software/proftpd: fix after openssl3.0

We can't generate key of type dsa anymore.

This is a fixup of aae4a7c0.

software/proftpd/buildout.hash.cfg

@@ -19,8 +19,8 @@ md5sum = 7f9749ab75475bd5d98be27a570c7731
 
 [instance-default]
 filename = instance-default.cfg.in
-md5sum = 49167e0b289a87723c3108c4dc4fa8b5
+md5sum = 65c9ca38322af7b825cd2f78db5fccd4
 
 [proftpd-config-file]
 filename = proftpd-config-file.cfg.in
-md5sum = 82cc600f4fce9852370f9d1f7c4cd3a6
+md5sum = 934317a31c6e9e7bd6a3b0f3e8508367

software/proftpd/instance-default.cfg.in

@@ -65,7 +65,6 @@ sftp-log=${directory:log}/proftpd-sftp.log
 xfer-log=${directory:log}/proftpd-xfer.log
 ban-log=${directory:log}/proftpd-ban.log
 ssh-host-rsa-key=${ssh-host-rsa-key:output}
-ssh-host-dsa-key=${ssh-host-dsa-key:output}
 ssh-host-ecdsa-key=${ssh-host-ecdsa-key:output}
 ssh-authorized-key = ${ssh-authorized-keys:output}
 ban-table=${directory:srv}/proftpd-ban-table
@@ -118,9 +117,6 @@ command = {{ ssh_keygen_bin }} -f ${:output} -N '' ${:extra-args}
 [ssh-host-rsa-key]
 <=ssh-keygen-base
 extra-args=-t rsa
-[ssh-host-dsa-key]
-<=ssh-keygen-base
-extra-args=-t dsa
 [ssh-host-ecdsa-key]
 <=ssh-keygen-base
 extra-args=-t ecdsa -b 521

software/proftpd/proftpd-config-file.cfg.in

@@ -18,7 +18,6 @@ AllowOverwrite on
 # SFTP
 SFTPEngine on
 SFTPHostKey {{ proftpd['ssh-host-rsa-key'] }}
-SFTPHostKey {{ proftpd['ssh-host-dsa-key'] }}
 SFTPHostKey {{ proftpd['ssh-host-ecdsa-key'] }}
 SFTPAuthorizedUserKeys file:{{ proftpd['ssh-authorized-key'] }}
 

[Jérome Perrin]

it seems openssh in ors-amarisoft needs a similar fix, we have promise failing in the test:

================================================================================
2024-07-12 04:23:38 slapos[254246] INFO Error with promises for the following partitions:
2024-07-12 04:23:38 slapos[254246] INFO   TestUEsim_RUMultiType4-0[ue]: Promise 'sshd.py' failed with output: ConnectionRefusedError: [Errno 111] Connection refused

and in the sshd log

/srv/slapgrid/slappart0/t/eoc/i/0/tmp/inst/TestUEsim_RUMultiType4-0/etc/sshd.conf line 9: Bad key types 'ssh-rsa,ssh-dss,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp521'.
/srv/slapgrid/slappart0/t/eoc/i/0/tmp/inst/TestUEsim_RUMultiType4-0/etc/sshd.conf line 9: Bad key types 'ssh-rsa,ssh-dss,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp521'.
/srv/slapgrid/slappart0/t/eoc/i/0/tmp/inst/TestUEsim_RUMultiType4-0/etc/sshd.conf line 9: Bad key types 'ssh-rsa,ssh-dss,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp521'.
/srv/slapgrid/slappart0/t/eoc/i/0/tmp/inst/TestUEsim_RUMultiType4-0/etc/sshd.conf line 9: Bad key types 'ssh-rsa,ssh-dss,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp521'.
/srv/slapgrid/slappart0/t/eoc/i/0/tmp/inst/TestUEsim_RUMultiType4-0/etc/sshd.conf line 9: Bad key types 'ssh-rsa,ssh-dss,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp521'.
/srv/slapgrid/slappart0/t/eoc/i/0/tmp/inst/TestUEsim_RUMultiType4-0/etc/sshd.conf line 9: Bad key types 'ssh-rsa,ssh-dss,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp521'.
/srv/slapgrid/slappart0/t/eoc/i/0/tmp/inst/TestUEsim_RUMultiType4-0/etc/sshd.conf line 9: Bad key types 'ssh-rsa,ssh-dss,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp521'.
/srv/slapgrid/slappart0/t/eoc/i/0/tmp/inst/TestUEsim_RUMultiType4-0/etc/sshd.conf line 9: Bad key types 'ssh-rsa,ssh-dss,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp521'.
/srv/slapgrid/slappart0/t/eoc/i/0/tmp/inst/TestUEsim_RUMultiType4-0/etc/sshd.conf line 9: Bad key types 'ssh-rsa,ssh-dss,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp521'.
/srv/slapgrid/slappart0/t/eoc/i/0/tmp/inst/TestUEsim_RUMultiType4-0/etc/sshd.conf line 9: Bad key types 'ssh-rsa,ssh-dss,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp521'.
/srv/slapgrid/slappart0/t/eoc/i/0/tmp/inst/TestUEsim_RUMultiType4-0/etc/sshd.conf line 9: Bad key types 'ssh-rsa,ssh-dss,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp521'.
/srv/slapgrid/slappart0/t/eoc/i/0/tmp/inst/TestUEsim_RUMultiType4-0/etc/sshd.conf line 9: Bad key types 'ssh-rsa,ssh-dss,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp521'.
/srv/slapgrid/slappart0/t/eoc/i/0/tmp/inst/TestUEsim_RUMultiType4-0/etc/sshd.conf line 9: Bad key types 'ssh-rsa,ssh-dss,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp521'.
/srv/slapgrid/slappart0/t/eoc/i/0/tmp/inst/TestUEsim_RUMultiType4-0/etc/sshd.conf line 9: Bad key types 'ssh-rsa,ssh-dss,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp521'.
/srv/slapgrid/slappart0/t/eoc/i/0/tmp/inst/TestUEsim_RUMultiType4-0/etc/sshd.conf line 9: Bad key types 'ssh-rsa,ssh-dss,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp521'.
/srv/slapgrid/slappart0/t/eoc/i/0/tmp/inst/TestUEsim_RUMultiType4-0/etc/sshd.conf line 9: Bad key types 'ssh-rsa,ssh-dss,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp521'.
/srv/slapgrid/slappart0/t/eoc/i/0/tmp/inst/TestUEsim_RUMultiType4-0/etc/sshd.conf line 9: Bad key types 'ssh-rsa,ssh-dss,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp521'.
/srv/slapgrid/slappart0/t/eoc/i/0/tmp/inst/TestUEsim_RUMultiType4-0/etc/sshd.conf line 9: Bad key types 'ssh-rsa,ssh-dss,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp521'.
/srv/slapgrid/slappart0/t/eoc/i/0/tmp/inst/TestUEsim_RUMultiType4-0/etc/sshd.conf line 9: Bad key types 'ssh-rsa,ssh-dss,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp521'.
/srv/slapgrid/slappart0/t/eoc/i/0/tmp/inst/TestUEsim_RUMultiType4-0/etc/sshd.conf line 9: Bad key types 'ssh-rsa,ssh-dss,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp521'.
/srv/slapgrid/slappart0/t/eoc/i/0/tmp/inst/TestUEsim_RUMultiType4-0/etc/sshd.conf line 9: Bad key types 'ssh-rsa,ssh-dss,rsa-sha2-512,rsa-sha2-256,ecdsa-sha2-nistp521'.

[Jérome Perrin]

mmh not exactly the same, but this seems because of a version up, maybe openssl or openssh where old keys types are no longer allowed.

[Thomas Gambier]

I already did the fix (tomo/slapos@df0f2f49) and I launched the test (https://erp5js.nexedi.net/#/test_result_module/20240711-C980FDC6/38) which passes :)

I'll push this in master.

[Thomas Gambier]

Done in df0f2f49

[Jérome Perrin]

This was a bug fixed quickly 😄