Date: Tue, 8 Oct 2024 00:36:45 +0000 From: Colin Percival <cperciva@tarsnap.com> To: Ed Maste <emaste@freebsd.org> Cc: freebsd-arch@freebsd.org, Li-Wen Hsu <lwhsu@freebsd.org>, Ronald Klop <ronald@freebsd.org> Subject: Re: Deprecating RSA ssh host keys in 16 Message-ID: <01000192698e97f0-0a1a42b2-41cb-4cd6-bd65-93a6b8dbf6fd-000000@email.amazonses.com> In-Reply-To: <CAPyFy2BC-r2bhSB4W84hJm4=wur5zrbD1emz8nHLcNMTcZ%2BrGg@mail.gmail.com> References: <0100019225563885-e7f0aed8-cff8-4247-8bcd-861aed3e5cc7-000000@email.amazonses.com> <CAPyFy2DgNNfrL-qPYSjeoyo7LErVU9AAhfc7EkFZiQp6Ykhq%2BQ@mail.gmail.com> <010001923494fd7e-4bc86dba-6c22-4367-b76d-de1799f18f80-000000@email.amazonses.com> <CAPyFy2BC-r2bhSB4W84hJm4=wur5zrbD1emz8nHLcNMTcZ%2BrGg@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 10/7/24 10:39, Ed Maste wrote: > On Fri, 27 Sept 2024 at 13:43, Colin Percival <cperciva@tarsnap.com> wrote: >> Wearing my EC2 maintainer hat: *In cloud environments* this is important >> enough to diverge from normal practice; but the first-boot-key-generation >> time is not relevant outside of clouds. > > We should probably make the same change to GCE, Azure, and Oracle > cloud images too, no? Probably yes. I was waiting a few weeks to make sure this didn't cause any problems in EC2 before I suggested making the change elsewhere. (Also, I have a policy of not touching non-EC2 cloud code simply because I have lots of Amazon NDAs and don't want to accidentally leak something. But there are other developers who can make this change.) Colin Percival
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?01000192698e97f0-0a1a42b2-41cb-4cd6-bd65-93a6b8dbf6fd-000000>