mirror/infrastructure
1
1
Fork 0
mirror of https://gitlab.archlinux.org/archlinux/infrastructure.git synced 2025-01-18 08:06:16 +01:00
Code Issues
fix/tempo
infrastructure/docs
History
Kristian Klausen 9d229b847a
Remove not used DSA host keys 
It has been disabled client side since 7.0[1] (2015-08-11), server side
since 7.7[2][3] (2018-04-02), default DSA host key generation has been
disabled since 9.1[4] (2022-10-04) and with 9.8[5] (2024-07-01) DSA
support is disabled by default at compile time. In other words, DSA has
de facto been disabled (by default) for years.

From the 9.8 release notes[5]:
"OpenSSH plans to remove support for the DSA signature algorithm in
early 2025"

The DSA host keys have been removed on our servers by running[6]:
ansible all -a "rm /etc/ssh/ssh_host_dsa_key /etc/ssh/ssh_host_dsa_key.pub"

[1] https://www.openssh.com/txt/release-7.0
[2] https://bugzilla.mindrot.org/show_bug.cgi?id=2662
[3] 88c50a5ae2
[4] https://www.openssh.com/txt/release-9.1
[5] https://www.openssh.com/txt/release-9.8
[6] https://gitlab.archlinux.org/archlinux/infrastructure/-/issues/596#note_203938

Fix #596
2024-08-18 15:38:25 +02:00
..
backups.md borg_client: refactor database related vars/tasks 2024-03-30 19:08:37 +02:00
banning.md Update banning docs for wireguard 2021-08-01 17:03:00 +02:00
becoming-devops.md docs: Make the Junior DevOs program mandatory 2024-08-17 21:40:14 +02:00
email.md aurweb/rspamd: append .vault to vaulted secrets 2022-09-17 22:10:08 +03:00
fail2ban.md Rate limit archlinux.org and fail2ban abusers 2021-07-11 21:10:38 +02:00
geomirrors.md acme_dns_challenge: turn into more generic dyn_dns 2023-08-18 19:30:52 +03:00
grafana.md Document adding a dashboard to our public instance 2021-05-15 18:08:25 +02:00
grow-disks.md Adapt to new Hetzner plans[1] for lower cost and better specs! 2024-06-30 18:46:57 +02:00
ipmi.md doc: clean up the markdown formatting 2022-02-23 20:45:48 +00:00
kape.md Make Kape archive servers, arch mirrors as well. 2021-01-26 16:56:41 +01:00
maintenance.md archweb: Add support for legacy domains 2024-07-28 02:55:19 +02:00
matrix.md docs: Update matrix docs 2023-09-13 20:51:59 +02:00
monitoring.md Remove [node_exporters]/[wireguard] from inventory 2022-05-12 19:40:49 +03:00
otp.md Add Vagrant Cloud account 2022-05-29 21:20:06 +02:00
quassel.md Fix quassel migration 2024-07-20 13:09:28 +02:00
rebuilderd.md Add Kape donated servers 2020-12-07 20:28:55 +01:00
servers.md Decommission bugs.archlinux.org and replace it with a static copy[1] 2024-02-10 17:07:38 +01:00
ssh-hostkeys.txt Remove not used DSA host keys 2024-08-18 15:38:25 +02:00
ssh-known_hosts.txt docs: Sync ssh host keys and known hosts 2024-04-08 02:23:33 +02:00
testing.md add docs/testing.md 2021-04-26 23:37:30 +00:00
vault-rekeying.md Move highly sensitive secrets to new "super" vault 2022-05-07 17:45:19 +03:00
wireguard.md docs: add wireguard docs 2023-06-22 08:26:11 +01:00