* [PATCH] openssh: drop sshd support for DSA host keys @ 2018-05-25 22:07 Andre McCurdy 2018-06-04 19:18 ` Andre McCurdy 0 siblings, 1 reply; 4+ messages in thread From: Andre McCurdy @ 2018-05-25 22:07 UTC (permalink / raw) To: openembedded-core DSA keys have been deprecated for some time: https://www.gentoo.org/support/news-items/2015-08-13-openssh-weak-keys.html Signed-off-by: Andre McCurdy <armccurdy@gmail.com> --- meta/recipes-connectivity/openssh/openssh/sshd_check_keys | 8 -------- meta/recipes-connectivity/openssh/openssh/sshd_config | 1 - meta/recipes-connectivity/openssh/openssh_7.6p1.bb | 1 - 3 files changed, 10 deletions(-) diff --git a/meta/recipes-connectivity/openssh/openssh/sshd_check_keys b/meta/recipes-connectivity/openssh/openssh/sshd_check_keys index 5463b1a..be2e2ec 100644 --- a/meta/recipes-connectivity/openssh/openssh/sshd_check_keys +++ b/meta/recipes-connectivity/openssh/openssh/sshd_check_keys @@ -60,9 +60,6 @@ done HOST_KEY_RSA=$(grep ^HostKey "${sshd_config}" | grep _rsa_ | tail -1 | awk ' { print $2 } ') [ -z "${HOST_KEY_RSA}" ] && HOST_KEY_RSA=$(grep HostKey "${sshd_config}" | grep _rsa_ | tail -1 | awk ' { print $2 } ') [ -z "${HOST_KEY_RSA}" ] && HOST_KEY_RSA=$SYSCONFDIR/ssh_host_rsa_key -HOST_KEY_DSA=$(grep ^HostKey "${sshd_config}" | grep _dsa_ | tail -1 | awk ' { print $2 } ') -[ -z "${HOST_KEY_DSA}" ] && HOST_KEY_DSA=$(grep HostKey "${sshd_config}" | grep _dsa_ | tail -1 | awk ' { print $2 } ') -[ -z "${HOST_KEY_DSA}" ] && HOST_KEY_DSA=$SYSCONFDIR/ssh_host_dsa_key HOST_KEY_ECDSA=$(grep ^HostKey "${sshd_config}" | grep _ecdsa_ | tail -1 | awk ' { print $2 } ') [ -z "${HOST_KEY_ECDSA}" ] && HOST_KEY_ECDSA=$(grep HostKey "${sshd_config}" | grep _ecdsa_ | tail -1 | awk ' { print $2 } ') [ -z "${HOST_KEY_ECDSA}" ] && HOST_KEY_ECDSA=$SYSCONFDIR/ssh_host_ecdsa_key @@ -79,12 +76,7 @@ if [ ! -f $HOST_KEY_ECDSA ]; then echo " generating ssh ECDSA key..." generate_key $HOST_KEY_ECDSA ecdsa fi -if [ ! -f $HOST_KEY_DSA ]; then - echo " generating ssh DSA key..." - generate_key $HOST_KEY_DSA dsa -fi if [ ! -f $HOST_KEY_ED25519 ]; then echo " generating ssh ED25519 key..." generate_key $HOST_KEY_ED25519 ed25519 fi - diff --git a/meta/recipes-connectivity/openssh/openssh/sshd_config b/meta/recipes-connectivity/openssh/openssh/sshd_config index 31fe5d9..b7c3ccd 100644 --- a/meta/recipes-connectivity/openssh/openssh/sshd_config +++ b/meta/recipes-connectivity/openssh/openssh/sshd_config @@ -22,7 +22,6 @@ Protocol 2 #HostKey /etc/ssh/ssh_host_key # HostKeys for protocol version 2 #HostKey /etc/ssh/ssh_host_rsa_key -#HostKey /etc/ssh/ssh_host_dsa_key #HostKey /etc/ssh/ssh_host_ecdsa_key #HostKey /etc/ssh/ssh_host_ed25519_key diff --git a/meta/recipes-connectivity/openssh/openssh_7.6p1.bb b/meta/recipes-connectivity/openssh/openssh_7.6p1.bb index e11e8d7..a527a7c 100644 --- a/meta/recipes-connectivity/openssh/openssh_7.6p1.bb +++ b/meta/recipes-connectivity/openssh/openssh_7.6p1.bb @@ -110,7 +110,6 @@ do_install_append () { install -m 644 ${D}${sysconfdir}/ssh/sshd_config ${D}${sysconfdir}/ssh/sshd_config_readonly sed -i '/HostKey/d' ${D}${sysconfdir}/ssh/sshd_config_readonly