3
0
Fork 0
forked from mirrors/nixpkgs

nixos/openssh: Drop deprecated locations

The changelog entry should give a good indication why I don't think this
is necessary anymore.
This commit is contained in:
Janne Heß 2023-04-13 13:56:08 +02:00
parent 490601e157
commit 98c3d190b2
No known key found for this signature in database
3 changed files with 8 additions and 5 deletions

View file

@ -123,6 +123,10 @@ In addition to numerous new and upgraded packages, this release has the followin
- The `ssh` client tool now disables the `~C` escape sequence by default. This can be re-enabled by setting `EnableEscapeCommandline yes` - The `ssh` client tool now disables the `~C` escape sequence by default. This can be re-enabled by setting `EnableEscapeCommandline yes`
- The `ssh` module does not read `/etc/ssh/ssh_known_hosts2` anymore since this location is [deprecated since 2001](https://marc.info/?l=openssh-unix-dev&m=100508718416162&w=2).
- The openssh module does not read `~/.ssh/authorized_keys2` anymore since this location is [deprecated since 2001](https://marc.info/?l=openssh-unix-dev&m=100508718416162&w=2).
- `podman` now uses the `netavark` network stack. Users will need to delete all of their local containers, images, volumes, etc, by running `podman system reset --force` once before upgrading their systems. - `podman` now uses the `netavark` network stack. Users will need to delete all of their local containers, images, volumes, etc, by running `podman system reset --force` once before upgrading their systems.
- `git-bug` has been updated to at least version 0.8.0, which includes backwards incompatible changes. The `git-bug-migration` package can be used to upgrade existing repositories. - `git-bug` has been updated to at least version 0.8.0, which includes backwards incompatible changes. The `git-bug-migration` package can be used to upgrade existing repositories.

View file

@ -26,7 +26,7 @@ let
+ (if h.publicKey != null then h.publicKey else readFile h.publicKeyFile) + (if h.publicKey != null then h.publicKey else readFile h.publicKeyFile)
)) + "\n"; )) + "\n";
knownHostsFiles = [ "/etc/ssh/ssh_known_hosts" "/etc/ssh/ssh_known_hosts2" ] knownHostsFiles = [ "/etc/ssh/ssh_known_hosts" ]
++ map pkgs.copyPathToStore cfg.knownHostsFiles; ++ map pkgs.copyPathToStore cfg.knownHostsFiles;
in in
@ -232,9 +232,8 @@ in
description = lib.mdDoc '' description = lib.mdDoc ''
Files containing SSH host keys to set as global known hosts. Files containing SSH host keys to set as global known hosts.
`/etc/ssh/ssh_known_hosts` (which is `/etc/ssh/ssh_known_hosts` (which is
generated by {option}`programs.ssh.knownHosts`) and generated by {option}`programs.ssh.knownHosts`) is
`/etc/ssh/ssh_known_hosts2` are always always included.
included.
''; '';
example = literalExpression '' example = literalExpression ''
[ [

View file

@ -536,7 +536,7 @@ in
# https://github.com/NixOS/nixpkgs/pull/10155 # https://github.com/NixOS/nixpkgs/pull/10155
# https://github.com/NixOS/nixpkgs/pull/41745 # https://github.com/NixOS/nixpkgs/pull/41745
services.openssh.authorizedKeysFiles = services.openssh.authorizedKeysFiles =
[ "%h/.ssh/authorized_keys" "%h/.ssh/authorized_keys2" "/etc/ssh/authorized_keys.d/%u" ]; [ "%h/.ssh/authorized_keys" "/etc/ssh/authorized_keys.d/%u" ];
services.openssh.extraConfig = mkOrder 0 services.openssh.extraConfig = mkOrder 0
'' ''