[packages/openssh] allow dsa keys also client side, enable by default
Arkadiusz Miśkiewicz
arekm at maven.pl
Tue Oct 6 09:57:00 CEST 2015
On Tuesday 06 of October 2015, glen wrote:
> commit 0c97474bafebbdc86d13d41624a85cccc55c02e0
> Author: Elan Ruusamäe <glen at delfi.ee>
> Date: Tue Oct 6 10:04:54 2015 +0300
>
> allow dsa keys also client side, enable by default
>
> openssh-config.patch | 6 ++++--
> openssh.spec | 2 +-
> 2 files changed, 5 insertions(+), 3 deletions(-)
That change is harmful. With this change people won't notice that DSA is to be
dropped, won't migrate from DSA keys and will end up with big problem when
finally openssh team drops DSA support.
Please revert it (at least revert on client side; server side could enable DSA
keys for a while), so people WILL notice and will migrate to RSA/ECDSA keys.
> @@ -22,7 +22,7 @@
> +PermitEmptyPasswords no
> +
> +# Allow DSA keys
> -+#PubkeyAcceptedKeyTypes +ssh-dss
> ++PubkeyAcceptedKeyTypes +ssh-dss
> ++ # Allow DSA keys
> ++ PubkeyAcceptedKeyTypes +ssh-dss
> +# Send locale-related environment variables, also pass some GIT vars
--
Arkadiusz Miśkiewicz, arekm / ( maven.pl | pld-linux.org )
More information about the pld-devel-en
mailing list