echo "HostKey /var/run/ssh/ssh_host_rsa_key" >> ${D}${sysconfdir}/ssh/sshd_config_readonly - echo "HostKey /var/run/ssh/ssh_host_dsa_key" >> ${D}${sysconfdir}/ssh/sshd_config_readonly echo "HostKey /var/run/ssh/ssh_host_ecdsa_key" >> ${D}${sysconfdir}/ssh/sshd_config_readonly echo "HostKey /var/run/ssh/ssh_host_ed25519_key" >> ${D}${sysconfdir}/ssh/sshd_config_readonly -- 1.9.1 ^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH] openssh: drop sshd support for DSA host keys 2018-05-25 22:07 [PATCH] openssh: drop sshd support for DSA host keys Andre McCurdy @ 2018-06-04 19:18 ` Andre McCurdy 2018-06-04 22:25 ` Mark Hatle 0 siblings, 1 reply; 4+ messages in thread From: Andre McCurdy @ 2018-06-04 19:18 UTC (permalink / raw) To: OE Core mailing list On Fri, May 25, 2018 at 3:07 PM, Andre McCurdy <armccurdy@gmail.com> wrote: > DSA keys have been deprecated for some time: > > https://www.gentoo.org/support/news-items/2015-08-13-openssh-weak-keys.html Ping. Any issues with this? > Signed-off-by: Andre McCurdy <armccurdy@gmail.com> > --- > meta/recipes-connectivity/openssh/openssh/sshd_check_keys | 8 -------- > meta/recipes-connectivity/openssh/openssh/sshd_config | 1 - > meta/recipes-connectivity/openssh/openssh_7.6p1.bb | 1 - > 3 files changed, 10 deletions(-) > > diff --git a/meta/recipes-connectivity/openssh/openssh/sshd_check_keys b/meta/recipes-connectivity/openssh/openssh/sshd_check_keys > index 5463b1a..be2e2ec 100644 > --- a/meta/recipes-connectivity/openssh/openssh/sshd_check_keys > +++ b/meta/recipes-connectivity/openssh/openssh/sshd_check_keys > @@ -60,9 +60,6 @@ done > HOST_KEY_RSA=$(grep ^HostKey "${sshd_config}" | grep _rsa_ | tail -1 | awk ' { print $2 } ') > [ -z "${HOST_KEY_RSA}" ] && HOST_KEY_RSA=$(grep HostKey "${sshd_config}" | grep _rsa_ | tail -1 | awk ' { print $2 } ') > [ -z "${HOST_KEY_RSA}" ] && HOST_KEY_RSA=$SYSCONFDIR/ssh_host_rsa_key > -HOST_KEY_DSA=$(grep ^HostKey "${sshd_config}" | grep _dsa_ | tail -1 | awk ' { print $2 } ') > -[ -z "${HOST_KEY_DSA}" ] && HOST_KEY_DSA=$(grep HostKey "${sshd_config}" | grep _dsa_ | tail -1 | awk ' { print $2 } ') > -[ -z "${HOST_KEY_DSA}" ] && HOST_KEY_DSA=$SYSCONFDIR/ssh_host_dsa_key > HOST_KEY_ECDSA=$(grep ^HostKey "${sshd_config}" | grep _ecdsa_ | tail -1 | awk ' { print $2 } ') > [ -z "${HOST_KEY_ECDSA}" ] && HOST_KEY_ECDSA=$(grep HostKey "${sshd_config}" | grep _ecdsa_ | tail -1 | awk ' { print $2 } ') > [ -z "${HOST_KEY_ECDSA}" ] && HOST_KEY_ECDSA=$SYSCONFDIR/ssh_host_ecdsa_key > @@ -79,12 +76,7 @@ if [ ! -f $HOST_KEY_ECDSA ]; then > echo " generating ssh ECDSA key..." > generate_key $HOST_KEY_ECDSA ecdsa > fi > -if [ ! -f $HOST_KEY_DSA ]; then > - echo " generating ssh DSA key..." > - generate_key $HOST_KEY_DSA dsa > -fi > if [ ! -f $HOST_KEY_ED25519 ]; then > echo " generating ssh ED25519 key..." > generate_key $HOST_KEY_ED25519 ed25519 > fi > - > diff --git a/meta/recipes-connectivity/openssh/openssh/sshd_config b/meta/recipes-connectivity/openssh/openssh/sshd_config > index 31fe5d9..b7c3ccd 100644 > --- a/meta/recipes-connectivity/openssh/openssh/sshd_config > +++ b/meta/recipes-connectivity/openssh/openssh/sshd_config > @@ -22,7 +22,6 @@ Protocol 2 > #HostKey /etc/ssh/ssh_host_key > # HostKeys for protocol version 2 > #HostKey /etc/ssh/ssh_host_rsa_key > -#HostKey /etc/ssh/ssh_host_dsa_key > #HostKey /etc/ssh/ssh_host_ecdsa_key > #HostKey /etc/ssh/ssh_host_ed25519_key > > diff --git a/meta/recipes-connectivity/openssh/openssh_7.6p1.bb b/meta/recipes-connectivity/openssh/openssh_7.6p1.bb > index e11e8d7..a527a7c 100644 > --- a/meta/recipes-connectivity/openssh/openssh_7.6p1.bb > +++ b/meta/recipes-connectivity/openssh/openssh_7.6p1.bb > @@ -110,7 +110,6 @@ do_install_append () { > install -m 644 ${D}${sysconfdir}/ssh/sshd_config ${D}${sysconfdir}/ssh/sshd_config_readonly > sed -i '/HostKey/d' ${D}${sysconfdir}/ssh/sshd_config_readonly > echo "HostKey /var/run/ssh/ssh_host_rsa_key" >> ${D}${sysconfdir}/ssh/sshd_config_readonly > - echo "HostKey /var/run/ssh/ssh_host_dsa_key" >> ${D}${sysconfdir}/ssh/sshd_config_readonly > echo "HostKey /var/run/ssh/ssh_host_ecdsa_key" >> ${D}${sysconfdir}/ssh/sshd_config_readonly > echo "HostKey /var/run/ssh/ssh_host_ed25519_key" >> ${D}${sysconfdir}/ssh/sshd_config_readonly > > -- > 1.9.1 > ^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] openssh: drop sshd support for DSA host keys 2018-06-04 19:18 ` Andre McCurdy @ 2018-06-04 22:25 ` Mark Hatle 2018-06-04 23:22 ` Andre McCurdy 0 siblings, 1 reply; 4+ messages in thread From: Mark Hatle @ 2018-06-04 22:25 UTC (permalink / raw) To: Andre McCurdy, OE Core mailing list On 6/4/18 2:18 PM, Andre McCurdy wrote: > On Fri, May 25, 2018 at 3:07 PM, Andre McCurdy <armccurdy@gmail.com> wrote: >> DSA keys have been deprecated for some time: >> >> https://www.gentoo.org/support/news-items/2015-08-13-openssh-weak-keys.html > > Ping. > > Any issues with this? At Wind River we have a series of patches to disable weak-ciphers. We had globally disabled them a while back and found that a number of applications and customers still were using them for various things. Even though they were 'weak', they were still needed. See: https://github.com/WindRiver-OpenSourceLabs/wrlinux/tree/master-wr/wrlinux-distro/recipes-weak-ciphers If this work is something that should be submitted to oe-core/meta-openembedded and would be a candidate for merging, I'm all for it. My suggestion though would be to reverse the checks we have.. instead of a distro feature of 'openssl-no-weak-ciphers', make it 'allow-weak-ciphers', and disable them by default. A few things like Kerberos, freeradius and others require weak ciphers for some functions. So the corresponding patches for those would need to be developed. If this is something we want to do, then the OpenSSH change below could be switched into a PACKAGECONFIG option, and still allow people to define an insecure system -- if they need to... --Mark >> Signed-off-by: Andre McCurdy <armccurdy@gmail.com> >> --- >> meta/recipes-connectivity/openssh/openssh/sshd_check_keys | 8 -------- >> meta/recipes-connectivity/openssh/openssh/sshd_config | 1 - >> meta/recipes-connectivity/openssh/openssh_7.6p1.bb | 1 - >> 3 files changed, 10 deletions(-) >> >> diff --git a/meta/recipes-connectivity/openssh/openssh/sshd_check_keys b/meta/recipes-connectivity/openssh/openssh/sshd_check_keys >> index 5463b1a..be2e2ec 100644 >> --- a/meta/recipes-connectivity/openssh/openssh/sshd_check_keys >> +++ b/meta/recipes-connectivity/openssh/openssh/sshd_check_keys >> @@ -60,9 +60,6 @@ done >> HOST_KEY_RSA=$(grep ^HostKey "${sshd_config}" | grep _rsa_ | tail -1 | awk ' { print $2 } ') >> [ -z "${HOST_KEY_RSA}" ] && HOST_KEY_RSA=$(grep HostKey "${sshd_config}" | grep _rsa_ | tail -1 | awk ' { print $2 } ') >> [ -z "${HOST_KEY_RSA}" ] && HOST_KEY_RSA=$SYSCONFDIR/ssh_host_rsa_key >> -HOST_KEY_DSA=$(grep ^HostKey "${sshd_config}" | grep _dsa_ | tail -1 | awk ' { print $2 } ') >> -[ -z "${HOST_KEY_DSA}" ] && HOST_KEY_DSA=$(grep HostKey "${sshd_config}" | grep _dsa_ | tail -1 | awk ' { print $2 } ') >> -[ -z "${HOST_KEY_DSA}" ] && HOST_KEY_DSA=$SYSCONFDIR/ssh_host_dsa_key >> HOST_KEY_ECDSA=$(grep ^HostKey "${sshd_config}" | grep _ecdsa_ | tail -1 | awk ' { print $2 } ') >> [ -z "${HOST_KEY_ECDSA}" ] && HOST_KEY_ECDSA=$(grep HostKey "${sshd_config}" | grep _ecdsa_ | tail -1 | awk ' { print $2 } ') >> [ -z "${HOST_KEY_ECDSA}" ] && HOST_KEY_ECDSA=$SYSCONFDIR/ssh_host_ecdsa_key >> @@ -79,12 +76,7 @@ if [ ! -f $HOST_KEY_ECDSA ]; then >> echo " generating ssh ECDSA key..." >> generate_key $HOST_KEY_ECDSA ecdsa >> fi >> -if [ ! -f $HOST_KEY_DSA ]; then >> - echo " generating ssh DSA key..." >> - generate_key $HOST_KEY_DSA dsa >> -fi >> if [ ! -f $HOST_KEY_ED25519 ]; then >> echo " generating ssh ED25519 key..." >> generate_key $HOST_KEY_ED25519 ed25519 >> fi >> - >> diff --git a/meta/recipes-connectivity/openssh/openssh/sshd_config b/meta/recipes-connectivity/openssh/openssh/sshd_config >> index 31fe5d9..b7c3ccd 100644 >> --- a/meta/recipes-connectivity/openssh/openssh/sshd_config >> +++ b/meta/recipes-connectivity/openssh/openssh/sshd_config >> @@ -22,7 +22,6 @@ Protocol 2 >> #HostKey /etc/ssh/ssh_host_key >> # HostKeys for protocol version 2 >> #HostKey /etc/ssh/ssh_host_rsa_key >> -#HostKey /etc/ssh/ssh_host_dsa_key >> #HostKey /etc/ssh/ssh_host_ecdsa_key >> #HostKey /etc/ssh/ssh_host_ed25519_key >> >> diff --git a/meta/recipes-connectivity/openssh/openssh_7.6p1.bb b/meta/recipes-connectivity/openssh/openssh_7.6p1.bb >> index e11e8d7..a527a7c 100644 >> --- a/meta/recipes-connectivity/openssh/openssh_7.6p1.bb >> +++ b/meta/recipes-connectivity/openssh/openssh_7.6p1.bb >> @@ -110,7 +110,6 @@ do_install_append () { >> install -m 644 ${D}${sysconfdir}/ssh/sshd_config ${D}${sysconfdir}/ssh/sshd_config_readonly >> sed -i '/HostKey/d' ${D}${sysconfdir}/ssh/sshd_config_readonly >> echo "HostKey /var/run/ssh/ssh_host_rsa_key" >> ${D}${sysconfdir}/ssh/sshd_config_readonly >> - echo "HostKey /var/run/ssh/ssh_host_dsa_key" >> ${D}${sysconfdir}/ssh/sshd_config_readonly >> echo "HostKey /var/run/ssh/ssh_host_ecdsa_key" >> ${D}${sysconfdir}/ssh/sshd_config_readonly >> echo "HostKey /var/run/ssh/ssh_host_ed25519_key" >> ${D}${sysconfdir}/ssh/sshd_config_readonly >> >> -- >> 1.9.1 >> ^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] openssh: drop sshd support