1
1
mirror of https://github.com/go-gitea/gitea synced 2025-01-31 03:54:28 +00:00

9 Commits

Author SHA1 Message Date
mainboarder
c533991519
Expanded minimum RSA Keylength to 3072 ()
German Federal Office for Information Security requests in its technical
guideline BSI TR-02102-1 RSA Keylength not shorter than 3000bits
starting 2024, in the year 2023 3000bits as a recommendation. Gitea
should request longer RSA Keys by default in favor of security and drop
old clients which do not support longer keys.


https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Publikationen/TechnischeRichtlinien/TR02102/BSI-TR-02102.pdf?__blob=publicationFile&v=9
- Page 19, Table 1.2

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-08-28 00:53:16 +00:00
Xinyu Zhou
f17edfaf5a
Remove deprecated DSA host key from Docker Container ()
Since OpenSSH 7.0 and greater similarly disable the ssh-dss (DSA) public
key algorithm, and recommend against its use.
http://www.openssh.com/legacy.html

## ⚠️ BREAKING ⚠️

This patch will remove DSA host key form OpenSSH daemon configuration
file.

Signed-off-by: baronbunny <its@baronbunny.cn>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-11-03 19:49:12 +08:00
Thomas Andrade
4a295d4a6c
feat: Add support for extra sshd_config parameters via 'Include' file ()
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2022-05-31 14:42:19 -04:00
Gusted
ba5f2acb9c
Configure OpenSSH log level via Environment in Docker ()
Introduce a new environment variable: SSH_LOG_LEVEL
2022-03-31 11:15:36 +08:00
zeripath
8947422781
Fix bug due to missing MaxStartups and MaxSessions ()
Unforunately  makes these settings mandatory. This PR uses the same technique
as used for the certificates to make these settings non-mandatory.

Fix 

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: 6543 <6543@obermui.de>
2021-06-01 15:55:17 -04:00
zeripath
0ada74edbc
Only offer hostcertificates if they exist ()
A common bug report is the otherwise harmless sshd logging:

```
Could not load host certificate "/data/ssh/ssh_host_ed25519_cert": No such file or directory
```

This PR simply checks if these files exist before creation of sshd_config and if
they do not exist, doesn't add a reference to them.

Fix  amongst others.

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: Lauris BH <lauris@nix.lv>
2021-05-13 15:11:28 +03:00
zeripath
0a96e59884 Fix by making openssh listen on SSH_LISTEN_PORT not SSH_PORT () 2019-10-12 23:45:00 +08:00
Christopher Thomas
75d4414386 Implement the ability to change the ssh port to match what is in the gitea config ()
* - rearrange the templates to make it more logical because now ssh_config is a template
- implemented the updating of the port to the same as the port sent to the gitea config

* change the filename back
2019-07-06 21:57:53 -04:00
Jakob Ackermann
dab38c375d [docker] drop the docker Makefile from the image () 2019-05-05 22:49:32 -04:00