[packages/openssh] allow dsa keys also client side, enable by default
Arkadiusz Miśkiewicz
arekm at maven.pl
Tue Oct 6 10:12:39 CEST 2015
On Tuesday 06 of October 2015, Elan Ruusamäe wrote:
> On 06.10.2015 10:57, Arkadiusz Miśkiewicz wrote:
> > On Tuesday 06 of October 2015, glen wrote:
> >> commit 0c97474bafebbdc86d13d41624a85cccc55c02e0
> >> Author: Elan Ruusamäe <glen at delfi.ee>
> >> Date: Tue Oct 6 10:04:54 2015 +0300
> >>
> >> allow dsa keys also client side, enable by default
> >>
> >> openssh-config.patch | 6 ++++--
> >> openssh.spec | 2 +-
> >> 2 files changed, 5 insertions(+), 3 deletions(-)
> >
> > That change is harmful. With this change people won't notice that DSA is
> > to be dropped, won't migrate from DSA keys and will end up with big
> > problem when finally openssh team drops DSA support.
> >
> > Please revert it (at least revert on client side; server side could
> > enable DSA keys for a while), so people WILL notice and will migrate to
> > RSA/ECDSA keys.
>
> shouldn't it be opposite?
>
It should be exactly like that:
> a) allow in server
> b) disable in client
revert on client side means go back to default on client == dsa disabled
--
Arkadiusz Miśkiewicz, arekm / ( maven.pl | pld-linux.org )
More information about the pld-devel-en
mailing list