for DSA host keys 2018-06-04 22:25 ` Mark Hatle @ 2018-06-04 23:22 ` Andre McCurdy 0 siblings, 0 replies; 4+ messages in thread From: Andre McCurdy @ 2018-06-04 23:22 UTC (permalink / raw) To: Mark Hatle; +Cc: OE Core mailing list On Mon, Jun 4, 2018 at 3:25 PM, Mark Hatle <mark.hatle@windriver.com> wrote: > On 6/4/18 2:18 PM, Andre McCurdy wrote: >> On Fri, May 25, 2018 at 3:07 PM, Andre McCurdy <armccurdy@gmail.com> wrote: >>> DSA keys have been deprecated for some time: >>> >>> https://www.gentoo.org/support/news-items/2015-08-13-openssh-weak-keys.html >> >> Ping. >> >> Any issues with this? > > At Wind River we have a series of patches to disable weak-ciphers. We had > globally disabled them a while back and found that a number of applications and > customers still were using them for various things. > > Even though they were 'weak', they were still needed. > > See: > > https://github.com/WindRiver-OpenSourceLabs/wrlinux/tree/master-wr/wrlinux-distro/recipes-weak-ciphers Disabling weak ciphers in openssl and then fixing the fallout in *everything* that links with openssl is quite a different and more ambitious undertaking. For ssh host key formats, the only requirement is that host and client agree on at least one common format. RSA is the most common and well established so as long as we don't disable that, disabling support for less common or less secure formats is unlikely to cause any issues. Currently for the dropbear ssh server we ONLY enable RSA host keys and that seems to be working out fine. Having our openssh server drop support for DSA host keys seems like the right thing to do given potential security concerns and the fact that modern ssh clients (e.g. openssh after 7.0p1 from 2015) don't support them any more. > If this work is something that should be submitted to oe-core/meta-openembedded > and would be a candidate for merging, I'm all for it. > > My suggestion though would be to reverse the checks we have.. instead of a > distro feature of 'openssl-no-weak-ciphers', make it 'allow-weak-ciphers', and > disable them by default. > > A few things like Kerberos, freeradius and others require weak ciphers for some > functions. So the corresponding patches for those would need to be developed. > > If this is something we want to do, then the OpenSSH change below could be > switched into a PACKAGECONFIG option, and still allow people to define an > insecure system -- if they need to... > > --Mark > >>> Signed-off-by: Andre McCurdy <armccurdy@gmail.com> >>> --- >>> meta/recipes-connectivity/openssh/openssh/sshd_check_keys | 8 -------- >>> meta/recipes-connectivity/openssh/openssh/sshd_config | 1 - >>> meta/recipes-connectivity/openssh/openssh_7.6p1.bb | 1 - >>> 3 files changed, 10 deletions(-) >>> >>> diff --git a/meta/recipes-connectivity/openssh/openssh/sshd_check_keys b/meta/recipes-connectivity/openssh/openssh/sshd_check_keys >>> index 5463b1a..be2e2ec 100644 >>> --- a/meta/recipes-connectivity/openssh/openssh/sshd_check_keys >>> +++ b/meta/recipes-connectivity/openssh/openssh/sshd_check_keys >>> @@ -60,9 +60,6 @@ done >>> HOST_KEY_RSA=$(grep ^HostKey "${sshd_config}" | grep _rsa_ | tail -1 | awk ' { print $2 } ') >>> [ -z "${HOST_KEY_RSA}" ] && HOST_KEY_RSA=$(grep HostKey "${sshd_config}" | grep _rsa_ | tail -1 | awk ' { print $2 } ') >>> [ -z "${HOST_KEY_RSA}" ] && HOST_KEY_RSA=$SYSCONFDIR/ssh_host_rsa_key >>> -HOST_KEY_DSA=$(grep ^HostKey "${sshd_config}" | grep _dsa_ | tail -1 | awk ' { print $2 } ') >>> -[ -z "${HOST_KEY_DSA}" ] && HOST_KEY_DSA=$(grep HostKey "${sshd_config}" | grep _dsa_ | tail -1 | awk ' { print $2 } ') >>> -[ -z "${HOST_KEY_DSA}" ] && HOST_KEY_DSA=$SYSCONFDIR/ssh_host_dsa_key >>> HOST_KEY_ECDSA=$(grep ^HostKey "${sshd_config}" | grep _ecdsa_ | tail -1 | awk ' { print $2 } ') >>> [ -z "${HOST_KEY_ECDSA}" ] && HOST_KEY_ECDSA=$(grep HostKey "${sshd_config}" | grep _ecdsa_ | tail -1 | awk ' { print $2 } ') >>> [ -z "${HOST_KEY_ECDSA}" ] && HOST_KEY_ECDSA=$SYSCONFDIR/ssh_host_ecdsa_key >>> @@ -79,12 +76,7 @@ if [ ! -f $HOST_KEY_ECDSA ]; then >>> echo " generating ssh ECDSA key..." >>> generate_key $HOST_KEY_ECDSA ecdsa >>> fi >>> -if [ ! -f $HOST_KEY_DSA ]; then >>> - echo " generating ssh DSA key..." >>> - generate_key $HOST_KEY_DSA dsa >>> -fi >>> if [ ! -f $HOST_KEY_ED25519 ]; then >>> echo " generating ssh ED25519 key..." >>> generate_key $HOST_KEY_ED25519 ed25519 >>> fi >>> - >>> diff --git a/meta/recipes-connectivity/openssh/openssh/sshd_config b/meta/recipes-connectivity/openssh/openssh/sshd_config >>> index 31fe5d9..b7c3ccd 100644 >>> --- a/meta/recipes-connectivity/openssh/openssh/sshd_config >>> +++ b/meta/recipes-connectivity/openssh/openssh/sshd_config >>> @@ -22,7 +22,6 @@ Protocol 2 >>> #HostKey /etc/ssh/ssh_host_key >>> # HostKeys for protocol version 2 >>> #HostKey /etc/ssh/ssh_host_rsa_key >>> -#HostKey /etc/ssh/ssh_host_dsa_key >>> #HostKey /etc/ssh/ssh_host_ecdsa_key >>> #HostKey /etc/ssh/ssh_host_ed25519_key >>> >>> diff --git a/meta/recipes-connectivity/openssh/openssh_7.6p1.bb b/meta/recipes-connectivity/openssh/openssh_7.6p1.bb >>> index e11e8d7..a527a7c 100644 >>> --- a/meta/recipes-connectivity/openssh/openssh_7.6p1.bb >>> +++ b/meta/recipes-connectivity/openssh/openssh_7.6p1.bb >>> @@ -110,7 +110,6 @@ do_install_append () { >>> install -m 644 ${D}${sysconfdir}/ssh/sshd_config ${D}${sysconfdir}/ssh/sshd_config_readonly >>> sed -i '/HostKey/d' ${D}${sysconfdir}/ssh/sshd_config_readonly >>> echo "HostKey /var/run/ssh/ssh_host_rsa_key" >> ${D}${sysconfdir}/ssh/sshd_config_readonly >>> - echo "HostKey /var/run/ssh/ssh_host_dsa_key" >> ${D}${sysconfdir}/ssh/sshd_config_readonly >>> echo "HostKey /var/run/ssh/ssh_host_ecdsa_key" >> ${D}${sysconfdir}/ssh/sshd_config_readonly >>> echo "HostKey /var/run/ssh/ssh_host_ed25519_key" >> ${D}${sysconfdir}/ssh/sshd_config_readonly >>> >>> -- >>> 1.9.1 >>> > ^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2018-06-04 23:22 UTC | newest] Thread overview: 4+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2018-05-25 22:07 [PATCH] openssh: drop sshd support for DSA host keys Andre McCurdy 2018-06-04 19:18 ` Andre McCurdy 2018-06-04 22:25 ` Mark Hatle 2018-06-04 23:22 ` Andre McCurdy
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox