On Thu, Jan 21, 2016 at 3:10 AM, Dag-Erling Smørgrav <d...@freebsd.org> wrote: > Author: des > Date: Thu Jan 21 11:10:14 2016 > New Revision: 294495 > URL: https://svnweb.freebsd.org/changeset/base/294495 > > Log: > Enable DSA keys by default. They were disabled in OpenSSH 6.9p1.
Are we going to maintain DSA key support after upstream deprecates it entirely? And why? """ Future Deprecation Notice ========================= The 7.0 release of OpenSSH, due for release in late July, will deprecate several features, some of which may affect compatibility or existing configurations. The intended changes are as follows: ... * Support for ssh-dss, ssh-dss-cert-* host and user keys will be run-time disabled by default. """ http://www.openssh.com/txt/release-6.9 "OpenSSH 7.0 and greater similarly disables the ssh-dss (DSA) public key algorithm. It too is weak and we recommend against its use." http://www.openssh.com/legacy.html Best, Conrad _______________________________________________ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
