From owner-svn-src-head@freebsd.org  Sun Aug  7 23:33:21 2016
Return-Path: <owner-svn-src-head@freebsd.org>
Delivered-To: svn-src-head@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 1DCE6BB02E3
 for <svn-src-head@mailman.ysv.freebsd.org>;
 Sun,  7 Aug 2016 23:33:21 +0000 (UTC)
 (envelope-from mailing-machine@vniz.net)
Received: from mail-lf0-f41.google.com (mail-lf0-f41.google.com
 [209.85.215.41])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 880731600
 for <svn-src-head@freebsd.org>; Sun,  7 Aug 2016 23:33:20 +0000 (UTC)
 (envelope-from mailing-machine@vniz.net)
Received: by mail-lf0-f41.google.com with SMTP id l69so235917725lfg.1
 for <svn-src-head@freebsd.org>; Sun, 07 Aug 2016 16:33:19 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20130820;
 h=x-gm-message-state:subject:to:references:cc:from:message-id:date
 :user-agent:mime-version:in-reply-to;
 bh=AZ5PXyT1p63jShgDtmKkraWmoj2xPwBDY0VbjhQYKVo=;
 b=jXCzAo7fGjVM2whZx2yEQdGqvctqHfzyz3huCMhWuoKcQnq622gz/kY2ljdh9WVwXV
 TBiNSs1NqdyTpUf0kXYosn/ZkRDsbsg2/JY/2ko3Uj31RaNvHYMF2BXO/BjOO8QaTEuY
 YXvloY1uCcGLvJKgQ01fsPDSkvhPm8MiyFNoLHMQybYKB6VTT7aAmiWaGcgF+kduq7us
 FiYcPJz4Lcar/O1a0yJcrfAsB3R1912faVfjyHk+3HhnVCpRd8/vbY7q/dfQdDKZmzsg
 g6p6OOaTHp+bZiYeo4/G3qr+P5GlrI0JanRlYM+rM5L6ehDB7c0JafYCjNnI7U/vui1x
 cKXA==
X-Gm-Message-State: AEkoouu2ZvSD9Tm3TyNuZwEMEL62BusQEyfJ/Lgf+WwgImPUVqL7zJn4CJ68HQz/3WGb6A==
X-Received: by 10.25.27.70 with SMTP id b67mr23254245lfb.218.1470612798026;
 Sun, 07 Aug 2016 16:33:18 -0700 (PDT)
Received: from [192.168.1.2] ([89.169.173.68])
 by smtp.gmail.com with ESMTPSA id f40sm5218385lji.46.2016.08.07.16.33.16
 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
 Sun, 07 Aug 2016 16:33:17 -0700 (PDT)
Subject: Re: svn commit: r303716 - head/crypto/openssh
To: Xin Li <delphij@delphij.net>, Warner Losh <wlosh@bsdimp.com>
References: <201608031608.u73G8Mjq055909@repo.freebsd.org>
 <d419bddd-fe56-bc11-8965-142ca0b94ebc@fastmail.net>
 <9a01870a-d99d-13a2-54bd-01d32616263c@fastmail.net>
 <CAPQ4fftQ30_aqU8V_ea-WEKBdMZs5H9Rwxnfa0crid_df049nQ@mail.gmail.com>
 <b99c06ac-82d6-ccda-419c-2ece5be4636f@fastmail.net>
 <30e655d1-1df7-5e2a-fccb-269e3cea4684@freebsd.org>
 <20160807204039.GB79784@server.rulingia.com>
 <ab58ed22-7dd1-7b8d-fcc5-71def5936901@freebsd.org>
 <8371434C-86F6-4DCB-82D4-F236BBC2F9A2@bsdimp.com>
 <226b9a3c-8ca8-af31-7665-86d51365fc81@delphij.net>
 <dfe6ae36-c740-22e5-88cd-5396ea9d2960@freebsd.org>
Cc: d@delphij.net, Peter Jeremy <peter@rulingia.com>,
 Bruce Simpson <bms@fastmail.net>,
 Oliver Pinter <oliver.pinter@hardenedbsd.org>,
 =?UTF-8?Q?Dag-Erling_Sm=c3=b8rgrav?= <des@freebsd.org>,
 src-committers <src-committers@freebsd.org>, svn-src-all@freebsd.org,
 svn-src-head@freebsd.org, FreeBSD Security Team <secteam@freebsd.org>,
 FreeBSD Release Engineering Team <re@freebsd.org>
From: Andrey Chernov <ache@freebsd.org>
Message-ID: <3aad1c34-03a0-b97e-bb95-2bcbb5df2f9e@freebsd.org>
Date: Mon, 8 Aug 2016 02:33:16 +0300
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:45.0) Gecko/20100101
 Thunderbird/45.2.0
MIME-Version: 1.0
In-Reply-To: <dfe6ae36-c740-22e5-88cd-5396ea9d2960@freebsd.org>
Content-Type: multipart/signed; micalg=pgp-sha256;
 protocol="application/pgp-signature";
 boundary="hsFCEF5sKEnE0XlvMjMk68AlXd5sdtLag"
X-Mailman-Approved-At: Mon, 08 Aug 2016 05:05:45 +0000
X-BeenThere: svn-src-head@freebsd.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: SVN commit messages for the src tree for head/-current
 <svn-src-head.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-head/>
List-Post: <mailto:svn-src-head@freebsd.org>
List-Help: <mailto:svn-src-head-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 07 Aug 2016 23:33:21 -0000

