From 2bc8def078639dbaec99bc4ea5f58782f4d7decf Mon Sep 17 00:00:00 2001 From: Jamie Cameron Date: Sat, 17 Sep 2022 16:40:12 -0700 Subject: [PATCH] Use ed25519 key if supported https://github.com/webmin/webmin/issues/1739 --- sshd/sshd-lib.pl | 11 +++++++++++ sshd/useradmin_update.pl | 9 ++++----- 2 files changed, 15 insertions(+), 5 deletions(-) diff --git a/sshd/sshd-lib.pl b/sshd/sshd-lib.pl index caa938c09..5989aed60 100755 --- a/sshd/sshd-lib.pl +++ b/sshd/sshd-lib.pl @@ -377,5 +377,16 @@ return &ui_radio($name, lc($value) eq 'yes' ? 1 : [ 2, $text{'default'} ] ]); } +sub get_preferred_key_type +{ +if ($version{'type'} eq 'openssh' && $version{'number'} >= 6.5) { + return "ed25519"; + } +if ($version{'type'} eq 'openssh' && $version{'number'} >= 3.2) { + return "rsa1"; + } +return undef; +} + 1; diff --git a/sshd/useradmin_update.pl b/sshd/useradmin_update.pl index 7cd11f574..2852ade80 100755 --- a/sshd/useradmin_update.pl +++ b/sshd/useradmin_update.pl @@ -9,15 +9,14 @@ my ($uinfo) = @_; if ($config{'sync_create'} && &has_command($config{'keygen_path'}) && -d $uinfo->{'home'} && !-d "$uinfo->{'home'}/.ssh") { local $cmd; - local $type = $config{'sync_type'} ? "-t $config{'sync_type'}" : - $version{'type'} eq 'openssh' && - $version{'number'} >= 3.2 ? "-t rsa1" : ""; + local $type = $config{'sync_type'} || &get_preferred_key_type(); + local $tflag = $type ? "-t $type" : ""; if ($config{'sync_pass'} && $uinfo->{'passmode'} == 3) { - $cmd = "$config{'keygen_path'} $type -P ". + $cmd = "$config{'keygen_path'} $tflag -P ". quotemeta($uinfo->{'plainpass'}); } else { - $cmd = "$config{'keygen_path'} $type -P \"\""; + $cmd = "$config{'keygen_path'} $tflag -P \"\""; } &system_logged("echo '' | ".&command_as_user($uinfo->{'user'}, 0, $cmd). " >/dev/null 2>&1");