[Nix-dev] SECURITY: default SSH host keys are weak

Fri Aug 23 14:38:55 CEST 2013

В письме от Пятница 23 августа 2013 14:19:49 пользователь Marc Weber написал:
> Or raise an exception unless a new option such as
> allowWeakKeyTypes is set to true.

Can't be done because keys aren't generated during the build time and could 
have been inherited from other system in fact.

> There is a way to write assertions, grep for assertion in nixos.
> 
> I'd like to to see such issues treated seriously and force the right
> thing unless the admin really opts out.

Thus, I'm giving a short notice to people who don't want surprises and then 
the default change will trigger generation of a new key.