domi/forgejo-domi
1
0
Fork 0
forked from forgejo/forgejo
Code Pull requests Activity

Only offer hostcertificates if they exist (#15849)

Browse source 
A common bug report is the otherwise harmless sshd logging:

```
Could not load host certificate "/data/ssh/ssh_host_ed25519_cert": No such file or directory
```

This PR simply checks if these files exist before creation of sshd_config and if
they do not exist, doesn't add a reference to them.

Fix #14110 amongst others.

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: Lauris BH <lauris@nix.lv>
This commit is contained in:
zeripath 2021-05-13 13:11:28 +01:00 committed by GitHub
parent 52f8dcda43
commit 0ada74edbc
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 24 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

8
docker/root/etc/templates/sshd_config
View file

@ -8,13 +8,13 @@ ListenAddress ::
LogLevel INFO
HostKey /data/ssh/ssh_host_ed25519_key
HostCertificate /data/ssh/ssh_host_ed25519_cert
${SSH_ED25519_CERT}
HostKey /data/ssh/ssh_host_rsa_key
HostCertificate /data/ssh/ssh_host_rsa_cert
${SSH_RSA_CERT}
HostKey /data/ssh/ssh_host_ecdsa_key
HostCertificate /data/ssh/ssh_host_ecdsa_cert
${SSH_ECDSA_CERT}
HostKey /data/ssh/ssh_host_dsa_key
HostCertificate /data/ssh/ssh_host_dsa_cert
${SSH_DSA_CERT}
AuthorizedKeysFile .ssh/authorized_keys
AuthorizedPrincipalsFile .ssh/authorized_principals