From owner-freebsd-security@freebsd.org  Tue Jan 31 12:13:03 2017
Return-Path: <owner-freebsd-security@freebsd.org>
Delivered-To: freebsd-security@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id D321ECC9984
 for <freebsd-security@mailman.ysv.freebsd.org>;
 Tue, 31 Jan 2017 12:13:03 +0000 (UTC)
 (envelope-from pkubaj@anongoth.pl)
Received: from mail.anongoth.pl (anongoth.pl [88.156.79.165])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "anongoth.pl", Issuer "Let's Encrypt Authority X3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 8BCE81571
 for <freebsd-security@freebsd.org>; Tue, 31 Jan 2017 12:13:02 +0000 (UTC)
 (envelope-from pkubaj@anongoth.pl)
Received: from mail.anongoth.pl (localhost [127.0.1.10])
 by mail.anongoth.pl (Postfix) with ESMTP id D90081FEE2
 for <freebsd-security@freebsd.org>; Tue, 31 Jan 2017 13:12:52 +0100 (CET)
X-Virus-Scanned: amavisd-new at anongoth.pl
Received: from mail.anongoth.pl ([127.0.1.10])
 by mail.anongoth.pl (anongoth.pl [127.0.1.10]) (amavisd-new, port 10024)
 with LMTP id 29PNFndsdRDg for <freebsd-security@freebsd.org>;
 Tue, 31 Jan 2017 13:12:49 +0100 (CET)
Received: from anongoth.pl (unknown [46.248.161.165])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 (Authenticated sender: pkubaj@anongoth.pl)
 by mail.anongoth.pl (Postfix) with ESMTPSA id 5ACCA1FED3
 for <freebsd-security@freebsd.org>; Tue, 31 Jan 2017 13:12:49 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=anongoth.pl;
 s=ANONGOTH; t=1485864769;
 bh=yEdKxYas30K78omwJf3/EvBYwmpy9lQ2XMn5mI+DZIo=;
 h=Date:From:To:Subject:References:In-Reply-To;
 b=bpBIGrxXTAcqQh2oPZ4pw6yN1hPjsSa7rcQfMdkvDWYsmy99QBO4wwQqzZ0bW6nSv
 2OpPAYdcOzCC2nyuJ954YSv7FNjVeNTKOZHVWseVAA8yq6gjfsLlS4O4YQnlE+NkVR
 J9Jd7fHNrkQLmF16QxziHg5dtuelXF1d4rkdbSnAWoUTsrTltKLdY95PvhWOMjXwlT
 pGY9H8GVIBTUSCftb/XM02h59GfDO32AIcV2mOSv9G20dbnbqZzDAut7BXYqkmyvLm
 DGxTT0NIC7TBPKqpl2XDmcIz6mArGPD2Pm1AijEjpl8gJrJd01AS541Uh/O2L7AhbR
 6VsNyy+4Pg7gw==
Date: Tue, 31 Jan 2017 13:12:48 +0100
From: Piotr Kubaj <pkubaj@anongoth.pl>
To: freebsd-security@freebsd.org
Subject: Re: fbsd11 & sshv1
Message-ID: <20170131121248.GC74900@chujemuje>
Mail-Followup-To: freebsd-security@freebsd.org
References: <mailman.55.1485864001.36850.freebsd-security@freebsd.org>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha512;
 protocol="application/pgp-signature"; boundary="EuxKj2iCbKjpUGkD"
Content-Disposition: inline
In-Reply-To: <mailman.55.1485864001.36850.freebsd-security@freebsd.org>
User-Agent: Mutt/1.7.2 (2016-11-26)
X-Mailman-Approved-At: Tue, 31 Jan 2017 13:25:12 +0000
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: "Security issues \[members-only posting\]"
 <freebsd-security.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-security>, 
 <mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security/>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
 <mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 31 Jan 2017 12:13:03 -0000


--EuxKj2iCbKjpUGkD
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline

I believe FreeBSD should just have a slave port with OpenSSH 7.4, used only for SSHv1. People using such port should know the consequences of it.

Debian does it too with https://packages.debian.org/stretch/openssh-client-ssh1

--EuxKj2iCbKjpUGkD
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEEycyIeNkkgohzsoorelmbhSCDnJ0FAliQf0AACgkQelmbhSCD
nJ2WRw/+O20z9mciHBsqCRaUGS0VM2u5IK0GpPQ8pdD18ddLUaZQnJ72MMtzXoTU
ChlEnYfi9k/4zdpi5xGkmDh74liW5desitaM8mkGVjduXHIifRIhiwXAB84bYclR
/mNkO8pX9H3QQOzdCG5Gw4hqX/GXoCLwd80KBGlhZExjjqBXuklOmH50G4PPfJFa
dpt5CHOI487eI6wWFz+Y9to+BEg1hqlBqKUjCv2ooVgKJj+9Sq1Y36KGF/aCZI5k
l2dy/Ecdx+34WBV+bwb9kTI043mCiZ3x6UwgMKa1AkoSWX2DKuenpL1sRTwBqMQj
nmabzFl/WrEOZ/tGd4DRlwIaefvvTAUV+jG2YDn8b/pYzBZd0DnSUkiOdkrO5pJE
vOhBfScNNMsoZkwShpWQ6yRTx1JK/p8obygOZkf4q38lwsFS4WXQF9xN9F6Ck9Ok
EKk0GYFkS+1LYD16RYp9BAQoWwtsuF8kovE708OeUXjMdTMMjuX5BW/fxKJRgWTd
SeH5lfa2HWsfuNsaPrwFBJu07rJB9Mqa71161k+cfzKRyr+15UAtaflw1Jf0I+t8
h8CqF2dyPDS9Xf2EAQERF7twuOsZd2JFjTXwBUypy0c/RmsQdsVEIdcqsl4yPkN1
oWa1frBFbeExUW1O3okESQ+p9OrJVn6YXMhBbOLucoYnvV7Ja/Q=
=9HGS
-----END PGP SIGNATURE-----

--EuxKj2iCbKjpUGkD--