> On 09.09.2021, at 20:01, Ed Maste wrote:
>
> OpenSSH will disable the ssh-rsa signature scheme by default in the
> next release.
>
> ...
>
> To check whether a server is using the weak ssh-rsa public key
> algorithm, for host authentication, try to connect to it after
> removing the ssh-rs
On 9/12/2021 10:02, Markus Falb wrote:
On 09.09.2021, at 20:01, Ed Maste wrote:
OpenSSH will disable the ssh-rsa signature scheme by default in the
next release.
...
To check whether a server is using the weak ssh-rsa public key
algorithm, for host authentication, try to connect to it after
r
I agree with Karl. To further the point:
"Secure by default" is a good idea, so removing ssh-rsa from the default
list makes sense to alert people if its still in use.
Management ports for power strips, switches, UPSs, generators, thermostats,
radios, etc should already be isolated on a separate
On 2021-09-12, Leif Pedersen wrote:
> Management ports for power strips, switches, UPSs, generators, thermostats,
> radios, etc should already be isolated on a separate vlan or whatever.
In which case you can just use telnet(1).
--
Christian "naddy" Weisgerber na...@mi
On Sun, Sep 12, 2021, 2:45 PM Christian Weisgerber
wrote:
> On 2021-09-12, Leif Pedersen wrote:
>
> > Management ports for power strips, switches, UPSs, generators,
> thermostats,
> > radios, etc should already be isolated on a separate vlan or whatever.
>
> In which case you can just use telnet
Leif Pedersen wrote
> "Secure by default" is a good idea, so removing ssh-rsa from the default
> list makes sense to alert people if its still in use.
Very much: ACK
Regards,
Michael
___
freebsd-security@freebsd.org mailing list
https://lists.freebsd
> On Sep 12, 2021, at 7:40 AM, Karl Denninger wrote:
>
> I have in the field a BUNCH of "smart" rack power strips that have this
> problem; their management firmware does NOT support more-modern cipher sets
> and SSL requirements. I get it, those older SSL versions are insecure and we
> kno
On 12.9.2021 23:27, Gordon Tetlow via freebsd-security wrote:
Blaming the browser and other client providers (OpenSSH, etc) for a
problem that is 100% because the devices are now abandoned by the
manufacturer is the wrong place to focus your anger. We have an
enormous problem in the industry of
On Mon, Sep 13, 2021 at 12:11 AM Dan Lukes wrote:
> On 12.9.2021 23:27, Gordon Tetlow via freebsd-security wrote:
> > Blaming the browser and other client providers (OpenSSH, etc) for a
> > problem that is 100% because the devices are now abandoned by the
> > manufacturer is the wrong place to focu
> > > Blaming the browser and other client providers (OpenSSH, etc) for a
> > > problem that is 100% because the devices are now abandoned by the
> > > manufacturer is the wrong place to focus your anger. We have an
> > > enormous problem in the industry of crappy embedded devices (like the
Obvi
10 matches
Mail list logo
