Date: Fri, 27 Sep 2024 00:25:36 +0200 From: Christian Weisgerber <naddy@mips.inka.de> To: Colin Percival <cperciva@tarsnap.com> Cc: Xin LI <delphij@gmail.com>, Dag-Erling =?iso-8859-1?Q?Sm=F8rgrav?= <des@freebsd.org>, Shawn Webb <shawn.webb@hardenedbsd.org>, freebsd-arch@freebsd.org, Li-Wen Hsu <lwhsu@freebsd.org>, Ronald Klop <ronald@freebsd.org> Subject: Re: Deprecating RSA ssh host keys in 16 Message-ID: <ZvXfYNumk62-o9OH@lorvorc.mips.inka.de> In-Reply-To: <010001922aec1a6b-133cecdd-1d83-43eb-aa46-a0eb25252ccd-000000@email.amazonses.com> References: <0100019225563885-e7f0aed8-cff8-4247-8bcd-861aed3e5cc7-000000@email.amazonses.com> <wzyhp2k7fyvg6qxrkrs32uweiuijpv7f6sjjt2yuonob7py3gj@7f7xdqj72erk> <0100019229c3e0d7-fd2e827b-6647-41a1-bc89-39367954f98c-000000@email.amazonses.com> <868qvfy7bt.fsf@ltc.des.dev> <CAGMYy3tzguXxQ_58YjOMju7xwUS=msLmW8_DajyfpnUatsq1=Q@mail.gmail.com> <010001922aec1a6b-133cecdd-1d83-43eb-aa46-a0eb25252ccd-000000@email.amazonses.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Colin Percival: > DSA host key generation was disabled in af8ee1391d08c (August 2016). If you > have DSA host keys I think they will get used, but we don't generate them by > default now. And that's going away, too. Starting with OpenSSH 9.8, DSA support is no longer compiled in by default, and "removing DSA support entirely is planned for the first OpenSSH release of 2025". -- Christian "naddy" Weisgerber naddy@mips.inka.de
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?ZvXfYNumk62-o9OH>