[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Removing DSS and other unreasonable algorithms (Was: Missing signed-off for pkg chacha20 patches)
[Thread Prev] | [Thread Next]
- Subject: Re: Removing DSS and other unreasonable algorithms (Was: Missing signed-off for pkg chacha20 patches)
- From: Andreas Schneider <asn@xxxxxxxxxxxxxx>
- Reply-to: libssh@xxxxxxxxxx
- Date: Wed, 20 Jun 2018 15:12:10 +0200
- To: libssh@xxxxxxxxxx
On Tuesday, 19 June 2018 16:35:49 CEST Jakub Jelen wrote: > On Thu, 2018-06-14 at 16:03 +0200, Andreas Schneider wrote: > > [...] > > > > Looks like openssh removed support for ssh-dss. At least my openssh > > 7.7 > > doesn't know about it at all. > > The OpenSSH 7.7p1 still has the support for ssh-dss keys, but they are > disabled by default for any use, unless you enable them using > PubkeyAcceptedKeyTypes and friend configuration options. The reason why > it is still there is probably because the DSA keys are mandatory part > (REQUIRED) of RFC4253 (Section 6.6). > > > I would remove it from libssh after the release of 0.8 together with > > SSHv1 > > support. > > > > I think we can remove it from pkd already? Comments? > > Removing the ancient SSHv1, blowfish and other unreasonable algorithms > makes sense for me. SSHv1 will be removed, the algorithms will not be compiled in by default but still available. This should not affect connecting to RHEL5 as it support and uses rsa keys by default. Andreas -- Andreas Schneider GPG-ID: CC014E3D www.cryptomilk.org asn@xxxxxxxxxxxxxx
| Re: Removing DSS and other unreasonable algorithms (Was: Missing signed-off for pkg chacha20 patches) | Tilo Eckert <tilo.eckert@xxxxxxx> |
| Missing signed-off for pkg chacha20 patches | Andreas Schneider <asn@xxxxxxxxxxxxxx> |
| Re: Missing signed-off for pkg chacha20 patches | Andreas Schneider <asn@xxxxxxxxxxxxxx> |
| Removing DSS and other unreasonable algorithms (Was: Missing signed-off for pkg chacha20 patches) | Jakub Jelen <jjelen@xxxxxxxxxx> |