svn commit: r294495 - in head: . crypto/openssh
Conrad Meyer
cem at FreeBSD.org
Thu Jan 21 18:35:12 UTC 2016
On Thu, Jan 21, 2016 at 3:10 AM, Dag-Erling Smørgrav <des at freebsd.org> wrote:
> Author: des
> Date: Thu Jan 21 11:10:14 2016
> New Revision: 294495
> URL: https://svnweb.freebsd.org/changeset/base/294495
>
> Log:
> Enable DSA keys by default. They were disabled in OpenSSH 6.9p1.
Are we going to maintain DSA key support after upstream deprecates it
entirely? And why?
"""
Future Deprecation Notice
=========================
The 7.0 release of OpenSSH, due for release in late July, will
deprecate several features, some of which may affect compatibility
or existing configurations. The intended changes are as follows:
...
* Support for ssh-dss, ssh-dss-cert-* host and user keys will be
run-time disabled by default.
"""
http://www.openssh.com/txt/release-6.9
"OpenSSH 7.0 and greater similarly disables the ssh-dss (DSA) public
key algorithm. It too is weak and we recommend against its use."
http://www.openssh.com/legacy.html
Best,
Conrad
More information about the svn-src-all
mailing list