSD: ssh.c,v 1.410 2014/11/18 20:54:28 krw Exp $ */

+/* $OpenBSD: ssh.c,v 1.411 2015/01/08 10:15:45 djm Exp $ */

* Author: Tatu Ylonen <ylo@cs.hut.fi>

@@ -1113,22 +1113,22 @@ main(int ac, char **av)

PRIV_START;

sensitive_data.keys[0] = key_load_private_type(KEY_RSA1,

_PATH_HOST_KEY_FILE, "", NULL, NULL);

- sensitive_data.keys[1] = key_load_private_cert(KEY_DSA,

- _PATH_HOST_DSA_KEY_FILE, "", NULL);

- sensitive_data.keys[2] = key_load_private_cert(KEY_ECDSA,

+ sensitive_data.keys[1] = key_load_private_cert(KEY_ECDSA,

_PATH_HOST_ECDSA_KEY_FILE, "", NULL);

+ sensitive_data.keys[2] = key_load_private_cert(KEY_ED25519,

+ _PATH_HOST_ED25519_KEY_FILE, "", NULL);

sensitive_data.keys[3] = key_load_private_cert(KEY_RSA,

_PATH_HOST_RSA_KEY_FILE, "", NULL);

- sensitive_data.keys[4] = key_load_private_cert(KEY_ED25519,

- _PATH_HOST_ED25519_KEY_FILE, "", NULL);

- sensitive_data.keys[5] = key_load_private_type(KEY_DSA,

- _PATH_HOST_DSA_KEY_FILE, "", NULL, NULL);

- sensitive_data.keys[6] = key_load_private_type(KEY_ECDSA,

+ sensitive_data.keys[4] = key_load_private_cert(KEY_DSA,

+ _PATH_HOST_DSA_KEY_FILE, "", NULL);

+ sensitive_data.keys[5] = key_load_private_type(KEY_ECDSA,

_PATH_HOST_ECDSA_KEY_FILE, "", NULL, NULL);

+ sensitive_data.keys[6] = key_load_private_type(KEY_ED25519,

+ _PATH_HOST_ED25519_KEY_FILE, "", NULL, NULL);

sensitive_data.keys[7] = key_load_private_type(KEY_RSA,

_PATH_HOST_RSA_KEY_FILE, "", NULL, NULL);

- sensitive_data.keys[8] = key_load_private_type(KEY_ED25519,

- _PATH_HOST_ED25519_KEY_FILE, "", NULL, NULL);

+ sensitive_data.keys[8] = key_load_private_type(KEY_DSA,

+ _PATH_HOST_DSA_KEY_FILE, "", NULL, NULL);

PRIV_END;

if (options.hostbased_authentication == 1 &&

@@ -1138,21 +1138,21 @@ main(int ac, char **av)

sensitive_data.keys[7] == NULL &&

sensitive_data.keys[8] == NULL) {

sensitive_data.keys[1] = key_load_cert(

- _PATH_HOST_DSA_KEY_FILE);

- sensitive_data.keys[2] = key_load_cert(

_PATH_HOST_ECDSA_KEY_FILE);

+ sensitive_data.keys[2] = key_load_cert(

+ _PATH_HOST_ED25519_KEY_FILE);

sensitive_data.keys[3] = key_load_cert(

_PATH_HOST_RSA_KEY_FILE);

sensitive_data.keys[4] = key_load_cert(

- _PATH_HOST_ED25519_KEY_FILE);

+ _PATH_HOST_DSA_KEY_FILE);

sensitive_data.keys[5] = key_load_public(

- _PATH_HOST_DSA_KEY_FILE, NULL);

- sensitive_data.keys[6] = key_load_public(

_PATH_HOST_ECDSA_KEY_FILE, NULL);

+ sensitive_data.keys[6] = key_load_public(

+ _PATH_HOST_ED25519_KEY_FILE, NULL);

sensitive_data.keys[7] = key_load_public(

_PATH_HOST_RSA_KEY_FILE, NULL);

sensitive_data.keys[8] = key_load_public(

- _PATH_HOST_ED25519_KEY_FILE, NULL);

+ _PATH_HOST_DSA_KEY_FILE, NULL);

sensitive_data.external_keysign = 1;

}