diff options
| author | Peter Simons <simons@cryp.to> | 2015-05-22 14:23:21 +0200 |
|---|---|---|
| committer | Peter Simons <simons@cryp.to> | 2015-05-22 16:28:45 +0200 |
| commit | 86d299bc6ec739702c5c8d2aae3e2d6b2bb94b1e (patch) | |
| tree | ca9a5292dadcd09192f0ad214e8a7ec15cf0fb77 /pkgs/applications/misc | |
| parent | 0c35edb25c80be61be50e2fb8ad1195a573d762e (diff) | |
| download | nixlib-86d299bc6ec739702c5c8d2aae3e2d6b2bb94b1e.tar nixlib-86d299bc6ec739702c5c8d2aae3e2d6b2bb94b1e.tar.gz nixlib-86d299bc6ec739702c5c8d2aae3e2d6b2bb94b1e.tar.bz2 nixlib-86d299bc6ec739702c5c8d2aae3e2d6b2bb94b1e.tar.lz nixlib-86d299bc6ec739702c5c8d2aae3e2d6b2bb94b1e.tar.xz nixlib-86d299bc6ec739702c5c8d2aae3e2d6b2bb94b1e.tar.zst nixlib-86d299bc6ec739702c5c8d2aae3e2d6b2bb94b1e.zip | |
nixos: add config.services.openssh.moduliFile option so that users can replace the default file from OpenSSH
The man page for ssh-keygen(1) has a section "MODULI GENERATION" that describes
how to generate your own moduli file. The following script might also be helpful:
| #! /usr/bin/env bash
|
| moduliFiles=()
|
| generateModuli()
| {
| ssh-keygen -G "moduli-$1.candidates" -b "$1"
| ssh-keygen -T "moduli-$1" -f "moduli-$1.candidates"
| rm "moduli-$1.candidates"
| }
|
| for (( i=0 ; i <= 16 ; ++i )); do
| let bitSize="2048 + i * 128"
| generateModuli "$bitSize" &
| moduliFiles+=( "moduli-$bitSize" )
| done
| wait
|
| echo >moduli "# Time Type Tests Tries Size Generator Modulus"
| cat >>moduli "${moduliFiles[@]}"
| rm "${moduliFiles[@]}"
Note that generating moduli takes a long time, i.e. several hours on a fast
machine!
This patch resolves https://github.com/NixOS/nixpkgs/pull/5870.
Diffstat (limited to 'pkgs/applications/misc')
0 files changed, 0 insertions, 0 deletions