Branch: refs/heads/master
Home: https://github.com/NixOS/nixpkgs
Commit: 86d299bc6ec739702c5c8d2aae3e2d6b2bb94b1e
https://github.com/NixOS/nixpkgs/commit/86d299bc6ec739702c5c8d2aae3e2d6b2bb94b1e
Author: Peter Simons <[email protected]>
Date: 2015-05-22 (Fri, 22 May 2015)
Changed paths:
M nixos/modules/services/networking/ssh/sshd.nix
Log Message:
-----------
nixos: add config.services.openssh.moduliFile option so that users can
replace the default file from OpenSSH
The man page for ssh-keygen(1) has a section "MODULI GENERATION" that describes
how to generate your own moduli file. The following script might also be
helpful:
| #! /usr/bin/env bash
|
| moduliFiles=()
|
| generateModuli()
| {
| ssh-keygen -G "moduli-$1.candidates" -b "$1"
| ssh-keygen -T "moduli-$1" -f "moduli-$1.candidates"
| rm "moduli-$1.candidates"
| }
|
| for (( i=0 ; i <= 16 ; ++i )); do
| let bitSize="2048 + i * 128"
| generateModuli "$bitSize" &
| moduliFiles+=( "moduli-$bitSize" )
| done
| wait
|
| echo >moduli "# Time Type Tests Tries Size Generator Modulus"
| cat >>moduli "${moduliFiles[@]}"
| rm "${moduliFiles[@]}"
Note that generating moduli takes a long time, i.e. several hours on a fast
machine!
This patch resolves https://github.com/NixOS/nixpkgs/pull/5870.
Commit: 50fa9d8eeab5e90e8d673c5d65a0af2a7c57b2fe
https://github.com/NixOS/nixpkgs/commit/50fa9d8eeab5e90e8d673c5d65a0af2a7c57b2fe
Author: Peter Simons <[email protected]>
Date: 2015-05-22 (Fri, 22 May 2015)
Changed paths:
M nixos/modules/services/networking/ssh/sshd.nix
Log Message:
-----------
Merge pull request #7941 from peti/allow-custom-ssh-moduli-file
nixos: add config.services.openssh.moduliFile option so that users can replace
the default file from OpenSSH
Compare: https://github.com/NixOS/nixpkgs/compare/06f3c4dba547...50fa9d8eeab5_______________________________________________
nix-commits mailing list
[email protected]
http://lists.science.uu.nl/mailman/listinfo/nix-commits
