From owner-freebsd-security@freebsd.org Wed Feb 1 13:35:17 2017 Return-Path: Delivered-To: freebsd-security@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 42AE5CC2AE6 for ; Wed, 1 Feb 2017 13:35:17 +0000 (UTC) (envelope-from marquis@roble.com) Received: from mx5.roble.com (mx5.roble.com [206.40.34.5]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mx5.roble.com", Issuer "mx5.roble.com" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 3682331 for ; Wed, 1 Feb 2017 13:35:16 +0000 (UTC) (envelope-from marquis@roble.com) Received: from roble.com (roble.com [206.40.34.50]) by mx5.roble.com (Postfix) with ESMTP id 126272E980 for ; Wed, 1 Feb 2017 05:31:28 -0800 (PST) Date: Wed, 1 Feb 2017 05:31:28 -0800 (PST) From: Roger Marquis To: freebsd-security@freebsd.org Subject: Re: fbsd11 & sshv1 In-Reply-To: <20170131121248.GC74900@chujemuje> Message-ID: <1702010520560.39428@mx5.roble.com> References: <20170131121248.GC74900@chujemuje> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 01 Feb 2017 13:35:17 -0000 > I believe FreeBSD should just have a slave port with OpenSSH 7.4, used only > for SSHv1. People using such port should know the consequences of it. This could be a good candidate for a new ports category, /usr/ports/legacy If implemented there is a lot of code, in both ports and base, that should be relocated. (telnet, rsh/rlogin/rcp/..., nis/yp, rpc.*, cvs, games, ppp, sendmail, finger, ...) Roger