On Tue, 1 Apr 2025 at 20:40, Christian Weisgerber <na...@mips.inka.de> wrote: > > Christian Weisgerber: > > > If OpenSSH upstream stick to the published schedule, version 9.9 > > that is now in 13-STABLE/14-STABLE/15-CURRENT will be the _final_ > > release that even includes the DSA code. > > Subject: Call for testing: OpenSSH 10.0 > [...] > Potentially-incompatible changes > -------------------------------- > > * This release removes support for the weak DSA signature > algorithm, completing the deprecation process that began in > 2015 (when DSA was disabled by default) and repeatedly warned > over the the last 12 months. > [...] > > https://lists.mindrot.org/pipermail/openssh-unix-dev/2025-April/041855.html
I'm preparing to import OpenSSH 10.0 into the FreeBSD base system, and intend to merge the DSA removal separately in advance. Two reviews are open for this: - https://reviews.freebsd.org/D49739 - https://reviews.freebsd.org/D49740 (rc.d/sshd update from jlduran)
