Download raw body.
Add ML-DSA-44 / Ed25519 hybrid SSH host keys to changelist and mtree
Add ML-DSA-44 / Ed25519 hybrid SSH host keys to changelist and mtree
Makes sense. On Fri, 26 Jun 2026, 18:41 Bjorn Ketelaars, <bket@openbsd.org> wrote: > With OpenSSH introducing ML-DSA-44 / Ed25519 hybrid host keys, they > probably need to be tracked in /etc/changelist and /etc/mtree/special. > > Diff below adds the new host keys with the appropriate permissions (0600 > for the private key, 0644 for the public key) and marks them as > optional. > > Comments / OK? > > > > diff --git etc/changelist etc/changelist > index 0dc0188b184..a1e2b12412d 100644 > --- etc/changelist > +++ etc/changelist > @@ -145,6 +145,8 @@ > /etc/ssh/ssh_host_ed25519_key.pub > +/etc/ssh/ssh_host_key > /etc/ssh/ssh_host_key.pub > ++/etc/ssh/ssh_host_mldsa44_ed25519_key > +/etc/ssh/ssh_host_mldsa44_ed25519_key.pub > +/etc/ssh/ssh_host_rsa_key > /etc/ssh/ssh_host_rsa_key.pub > /etc/ssh/sshd_config > diff --git etc/mtree/special etc/mtree/special > index 05e89c65e23..34dde68bb36 100644 > --- etc/mtree/special > +++ etc/mtree/special > @@ -106,6 +106,8 @@ ssh_host_ed25519_key type=file mode=0600 > uname=root gname=wheel optional > ssh_host_ed25519_key.pub type=file mode=0644 uname=root gname=wheel > optional > ssh_host_key type=file mode=0600 uname=root gname=wheel optional > ssh_host_key.pub type=file mode=0644 uname=root gname=wheel optional > +ssh_host_mldsa44_ed25519_key type=file mode=0600 uname=root gname=wheel > optional > +ssh_host_mldsa44_ed25519_key.pub type=file mode=0644 uname=root > gname=wheel optional > ssh_host_rsa_key type=file mode=0600 uname=root gname=wheel optional > ssh_host_rsa_key.pub type=file mode=0644 uname=root gname=wheel optional > sshd_config type=file mode=0644 uname=root gname=wheel > > >
Add ML-DSA-44 / Ed25519 hybrid SSH host keys to changelist and mtree
Add ML-DSA-44 / Ed25519 hybrid SSH host keys to changelist and mtree