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--hsFCEF5sKEnE0XlvMjMk68AlXd5sdtLag
Content-Type: multipart/mixed; boundary="n39Qpeuhu73MSasssDFSvkxCPpwEXot48"
From: Andrey Chernov <ache@freebsd.org>
To: Xin Li <delphij@delphij.net>, Warner Losh <wlosh@bsdimp.com>
Cc: d@delphij.net, Peter Jeremy <peter@rulingia.com>,
 Bruce Simpson <bms@fastmail.net>,
 Oliver Pinter <oliver.pinter@hardenedbsd.org>,
 =?UTF-8?Q?Dag-Erling_Sm=c3=b8rgrav?= <des@freebsd.org>,
 src-committers <src-committers@freebsd.org>, svn-src-all@freebsd.org,
 svn-src-head@freebsd.org, FreeBSD Security Team <secteam@freebsd.org>,
 FreeBSD Release Engineering Team <re@freebsd.org>
Message-ID: <3aad1c34-03a0-b97e-bb95-2bcbb5df2f9e@freebsd.org>
Subject: Re: svn commit: r303716 - head/crypto/openssh
References: <201608031608.u73G8Mjq055909@repo.freebsd.org>
 <d419bddd-fe56-bc11-8965-142ca0b94ebc@fastmail.net>
 <9a01870a-d99d-13a2-54bd-01d32616263c@fastmail.net>
 <CAPQ4fftQ30_aqU8V_ea-WEKBdMZs5H9Rwxnfa0crid_df049nQ@mail.gmail.com>
 <b99c06ac-82d6-ccda-419c-2ece5be4636f@fastmail.net>
 <30e655d1-1df7-5e2a-fccb-269e3cea4684@freebsd.org>
 <20160807204039.GB79784@server.rulingia.com>
 <ab58ed22-7dd1-7b8d-fcc5-71def5936901@freebsd.org>
 <8371434C-86F6-4DCB-82D4-F236BBC2F9A2@bsdimp.com>
 <226b9a3c-8ca8-af31-7665-86d51365fc81@delphij.net>
 <dfe6ae36-c740-22e5-88cd-5396ea9d2960@freebsd.org>
In-Reply-To: <dfe6ae36-c740-22e5-88cd-5396ea9d2960@freebsd.org>

--n39Qpeuhu73MSasssDFSvkxCPpwEXot48
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable

On 08.08.2016 2:01, Andrey Chernov wrote:
> On 08.08.2016 1:48, Xin Li wrote:
>> Well, despite the fact that I have to admit that I get locked out from=

>> my own storage box too, however (even without wearing any hat) I am fo=
r
>> the change and would blame myself for being lazy in adopting the chang=
e
>> when the upstream have announced it earlier about a year ago.
>>
>> Compatibility with legacy software/hardware, sure, but if we don't sto=
p
>> at some point, it would be like SSL 2.0 which people have pointed out
>> several flaws in 1995 and take 16 years to get deprecated and still bi=
te
>> people in 2014.
>>
>> We should do something like what OpenSSH have done by creating a page
>> describing the motivation, the impact, the temporary but discouraged
>> workaround, etc., and mention it in the release notes to prevent peopl=
e
>> from being bite.
>=20
> I agree. I am not seeking hardly, stopping after first solution, but at=

> least one workaround found: using security/putty port. It still support=
s
> all obsoleted stuff. One disadvantage: in terminal mode it requires X11=
=2E

Forgot to mention: openssh keys must be converted to putty keys format
first using puttygen.



--n39Qpeuhu73MSasssDFSvkxCPpwEXot48--

--hsFCEF5sKEnE0XlvMjMk68AlXd5sdtLag
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQEcBAEBCAAGBQJXp8U8AAoJEKUckv0MjfbKoZwH/RUDS43FOLZDwZfr9IXEa7Ou
cU1hysI/Z+9+nOL3RqKQvR1E1iQFWX9k1Qz41kHdq3Yqhtgj+VKy5VAZht8Trmte
3tABAfv3A6pQ/7zHE9H6cmU5ODpZeSSnV2dT72+hWUdRsxIQoBHr1RRwE7Wnwt85
vtNW4bjKJqrIG556o85KTtu2Uc53XUgATinEeQNPxwh01Yyi2xMPlk2oKFIgrsPI
31wIY1IU40MtHM6Ae4ajkJpNO1rAZU3EZmlf0WrHKOqUE/x7u+AOZXKSunHc3LFa
9uLsu3DGFXR0TItamWyGAEZ8SM4i1a8LdP5dyktcYsSv91MgcZ7f1ygeKwxkGsM=
=d9l6
-----END PGP SIGNATURE-----

--hsFCEF5sKEnE0XlvMjMk68AlXd5sdtLag--