Hello Colin, Hello Seth,
Seth that sounds great :-). I totally agree you.
Colin and that´s the same Problem we had on Scaleway, but I am sure that
we are finding a solution :-).
I would love to participate @ the discussion.
Have a nice day,
Eldin Hadzic
--
You received this bug notification
Thank you Colin, that's great news.
I think we should have a discussion about which algorithms to deprecate,
when, for the whole distribution. I'd like a consistent approach to when
we stop supporting md5/sha-1/rc4 etc. Of course different protocols may
have different threat models so it may not
Backporting algorithm tightening may make sense, but I don't want to end
up in a situation where users are trying to deal with interoperability
issues but none of the upstream docs make sense. If we're advocating
specific changes that upstream aren't currently already considering, we
should take
Hello Colin, Hello Seth,
thank you for your response. I completely understand the situation with
launchpad and Cisco Equipment :-).
I already know the page https://stribika.github.io/2015/01/04/secure-
secure-shell.html, but still thank you.
--
You received this bug notification because you
Just a note:
"I and @stribika have the same point of view
(https://stribika.github.io/2015/01/04/secure-secure-shell.html) [...]"
"I tend to agree with @aimxhaisse. Don't you think it would be
preferable to open a bug report on Ubuntu side
(https://bugs.launchpad.net/ubuntu/), see what they
Not yet. I'm actively working on the relevant bits of Launchpad
infrastructure, and will upgrade to OpenSSH 7.1p1 after that. I *don't*
intend to vary algorithm choices from upstream configuration, but 7.1 is
already a fair bit better.
--
You received this bug notification because you are a
Hello Eldin, you're right that it is time to begin migrating away from
SHA-1 in default OpenSSH configurations. However there is some
historical baggage in parts of the launchpad infrastructure that
prevented upgrading algorithms earlier. (Strictly speaking, the defaults
aren't tied to launchpad
** Information type changed from Private Security to Public Security
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1499392
Title:
OpenSSH Security and SHA1
Status in
8 matches
Mail list logo
