diff options
| author |   djm <djm@openbsd.org> | 2015-01-08 10:15:45 +0000 |
|---|---|---|
| committer | djm <djm@openbsd.org> | 2015-01-08 10:15:45 +0000 |
| commit | b60a4613831c6daf14ad425979c5f6c06080c2e3 (patch) | |
| tree | 3d4a02805e004ff3bd0075d16d4f7f7ccbab4db3 /usr.bin/ssh/ssh.c | |
| parent | deprecate key_load_private_pem() and sshkey_load_private_pem() (diff) | |
| download | wireguard-openbsd-b60a4613831c6daf14ad425979c5f6c06080c2e3.tar.xz wireguard-openbsd-b60a4613831c6daf14ad425979c5f6c06080c2e3.zip | |
reorder hostbased key attempts to better match the default
hostkey algorithms order in myproposal.h; ok markus@
Diffstat (limited to 'usr.bin/ssh/ssh.c')
| -rw-r--r-- | usr.bin/ssh/ssh.c | 34 |
1 files changed, 17 insertions, 17 deletions
diff --git a/usr.bin/ssh/ssh.c b/usr.bin/ssh/ssh.c index 346b94a2e36..67513c47dad 100644 --- a/usr.bin/ssh/ssh.c +++ b/usr.bin/ssh/ssh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh.c,v 1.410 2014/11/18 20:54:28 krw Exp $ */ +/* $OpenBSD: ssh.c,v 1.411 2015/01/08 10:15:45 djm Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -1113,22 +1113,22 @@ main(int ac, char **av) PRIV_START; sensitive_data.keys[0] = key_load_private_type(KEY_RSA1, _PATH_HOST_KEY_FILE, "", NULL, NULL); - sensitive_data.keys[1] = key_load_private_cert(KEY_DSA, - _PATH_HOST_DSA_KEY_FILE, "", NULL); - sensitive_data.keys[2] = key_load_private_cert(KEY_ECDSA, + sensitive_data.keys[1] = key_load_private_cert(KEY_ECDSA, _PATH_HOST_ECDSA_KEY_FILE, "", NULL); + sensitive_data.keys[2] = key_load_private_cert(KEY_ED25519, + _PATH_HOST_ED25519_KEY_FILE, "", NULL); sensitive_data.keys[3] = key_load_private_cert(KEY_RSA, _PATH_HOST_RSA_KEY_FILE, "", NULL); - sensitive_data.keys[4] = key_load_private_cert(KEY_ED25519, - _PATH_HOST_ED25519_KEY_FILE, "", NULL); - sensitive_data.keys[5] = key_load_private_type(KEY_DSA, - _PATH_HOST_DSA_KEY_FILE, "", NULL, NULL); - sensitive_data.keys[6] = key_load_private_type(KEY_ECDSA, + sensitive_data.keys[4] = key_load_private_cert(KEY_DSA, + _PATH_HOST_DSA_KEY_FILE, "", NULL); + sensitive_data.keys[5] = key_load_private_type(KEY_ECDSA, _PATH_HOST_ECDSA_KEY_FILE, "", NULL, NULL); + sensitive_data.keys[6] = key_load_private_type(KEY_ED25519, + _PATH_HOST_ED25519_KEY_FILE, "", NULL, NULL); sensitive_data.keys[7] = key_load_private_type(KEY_RSA, _PATH_HOST_RSA_KEY_FILE, "", NULL, NULL); - sensitive_data.keys[8] = key_load_private_type(KEY_ED25519, - _PATH_HOST_ED25519_KEY_FILE, "", NULL, NULL); + sensitive_data.keys[8] = key_load_private_type(KEY_DSA, + _PATH_HOST_DSA_KEY_FILE, "", NULL, NULL); PRIV_END; if (options.hostbased_authentication == 1 && @@ -1138,21 +1138,21 @@ main(int ac, char **av) sensitive_data.keys[7] == NULL && sensitive_data.keys[8] == NULL) { sensitive_data.keys[1] = key_load_cert( - _PATH_HOST_DSA_KEY_FILE); - sensitive_data.keys[2] = key_load_cert( _PATH_HOST_ECDSA_KEY_FILE); + sensitive_data.keys[2] = key_load_cert( + _PATH_HOST_ED25519_KEY_FILE); sensitive_data.keys[3] = key_load_cert( _PATH_HOST_RSA_KEY_FILE); sensitive_data.keys[4] = key_load_cert( - _PATH_HOST_ED25519_KEY_FILE); + _PATH_HOST_DSA_KEY_FILE); sensitive_data.keys[5] = key_load_public( - _PATH_HOST_DSA_KEY_FILE, NULL); - sensitive_data.keys[6] = key_load_public( _PATH_HOST_ECDSA_KEY_FILE, NULL); + sensitive_data.keys[6] = key_load_public( + _PATH_HOST_ED25519_KEY_FILE, NULL); sensitive_data.keys[7] = key_load_public( _PATH_HOST_RSA_KEY_FILE, NULL); sensitive_data.keys[8] = key_load_public( - _PATH_HOST_ED25519_KEY_FILE, NULL); + _PATH_HOST_DSA_KEY_FILE, NULL); sensitive_data.external_keysign = 1; } } |