[packages/openssh] allow dsa keys also client side, enable by default

Arkadiusz Miśkiewicz arekm at maven.pl
Tue Oct 6 10:12:39 CEST 2015


On Tuesday 06 of October 2015, Elan Ruusamäe wrote:
> On 06.10.2015 10:57, Arkadiusz Miśkiewicz wrote:
> > On Tuesday 06 of October 2015, glen wrote:
> >> commit 0c97474bafebbdc86d13d41624a85cccc55c02e0
> >> Author: Elan Ruusamäe <glen at delfi.ee>
> >> Date:   Tue Oct 6 10:04:54 2015 +0300
> >> 
> >>      allow dsa keys also client side, enable by default
> >>   
> >>   openssh-config.patch | 6 ++++--
> >>   openssh.spec         | 2 +-
> >>   2 files changed, 5 insertions(+), 3 deletions(-)
> > 
> > That change is harmful. With this change people won't notice that DSA is
> > to be dropped, won't migrate from DSA keys and will end up with big
> > problem when finally openssh team drops DSA support.
> > 
> > Please revert it (at least revert on client side; server side could
> > enable DSA keys for a while), so people WILL notice and will migrate to
> > RSA/ECDSA keys.
> 
> shouldn't it be opposite?
>

It should be exactly like that:
 
> a) allow in server
> b) disable in client

revert on client side means go back to default on client == dsa disabled

-- 
Arkadiusz Miśkiewicz, arekm / ( maven.pl | pld-linux.org )


More information about the pld-devel-en mailing list